| |
| |||||||
Log-Analyse und Auswertung: Virenverseuchter LaptopWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.11.2014, 19:21
| #16 |
 |  Virenverseuchter LaptopCode:
ATTFilter # AdwCleaner v4.101 - Bericht erstellt am 16/11/2014 um 18:36:06
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-16.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : tine76 - TINE76-VAIO
# Gestartet von : C:\Users\tine76\Downloads\AdwCleaner_4.101.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : netfilter64
[#] Dienst Gelöscht : Scores
Dienst Gelöscht : vToolbarUpdater18.1.0
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\AVG Nation toolbar
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\torchcrashhandler
Ordner Gelöscht : C:\ProgramData\Uniblue
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Ordner Gelöscht : C:\Program Files (x86)\AVG Nation toolbar
Ordner Gelöscht : C:\Program Files (x86)\BabylonToolbar
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Delta
Ordner Gelöscht : C:\Program Files (x86)\Desk 365
Ordner Gelöscht : C:\Program Files (x86)\FindLyrics
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\pc speed up
Ordner Gelöscht : C:\Program Files (x86)\PepperZip
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\FileConverter_1.3
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Windows\Installer\{813BA625-B0FA-48D8-9B75-59759C88C219}
Ordner Gelöscht : C:\Program Files\002
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Program Files\Uninstaller
Ordner Gelöscht : C:\Users\Jugendliche\AppData\Local\AVG Nation toolbar
Ordner Gelöscht : C:\Users\Jugendliche\AppData\Local\iLivid
Ordner Gelöscht : C:\Users\Jugendliche\AppData\Local\torch
Ordner Gelöscht : C:\Users\Jugendliche\AppData\LocalLow\AVG Nation toolbar
Ordner Gelöscht : C:\Users\Jugendliche\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Jugendliche\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Jugendliche\AppData\LocalLow\FileConverter_1.3
Ordner Gelöscht : C:\Users\Jugendliche\AppData\Roaming\24x7 help
Ordner Gelöscht : C:\Users\Jugendliche\AppData\Roaming\Desk 365
Ordner Gelöscht : C:\Users\Jugendliche\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Jugendliche\AppData\Roaming\System Speedup
Ordner Gelöscht : C:\Users\Jugendliche\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Jugendliche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Ordner Gelöscht : C:\Users\tine76\Qtrax
Ordner Gelöscht : C:\Users\tine76\AppData\Local\AVG Nation toolbar
Ordner Gelöscht : C:\Users\tine76\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\tine76\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\tine76\AppData\Local\iLivid
Ordner Gelöscht : C:\Users\tine76\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\tine76\AppData\Local\NativeMessaging
Ordner Gelöscht : C:\Users\tine76\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\tine76\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\tine76\AppData\Local\Temp\mt_ffx
Ordner Gelöscht : C:\Users\tine76\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\tine76\AppData\LocalLow\AVG Nation toolbar
Ordner Gelöscht : C:\Users\tine76\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\tine76\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\BabylonToolbar
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\DataMgr
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\Fifth
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\Intermediate
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\SCheck
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\Snz
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\SSync
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax
Ordner Gelöscht : C:\Users\tine76\Documents\Mobogenie
Ordner Gelöscht : C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{42e0ced7-806f-4983-af54-92bdeefee519}
Ordner Gelöscht : C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Ordner Gelöscht : C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjpieepnfhpcpkjklohnpmmmmdhcbmd
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\score.exe
Datei Gelöscht : C:\Windows\System32\drivers\netfilter64.sys
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Jugendliche\daemonprocess.txt
Datei Gelöscht : C:\Users\Jugendliche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
Datei Gelöscht : C:\Users\Jugendliche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
Datei Gelöscht : C:\Users\Jugendliche\Desktop\Facebook.lnk
Datei Gelöscht : C:\Users\Jugendliche\Desktop\PepperZip.lnk
Datei Gelöscht : C:\Users\Jugendliche\Desktop\Youtube.lnk
Datei Gelöscht : C:\Users\tine76\daemonprocess.txt
Datei Gelöscht : C:\Users\tine76\AppData\Local\omesuperv.exe
Datei Gelöscht : C:\Users\tine76\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mobogenie.lnk
Datei Gelöscht : C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Datei Gelöscht : C:\Users\tine76\Desktop\Mobogenie.lnk
Datei Gelöscht : C:\Users\tine76\Desktop\PepperZip.lnk
Datei Gelöscht : C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\searchplugins\search.xml
Datei Gelöscht : C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_deutsch.babylon.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_microsoft-word.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
Datei Gelöscht : C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
***** [ Tasks ] *****
Task Gelöscht : Advanced System Protector_startup
Task Gelöscht : Fifth
Task Gelöscht : SaveSense
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gnfaiijpfcmdehcgcnnippmnhjjnbllp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\inemjdopipfdlbnbpjjnjkebpknphoba
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [InetStat]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Snoozer]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Schlüssel Gelöscht : HKCU\Software\MozillaPlugins\bebomedia.com/OfferMosquitoIEHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKCU\Software\5d0d8dbe16ae447
Schlüssel Gelöscht : HKLM\SOFTWARE\5d0d8dbe16ae447
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2625848
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\AVG Nation toolbar
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\PepperZip
Schlüssel Gelöscht : HKCU\Software\Popajar
Schlüssel Gelöscht : HKCU\Software\Protector
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Tutorials
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsFan
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Nation toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferMosquito
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Nation toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PepperZip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\526AB318AF0B8D84B9579557C9882C91
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\526AB318AF0B8D84B9579557C9882C91
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\216F88E93A00F2B5494EDDCFD502D42E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DA746012E6D4F488AAD113D6FA4A44
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B417119DEEF2AE52B41C910B4B269FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82306010F2A8A02519C2D6D1A4B48415
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF767AE36C8829547ACD71A4249A42B9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9A2A2663AD8ED75E83332ACA3689A31
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDCBFFB76F9A2B15D9A475A10FA793A6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\526AB318AF0B8D84B9579557C9882C91
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17420
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v33.1 (x86 de)
[yht1hjyq.default\prefs.js] - Zeile gelöscht : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
[yht1hjyq.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "Web Search");
[yht1hjyq.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
[yht1hjyq.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.co[...]
[yht1hjyq.default\prefs.js] - Zeile gelöscht : user_pref("extensions.aba9147e3ae8c4ced9c9a240425bd7d8e6ddffb66c97442d787529e6a4ec073b0com58360.58360.cookie.previous_page.value", "%22hxxp%3A//www.search.smartshopping.com/websearch1.php%3Fkeywords%3[...]
[yht1hjyq.default\prefs.js] - Zeile gelöscht : user_pref("extensions.aba9147e3ae8c4ced9c9a240425bd7d8e6ddffb66c97442d787529e6a4ec073b0com58360.58360.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.c[...]
[yht1hjyq.default\prefs.js] - Zeile gelöscht : user_pref("extensions.aba9147e3ae8c4ced9c9a240425bd7d8e6ddffb66c97442d787529e6a4ec073b0com58360.58360.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.comgoogle\\.\\w+yahoo\\.\\w+gmail\\.\\w+hotmail\\.\\w+live\\.\\w+isearch\\.avg\\.commysearch\\.avg\\.com");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://start.iminent.com/?ref=NewTab&appId=42413A10-5C5B-490B-AF47-E651A608B671");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.fbdownloader.com/search.php?channel=de&q=");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.fbdownloader.com/?channel=de");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.co[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.aba9147e3ae8c4ced9c9a240425bd7d8e6ddffb66c97442d787529e6a4ec073b0com58360.58360.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.c[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.aba9147e3ae8c4ced9c9a240425bd7d8e6ddffb66c97442d787529e6a4ec073b0com58360.58360.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.crossrider.bic", "146ab82c5059a0318126684ce75f7175");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.admin", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.bbDpng", "14");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.cntry", "DE");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "C6A83420AC830F7AB43E54D33B0DB184");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.id", "6662ef86000000000000b639e59a03a5");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.instlDay", "15853");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.21.518:43:32");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.newTab", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.sg", "azb");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.smplGrp", "azb");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.518:43:32");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121529&tt=gc_");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.backPageCounter", 0);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.backPageDay", 14);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1415796294277");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.barcodeid", "134622");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "ry_7302_ch");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"browse-search.com\\\"],\\\"hxxpInjection\\\":\\\"hxxp:\\\\\\/\\\\\\/linurytestwesteurope.blob.core.windows.net[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.fromautoupdate", "false");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.installationid", "35035ab5-e92b-7c80-b5b1-23f1b9013944");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.installdate", "16/07/2014");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1415969070");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1415969360176");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.publisher", "shoppinghelper");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.admin", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.cntry", "DE");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.hdrMd5", "ED4008C14E33749D75BE0368E1D5A0F5");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.id", "6662ef86000000000000b639e59a03a5");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16141");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.lastVrsnTs", "1.8.28.39:05:48");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.sg", "none");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.28.3");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.28.39:05:48");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.28.3");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.affiliate_id", "6447");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.firstrun", "false");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.log_send_info", "false");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(\\\\\\/ig\\\\\\/firefox)\",\"[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.no_trace", "false");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.amazon_product.priam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam'[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.amazon_v2.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';wind[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.trace_log", "1369759492532 - processInstallationUpgrade - version set to : 1.26\n1369759492532 - processBrowserLoad - Bad mappingListJsonString: null\n1369759493366 - onFla[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.unique_id", "DCF5B5DACD661242AC0D78E1B319EA99");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.user_current_mapping_version", "0");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.version", "1.26");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.website_version", "1.00280.0");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.LayoutId", "1");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.adapters", "{\"107\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":2,\"AdapterKey\":\"default_adapter\",\"v\":true,\"p\":0,\"t\":1,\"th\":0.275,\"expireTime\":\"139516536023786[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.enabledAds", "obsolete");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"queryStri[...]
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.newtabredirect", "true");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.nomsi", "true");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1415969551328");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.searchindex", "1");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.version", "8.25.2.1");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.10.2.1\",\"InstallEventCTime\":1403037336516,\"InstallEvent\":\"True\",\"UpdateEventCTime\":1415981336715}");
[6rck7b8u.default\prefs.js] - Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.fbdownloader.com/search.php?channel=de&q=");
-\\ Google Chrome v38.0.2125.111
[C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0103&cd=2XzuyEtN2Y1L1Qzu0ByCtAzy0EyDzy0AtDtA0AyD0E0FzzyCtN0D0Tzu0CyByDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1593408739&ir=
[C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=422&systemid=406&v=n11465-256&apn_uid=1678395371234313&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=42413A10-5C5B-490B-AF47-E651A608B671&ref=toolbox&q={searchTerms}
[C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=42413A10-5C5B-490B-AF47-E651A608B671&ref=toolbox&q={searchTerms}
[C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.fbdownloader.com/search.php?channel=de&q={searchTerms}
[C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=dspp&ts=1415979618&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1&q={searchTerms}
[C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp
[C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
[C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : plmlpkfpkijnlijgalnjaacllnjmoamo
[C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : pmgkeimkiojpjcoiiipekfjaopchhjga
[C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : ofjpieepnfhpcpkjklohnpmmmmdhcbmd
-\\ Opera v0.0.0.0
[C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0103&cd=2XzuyEtN2Y1L1Qzu0ByCtAzy0EyDzy0AtDtA0AyD0E0FzzyCtN0D0Tzu0CyByDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1593408739&ir=
[C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=422&systemid=406&v=n11465-256&apn_uid=1678395371234313&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=42413A10-5C5B-490B-AF47-E651A608B671&ref=toolbox&q={searchTerms}
[C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=42413A10-5C5B-490B-AF47-E651A608B671&ref=toolbox&q={searchTerms}
[C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.fbdownloader.com/search.php?channel=de&q={searchTerms}
[C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=dspp&ts=1415979618&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1&q={searchTerms}
*************************
AdwCleaner[R0].txt - [45918 octets] - [16/11/2014 18:19:34]
AdwCleaner[S0].txt - [46655 octets] - [16/11/2014 18:36:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [46716 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by tine76 on 16.11.2014 at 19:03:33,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\software informer
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\tine76\AppData\Roaming\software informer"
Successfully deleted: [Folder] "C:\Users\tine76\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\tine76\appdata\local\{185CB3B1-6C8E-41AA-BA35-6F650A19E51F}
Successfully deleted: [Empty Folder] C:\Users\tine76\appdata\local\{1BC68D6F-67EA-4A2A-9D47-0617050E9222}
Successfully deleted: [Empty Folder] C:\Users\tine76\appdata\local\{A41250C1-D2CC-46C4-896B-33E3FDA96C91}
~~~ FireFox
Successfully deleted the following from C:\Users\tine76\AppData\Roaming\mozilla\firefox\profiles\6rck7b8u.default\prefs.js
user_pref("avg.install.extHomepage", "hxxp://avg.nation.com?pid=nation&sg=0&cid=%7B95fd08aa-3b0c-49c1-a59b-c2ed18ada234%7D&mid=a81c04f057b847d081154570a37eea55-bc73e27ec4f4529
user_pref("avg.install.userHPSettings", "hxxp://avg.nation.com?pid=nation&sg=0&cid=%7B95fd08aa-3b0c-49c1-a59b-c2ed18ada234%7D&mid=a81c04f057b847d081154570a37eea55-bc73e27ec4f4
user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM
Emptied folder: C:\Users\tine76\AppData\Roaming\mozilla\firefox\profiles\6rck7b8u.default\minidumps [1 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\tine76\appdata\local\Google\Chrome\User Data\Default\Extensions\hggpkhijoeadmdfmlbdepfbngmhaldci
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.11.2014 at 19:10:40,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 02 Ran by tine76 (administrator) on TINE76-VAIO on 16-11-2014 19:16:13 Running from C:\Users\tine76\Downloads Loaded Profiles: tine76 & Jugendliche (Available profiles: tine76 & Jugendliche) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (CANON INC.) C:\Windows\System32\CNAB4RPD.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\MountPoints2: {a28a89f0-634d-11e2-a2c5-9439e59a03a6} - E:\Startme.exe HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Run: [Google Update] => C:\Users\Jugendliche\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-25] (Google Inc.) HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Run: [iLivid] => "C:\Users\Jugendliche\AppData\Local\iLivid\iLivid.exe" -autorun HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) GroupPolicyUsers\S-1-5-21-1990863777-1001858336-1583621791-1003\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:49708;https=127.0.0.1:49708 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003 -> No Name - {D1121FE0-0145-44C9-AA35-72071AC20A9B} - No File Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 FireFox: ======== FF ProfilePath: C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default FF DefaultSearchEngine: AVG Nation Search FF SelectedSearchEngine: AVG Nation Search FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\tine76\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1000: @tools.google.com/Google Update;version=3 -> C:\Users\tine76\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1000: @tools.google.com/Google Update;version=9 -> C:\Users\tine76\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jugendliche\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml FF Extension: Snap.Do - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944} [2014-11-14] FF Extension: Adblock Plus - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-14] Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll () CHR Plugin: (McAfee SiteAdvisor) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.1_0\McChPlg.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File CHR Profile: C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-05] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed] S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed] S4 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed] S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed] S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation) S4 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.) S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-16] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-16 19:16 - 2014-11-16 19:16 - 00000000 ____D () C:\Users\tine76\Downloads\FRST-OlderVersion 2014-11-16 19:10 - 2014-11-16 19:10 - 00002173 _____ () C:\Users\tine76\Desktop\JRT.txt 2014-11-16 19:03 - 2014-11-16 19:03 - 00000000 ____D () C:\Windows\ERUNT 2014-11-16 18:17 - 2014-11-16 18:17 - 00001236 _____ () C:\Users\tine76\Desktop\AdwCleaner_4.101 - Verknüpfung.lnk 2014-11-16 18:15 - 2014-11-16 18:15 - 00001109 _____ () C:\Users\tine76\Desktop\JRT - Verknüpfung.lnk 2014-11-16 18:09 - 2014-11-16 18:09 - 01707532 _____ (Thisisu) C:\Users\tine76\Downloads\JRT.exe 2014-11-16 18:08 - 2014-11-16 18:08 - 00000705 _____ () C:\Users\tine76\Desktop\AdwCleaner - Verknüpfung.lnk 2014-11-16 18:07 - 2014-11-16 18:37 - 00000000 ____D () C:\AdwCleaner 2014-11-16 18:06 - 2014-11-16 18:06 - 02140160 _____ () C:\Users\tine76\Downloads\AdwCleaner_4.101.exe 2014-11-16 08:52 - 2014-11-16 09:01 - 00000049 _____ () C:\Users\tine76\Desktop\mbam.txt 2014-11-16 08:48 - 2014-11-16 08:48 - 00000000 __SHD () C:\Users\tine76\AppData\Local\EmieBrowserModeList 2014-11-15 01:41 - 2014-11-15 01:41 - 00001300 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-11-15 01:41 - 2014-11-15 01:41 - 00001288 _____ () C:\Users\Public\Desktop\paint.net.lnk 2014-11-15 01:41 - 2014-11-15 01:41 - 00000000 ____D () C:\Program Files\paint.net 2014-11-15 01:40 - 2014-11-15 01:44 - 00000000 ____D () C:\Users\tine76\AppData\Local\paint.net 2014-11-15 01:39 - 2014-11-15 01:46 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-11-15 01:39 - 2014-11-15 01:39 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\Opera Software 2014-11-15 01:39 - 2014-11-15 01:39 - 00000000 ____D () C:\Users\tine76\AppData\Local\Opera Software 2014-11-15 01:39 - 2014-11-15 01:38 - 06299376 _____ () C:\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager [1].exe 2014-11-15 01:38 - 2014-11-15 01:38 - 00845088 _____ ( ) C:\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager.exe 2014-11-14 18:23 - 2014-11-14 18:24 - 00011836 _____ () C:\Users\tine76\Desktop\Neues Textdokument.txt 2014-11-14 17:57 - 2014-11-14 17:57 - 00011836 _____ () C:\mbam.txt 2014-11-14 17:14 - 2014-11-16 18:58 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-14 17:13 - 2014-11-14 17:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-11-14 17:13 - 2014-11-14 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-14 17:13 - 2014-11-14 17:13 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-14 17:13 - 2014-11-14 17:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-11-14 17:13 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-14 17:13 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-14 17:13 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-14 17:11 - 2014-11-14 17:12 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\tine76\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-14 16:59 - 2014-11-14 16:59 - 00001144 _____ () C:\Users\tine76\Desktop\FRST64 - Verknüpfung.lnk 2014-11-14 15:25 - 2014-11-14 15:38 - 00059087 _____ () C:\Users\tine76\Downloads\Addition.txt 2014-11-14 15:23 - 2014-11-16 19:16 - 00018192 _____ () C:\Users\tine76\Downloads\FRST.txt 2014-11-14 15:23 - 2014-11-16 19:16 - 00000000 ____D () C:\FRST 2014-11-14 15:22 - 2014-11-16 19:16 - 02117120 _____ (Farbar) C:\Users\tine76\Downloads\FRST64.exe 2014-11-14 14:33 - 2014-11-14 14:33 - 00000000 ____D () C:\Users\tine76\AppData\Local\Macromedia 2014-11-14 14:32 - 2014-11-16 18:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-14 14:32 - 2014-11-14 14:32 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-14 14:23 - 2014-11-14 14:23 - 00000000 __SHD () C:\found.001 2014-11-14 14:10 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-14 14:10 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-14 14:10 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-14 14:10 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-14 14:10 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-14 14:10 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-14 14:10 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-14 14:10 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-14 14:10 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-14 14:10 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-14 14:10 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-14 14:10 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-14 14:10 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-14 14:10 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-14 14:10 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-14 14:10 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-14 14:10 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-14 14:10 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-14 14:10 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-14 14:10 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-14 14:10 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-14 14:10 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-14 14:10 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-14 14:10 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-14 14:10 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-14 14:10 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-14 14:10 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-14 14:10 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-14 14:10 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-14 14:10 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-14 14:10 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-14 14:10 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-14 14:10 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-14 14:10 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-14 14:10 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-14 14:10 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-14 14:10 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-14 14:10 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-14 14:10 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-14 14:10 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-14 14:10 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-14 14:10 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-14 14:10 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-14 14:10 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-14 14:10 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-14 14:10 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-14 14:10 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-14 14:10 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-14 14:10 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-14 14:10 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-14 14:10 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-14 14:10 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-14 14:10 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-14 14:10 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-14 14:10 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-14 14:09 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-14 14:09 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-14 14:09 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-14 14:09 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-14 14:09 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-14 14:09 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-14 14:09 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-14 14:09 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-14 14:09 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-14 14:09 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-14 14:09 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-14 14:08 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-14 14:08 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-14 14:08 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-14 14:08 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-14 14:04 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-14 14:04 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-14 14:04 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-14 14:04 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-14 14:03 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-14 14:03 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-14 14:03 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-14 14:03 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-14 14:03 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-14 14:03 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-14 14:03 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-14 14:03 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-14 14:03 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-14 14:03 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-14 14:03 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-14 14:03 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-14 14:03 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-14 14:02 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-14 14:02 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-01 18:12 - 2014-11-16 18:39 - 00065536 _____ () C:\Windows\system32\Ikeext.etl ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-16 18:59 - 2014-05-15 13:14 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\DropboxMaster 2014-11-16 18:59 - 2013-02-10 22:37 - 00000000 ___RD () C:\Users\tine76\Dropbox 2014-11-16 18:59 - 2013-02-10 22:35 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\Dropbox 2014-11-16 18:58 - 2013-12-07 17:19 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-16 18:49 - 2013-12-07 17:19 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-16 18:47 - 2014-01-18 13:24 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003UA.job 2014-11-16 18:46 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-16 18:46 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-16 18:45 - 2012-12-06 17:42 - 01354265 _____ () C:\Windows\WindowsUpdate.log 2014-11-16 18:45 - 2011-09-03 11:08 - 00700118 _____ () C:\Windows\system32\perfh007.dat 2014-11-16 18:45 - 2011-09-03 11:08 - 00149968 _____ () C:\Windows\system32\perfc007.dat 2014-11-16 18:45 - 2009-07-14 06:13 - 01622228 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-16 18:39 - 2013-11-11 09:14 - 00096958 _____ () C:\Windows\setupact.log 2014-11-16 18:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-16 18:38 - 2013-11-11 09:14 - 01986066 _____ () C:\Windows\PFRO.log 2014-11-16 18:37 - 2014-07-16 19:25 - 00001104 _____ () C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-11-16 18:37 - 2014-03-12 09:17 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\Common 2014-11-16 18:37 - 2013-06-14 17:15 - 00000000 ____D () C:\Users\Jugendliche 2014-11-16 18:37 - 2011-11-24 16:56 - 00000000 ____D () C:\Users\tine76 2014-11-16 08:44 - 2013-12-07 17:19 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-16 08:44 - 2013-12-07 17:19 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-15 21:13 - 2011-11-24 16:58 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5B5EFC5C-CFD1-4F85-A4D0-78B4F8EC748B} 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2014-11-15 11:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-11-15 07:23 - 2009-07-14 05:45 - 00293448 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-15 07:21 - 2014-05-07 06:43 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-15 02:09 - 2013-07-29 10:25 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-15 02:09 - 2011-11-25 16:10 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-15 01:46 - 2011-11-24 16:57 - 00001425 _____ () C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-11-14 18:06 - 2013-05-28 17:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-14 18:06 - 2013-02-21 17:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-14 18:02 - 2011-09-03 01:42 - 00000000 ____D () C:\Windows\hu 2014-11-14 18:01 - 2014-03-12 09:05 - 09894651 _____ () C:\Windows\system32\SavingsBullFilterService.log 2014-11-14 17:58 - 2013-08-15 17:09 - 00000000 ___HD () C:\Users\tine76\AppData\Roaming\Yyyyf 2014-11-14 14:44 - 2014-01-27 15:09 - 00003316 _____ () C:\Windows\System32\Tasks\SoftwareInformerService 2014-11-14 14:43 - 2014-01-27 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer 2014-11-14 14:43 - 2014-01-27 15:09 - 00000000 ____D () C:\Program Files\Software Informer 2014-11-14 14:32 - 2013-05-14 21:25 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-14 14:32 - 2011-12-01 23:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-14 13:36 - 2014-08-15 21:31 - 00184800 _____ () C:\Windows\SysWOW64\XMLOperations.xml 2014-11-14 12:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-11-11 16:21 - 2013-06-15 19:37 - 00000000 ____D () C:\Users\Jugendliche\AppData\Local\CrashDumps 2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-11-01 13:52 - 2014-01-26 17:14 - 00000315 _____ () C:\Users\Jugendliche\AppData\Roaming\WB.CFG 2014-10-29 17:15 - 2014-08-19 15:01 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-26 15:42 - 2014-01-18 13:24 - 00004126 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003UA 2014-10-26 15:42 - 2014-01-18 13:24 - 00003730 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003Core 2014-10-26 15:42 - 2014-01-18 13:24 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003Core.job Some content of TEMP: ==================== C:\Users\tine76\AppData\Local\Temp\6_Offer_14.exe C:\Users\tine76\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps1dxby.dll C:\Users\tine76\AppData\Local\Temp\InstallerLibrary.dll C:\Users\tine76\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\tine76\AppData\Local\Temp\ms.exe C:\Users\tine76\AppData\Local\Temp\Quarantine.exe C:\Users\tine76\AppData\Local\Temp\setup_297.exe C:\Users\tine76\AppData\Local\Temp\sqlite3.dll C:\Users\tine76\AppData\Local\Temp\tbDVD0.dll C:\Users\tine76\AppData\Local\Temp\tmpD217.tmp.exe C:\Users\tine76\AppData\Local\Temp\uninst1.exe C:\Users\tine76\AppData\Local\Temp\ValidationScriptLibrary.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-15 10:32 ==================== End Of Log ============================ --- --- --- |
|
16.11.2014, 19:22
| #17 |
| | Virenverseuchter LaptopCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-11-2014 02
Ran by tine76 at 2014-11-16 19:17:11
Running from C:\Users\tine76\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{8A5F5F0A-BE2D-4763-B764-BF6EFE93A68B}) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft Panorama Maker 5 (HKLM-x32\...\{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}) (Version: 5.0.1.71 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.444 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Birdie Shoot 2 (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Birdie Shoot 2) (Version: - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowserSafeguard with RocketTab (HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\BrowserSafeguard) (Version: - BrowserSafeguard with RocketTab) <==== ATTENTION
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Chrome (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Google Chrome) (Version: 30.0.1599.101 - Google Inc.)
Google Chrome (HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{4F2EAFFD-6D9A-3804-A77B-5A450D3201F6}) (Version: 65.107.16494 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{7FCDABCC-1A1E-4D61-909D-BA9495172774}) (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kabel Deutschland Installations-Software (x32 Version: 3.6.0.0 - Kabel Deutschland Vertrieb und Services GmbH) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
Media Go Video Playback Engine 1.116.109.02030 (HKLM-x32\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.109.02030 - Sony)
melondrea (HKLM\...\melondrea) (Version: 2014.03.11.234342 - melondrea) <==== ATTENTION
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery of Montezuma (HKLM-x32\...\Mystery of Montezuma/DE-German_is1) (Version: - City Interactive)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qtrax Player (HKLM-x32\...\{89505A66-35F0-4401-B3AD-D077051F8698}) (Version: 01.001.0001 - Qtrax)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Shopping Helper Smartbar Engine (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\{615dd206-11d9-4db4-9f07-0f3815ba4a33}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smileys We Love Toolbar for IE (HKLM-x32\...\{5D57E386-D294-41BA-9146-FADE0C76EB2A}) (Version: 3.0.27 - SqueekyChocolate, LLC) <==== ATTENTION
Software Informer 1.4.1181.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.155 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Torch (HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Torch) (Version: 29.0.0.5516 - Torch Media, Inc) <==== ATTENTION
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version: - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.0.08120 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.1.1.10250 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Essentials Media Codec Pack 4.7 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.7 - Media Codec)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
16-10-2014 08:52:38 Windows Update
21-10-2014 14:14:31 Windows Update
24-10-2014 09:46:55 Windows Update
28-10-2014 15:44:22 Windows Update
14-11-2014 12:58:13 Windows Update
15-11-2014 00:40:58 paint.net v4.0.3
15-11-2014 01:07:27 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-05-17 20:00 - 00000867 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 d3oxij66pru1i3.cloudfront.net
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0553E178-CF55-460F-8CAD-A14018F6A8B7} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music tine76 => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2011-02-08] (Sony Corporation)
Task: {0B86F7DD-C20C-4184-8428-B67E1980457E} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2011-02-23] (Sony Corporation)
Task: {0EB9BD7F-3F68-4B46-9A65-DF3028A65BF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {179191A5-72FB-4888-A710-F867B782F0FA} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {29264509-F668-48DF-9A09-AB1DE1306D9D} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {30820A8B-2317-4240-98C8-9D398B53A5F9} - System32\Tasks\{58907B18-0306-4AFB-AEC2-7B096CB49CBB} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.16.60.105/de/abandoninstall?page=tsProgressBar
Task: {401EBAD0-D825-40C9-B165-5674778C0875} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003Core => C:\Users\Jugendliche\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25] (Google Inc.)
Task: {431283F6-23B9-48FD-821F-90E242FF2A97} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {4E09374C-BD7F-41E8-BF37-BB45C1B6F4E7} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {4EA2CB53-97C8-418A-BFA8-66D13490E5D7} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {681A2D8C-1CCD-4BFE-8A23-6617A506BA62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {73E96954-D702-4DDE-B87E-B9A5DF1B9F14} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)
Task: {9A7E1A99-AAED-48A3-A3BF-7BEC0224B87A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)
Task: {9D44DA35-689E-4C5A-9A42-2283BAF47CA4} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {A028EE60-0D40-4198-87FD-A7980DC39C12} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A4C2D76D-6868-42F3-98A2-0B19EF2F4512} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {C3DBE868-C061-4A52-B113-BA2262D1995D} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {C9169936-B1AB-4543-8556-FE276C5A517B} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-11-06] (Informer Technologies, Inc.)
Task: {DAFCB11B-A1F4-49DF-BA63-4326E78B4DA8} - System32\Tasks\{BA04E57D-0386-488D-BD1C-55475EB13C58} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.16.60.105/de/abandoninstall?page=tsProgressBar
Task: {E3301374-DD1F-41D6-8C6A-554F73980B0F} - System32\Tasks\{F0DAD20A-F8DC-4BE7-855F-FE019ECD28B8} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.16.60.105/de/abandoninstall?page=tsProgressBar
Task: {E368A6AF-CEC8-4145-93E8-532B2E31B810} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003UA => C:\Users\Jugendliche\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25] (Google Inc.)
Task: {E4FAA6C4-1A96-4241-91BE-9F12CAE1B75D} - System32\Tasks\SONY\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {E83E7AAE-8CAF-4E9F-A398-1C6AB443032F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-14] (Adobe Systems Incorporated)
Task: {EBEF0FCD-05D1-4701-9258-B0D65AC83602} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003Core.job => C:\Users\Jugendliche\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003UA.job => C:\Users\Jugendliche\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-05-28 17:44 - 2014-11-14 18:06 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:03D08225
AlternateDataStreams: C:\ProgramData\TEMP:08D8BB20
AlternateDataStreams: C:\ProgramData\TEMP:10D98D98
AlternateDataStreams: C:\ProgramData\TEMP:1CE87230
AlternateDataStreams: C:\ProgramData\TEMP:22741C1F
AlternateDataStreams: C:\ProgramData\TEMP:2E9900EE
AlternateDataStreams: C:\ProgramData\TEMP:3766E957
AlternateDataStreams: C:\ProgramData\TEMP:393F7B1E
AlternateDataStreams: C:\ProgramData\TEMP:3AD6342E
AlternateDataStreams: C:\ProgramData\TEMP:4C49306C
AlternateDataStreams: C:\ProgramData\TEMP:4E79C4F8
AlternateDataStreams: C:\ProgramData\TEMP:517EFA90
AlternateDataStreams: C:\ProgramData\TEMP:538B96B5
AlternateDataStreams: C:\ProgramData\TEMP:5520ED93
AlternateDataStreams: C:\ProgramData\TEMP:6677D85A
AlternateDataStreams: C:\ProgramData\TEMP:6FD36C4B
AlternateDataStreams: C:\ProgramData\TEMP:7972CF54
AlternateDataStreams: C:\ProgramData\TEMP:883EDFB5
AlternateDataStreams: C:\ProgramData\TEMP:8B51CAAE
AlternateDataStreams: C:\ProgramData\TEMP:8E7F155B
AlternateDataStreams: C:\ProgramData\TEMP:91486201
AlternateDataStreams: C:\ProgramData\TEMP:969C0C96
AlternateDataStreams: C:\ProgramData\TEMP:97995ED4
AlternateDataStreams: C:\ProgramData\TEMP:A4BF246C
AlternateDataStreams: C:\ProgramData\TEMP:A9223B61
AlternateDataStreams: C:\ProgramData\TEMP:B12D1A7D
AlternateDataStreams: C:\ProgramData\TEMP:B36361EE
AlternateDataStreams: C:\ProgramData\TEMP:B6D84F71
AlternateDataStreams: C:\ProgramData\TEMP:D576A536
AlternateDataStreams: C:\ProgramData\TEMP:E1D818F7
AlternateDataStreams: C:\ProgramData\TEMP:E9FAC3AB
AlternateDataStreams: C:\ProgramData\TEMP:EA701346
AlternateDataStreams: C:\ProgramData\TEMP:FECEF728
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: 24x7HelpSvc => 2
MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BrowserProtect => 2
MSCONFIG\Services: DCDhcpService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: SampleCollector => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 2
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: uCamMonitor => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VCFw => 2
MSCONFIG\Services: VcmIAlzMgr => 2
MSCONFIG\Services: VcmINSMgr => 2
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VSNService => 2
MSCONFIG\Services: VUAgent => 3
MSCONFIG\Services: WajamUpdater => 2
MSCONFIG\startupreg: Google Update => "C:\Users\tine76\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1990863777-1001858336-1583621791-500 - Administrator - Disabled)
Gast (S-1-5-21-1990863777-1001858336-1583621791-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1990863777-1001858336-1583621791-1002 - Limited - Enabled)
Jugendliche (S-1-5-21-1990863777-1001858336-1583621791-1003 - Limited - Enabled) => C:\Users\Jugendliche
tine76 (S-1-5-21-1990863777-1001858336-1583621791-1000 - Administrator - Enabled) => C:\Users\tine76
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Percentage of memory in use: 39%
Total physical RAM: 4043.86 MB
Available physical RAM: 2459.32 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 6324.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:451.78 GB) (Free:372.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1F222542)
Partition 1: (Not Active) - (Size=13.9 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
16.11.2014, 23:22
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Virenverseuchter Laptop Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.
__________________Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicyUsers\S-1-5-21-1990863777-1001858336-1583621791-1003\User: Group Policy restriction detected <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49708;https=127.0.0.1:49708
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml
FF Extension: Snap.Do - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944} [2014-11-14]
C:\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager [1].exe
C:\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager.exe
C:\found.001
C:\Users\tine76\AppData\Roaming\Yyyyf
cmd: dir /s C:\Windows\hu
AlternateDataStreams: C:\ProgramData\TEMP:03D08225
AlternateDataStreams: C:\ProgramData\TEMP:08D8BB20
AlternateDataStreams: C:\ProgramData\TEMP:10D98D98
AlternateDataStreams: C:\ProgramData\TEMP:1CE87230
AlternateDataStreams: C:\ProgramData\TEMP:22741C1F
AlternateDataStreams: C:\ProgramData\TEMP:2E9900EE
AlternateDataStreams: C:\ProgramData\TEMP:3766E957
AlternateDataStreams: C:\ProgramData\TEMP:393F7B1E
AlternateDataStreams: C:\ProgramData\TEMP:3AD6342E
AlternateDataStreams: C:\ProgramData\TEMP:4C49306C
AlternateDataStreams: C:\ProgramData\TEMP:4E79C4F8
AlternateDataStreams: C:\ProgramData\TEMP:517EFA90
AlternateDataStreams: C:\ProgramData\TEMP:538B96B5
AlternateDataStreams: C:\ProgramData\TEMP:5520ED93
AlternateDataStreams: C:\ProgramData\TEMP:6677D85A
AlternateDataStreams: C:\ProgramData\TEMP:6FD36C4B
AlternateDataStreams: C:\ProgramData\TEMP:7972CF54
AlternateDataStreams: C:\ProgramData\TEMP:883EDFB5
AlternateDataStreams: C:\ProgramData\TEMP:8B51CAAE
AlternateDataStreams: C:\ProgramData\TEMP:8E7F155B
AlternateDataStreams: C:\ProgramData\TEMP:91486201
AlternateDataStreams: C:\ProgramData\TEMP:969C0C96
AlternateDataStreams: C:\ProgramData\TEMP:97995ED4
AlternateDataStreams: C:\ProgramData\TEMP:A4BF246C
AlternateDataStreams: C:\ProgramData\TEMP:A9223B61
AlternateDataStreams: C:\ProgramData\TEMP:B12D1A7D
AlternateDataStreams: C:\ProgramData\TEMP:B36361EE
AlternateDataStreams: C:\ProgramData\TEMP:B6D84F71
AlternateDataStreams: C:\ProgramData\TEMP:D576A536
AlternateDataStreams: C:\ProgramData\TEMP:E1D818F7
AlternateDataStreams: C:\ProgramData\TEMP:E9FAC3AB
AlternateDataStreams: C:\ProgramData\TEMP:EA701346
AlternateDataStreams: C:\ProgramData\TEMP:FECEF728
EmptyTemp:
Hosts:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ |
|
17.11.2014, 00:09
| #19 |
| | Virenverseuchter Laptop Fix Button geht nicht kann keinen Scan machen mit Fix kann die Fixlist die ich erstellt habe nicht mal hier posten damit Du was siehst er findet die Fixliste nicht obwohl ich sie auf dem Desktop abgespeichert habe |
|
17.11.2014, 00:19
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenverseuchter LaptopZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.11.2014, 00:24
| #21 |
| | Virenverseuchter Laptop auf dem Desktop,Mist Doch ist auf dem Destop,ganz gross,wollte ja nicht den gleichen Fehler machen wie beim letzeten mal,ja ist da |
|
17.11.2014, 00:56
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenverseuchter Laptop Na, dann mach den Fix richtig 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.11.2014, 01:51
| #23 |
| | Virenverseuchter Laptop Kruzineune,habe nun FRST dreimal auf dem Desktop und die Fixliste auch,habe ne Fehlermeldung: Warning : Looks you Dont know What to do. To prevent demage to the system the toll will exit. Und ausserdem zeigt es mir seit heute die FRST Version als Oldie Version an.Ist die FRST veraltet und es klappt deswegen nicht? FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 02 Ran by tine76 (administrator) on TINE76-VAIO on 17-11-2014 01:33:05 Running from C:\Users\tine76\Desktop Loaded Profile: tine76 (Available profiles: tine76 & Jugendliche) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (CANON INC.) C:\Windows\System32\CNAB4RPD.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\MountPoints2: {a28a89f0-634d-11e2-a2c5-9439e59a03a6} - E:\Startme.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) GroupPolicyUsers\S-1-5-21-1990863777-1001858336-1583621791-1003\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:49708;https=127.0.0.1:49708 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 FireFox: ======== FF ProfilePath: C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default FF DefaultSearchEngine: AVG Nation Search FF SelectedSearchEngine: AVG Nation Search FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\tine76\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1000: @tools.google.com/Google Update;version=3 -> C:\Users\tine76\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1000: @tools.google.com/Google Update;version=9 -> C:\Users\tine76\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml FF Extension: Snap.Do - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944} [2014-11-14] FF Extension: Adblock Plus - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-14] Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll () CHR Plugin: (McAfee SiteAdvisor) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.1_0\McChPlg.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File CHR Profile: C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-05] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed] S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed] S4 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed] S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed] S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation) S4 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.) S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-17] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-17 00:55 - 2014-11-17 00:55 - 00016651 _____ () C:\Users\tine76\Desktop\FRST - Verknüpfung.lnk 2014-11-17 00:54 - 2014-11-17 00:54 - 00036655 _____ () C:\Users\tine76\Desktop\Addition.txt 2014-11-17 00:53 - 2014-11-17 01:33 - 00016174 _____ () C:\Users\tine76\Desktop\FRST.txt 2014-11-17 00:45 - 2014-11-17 01:09 - 00139877 _____ () C:\Users\tine76\Desktop\Fixlist.txt 2014-11-17 00:37 - 2014-11-17 00:37 - 00001144 _____ () C:\Users\tine76\Desktop\FRST64 - Verknüpfung (2).lnk 2014-11-17 00:37 - 2014-11-16 19:16 - 02117120 _____ (Farbar) C:\Users\tine76\Desktop\FRST64.exe 2014-11-17 00:35 - 2014-11-17 00:35 - 02117120 _____ (Farbar) C:\Users\tine76\Downloads\FRST64(2).exe 2014-11-17 00:31 - 2014-11-17 00:31 - 00001132 _____ () C:\Users\tine76\Desktop\FRST-OlderVersion - Verknüpfung.lnk 2014-11-17 00:29 - 2014-11-17 00:29 - 02117120 _____ (Farbar) C:\Users\tine76\Downloads\FRST64(1).exe 2014-11-16 19:16 - 2014-11-17 01:32 - 00000000 ____D () C:\Users\tine76\Downloads\FRST-OlderVersion 2014-11-16 19:10 - 2014-11-16 19:10 - 00002173 _____ () C:\Users\tine76\Desktop\JRT.txt 2014-11-16 19:03 - 2014-11-16 19:03 - 00000000 ____D () C:\Windows\ERUNT 2014-11-16 18:17 - 2014-11-16 18:17 - 00001236 _____ () C:\Users\tine76\Desktop\AdwCleaner_4.101 - Verknüpfung.lnk 2014-11-16 18:15 - 2014-11-16 18:15 - 00001109 _____ () C:\Users\tine76\Desktop\JRT - Verknüpfung.lnk 2014-11-16 18:09 - 2014-11-16 18:09 - 01707532 _____ (Thisisu) C:\Users\tine76\Downloads\JRT.exe 2014-11-16 18:08 - 2014-11-16 18:08 - 00000705 _____ () C:\Users\tine76\Desktop\AdwCleaner - Verknüpfung.lnk 2014-11-16 18:07 - 2014-11-16 18:37 - 00000000 ____D () C:\AdwCleaner 2014-11-16 18:06 - 2014-11-16 18:06 - 02140160 _____ () C:\Users\tine76\Downloads\AdwCleaner_4.101.exe 2014-11-16 08:52 - 2014-11-16 09:01 - 00000049 _____ () C:\Users\tine76\Desktop\mbam.txt 2014-11-16 08:48 - 2014-11-16 08:48 - 00000000 __SHD () C:\Users\tine76\AppData\Local\EmieBrowserModeList 2014-11-15 01:41 - 2014-11-15 01:41 - 00001300 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-11-15 01:41 - 2014-11-15 01:41 - 00001288 _____ () C:\Users\Public\Desktop\paint.net.lnk 2014-11-15 01:41 - 2014-11-15 01:41 - 00000000 ____D () C:\Program Files\paint.net 2014-11-15 01:40 - 2014-11-15 01:44 - 00000000 ____D () C:\Users\tine76\AppData\Local\paint.net 2014-11-15 01:39 - 2014-11-15 01:46 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-11-15 01:39 - 2014-11-15 01:39 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\Opera Software 2014-11-15 01:39 - 2014-11-15 01:39 - 00000000 ____D () C:\Users\tine76\AppData\Local\Opera Software 2014-11-15 01:39 - 2014-11-15 01:38 - 06299376 _____ () C:\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager [1].exe 2014-11-15 01:38 - 2014-11-15 01:38 - 00845088 _____ ( ) C:\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager.exe 2014-11-14 18:23 - 2014-11-14 18:24 - 00011836 _____ () C:\Users\tine76\Desktop\Neues Textdokument.txt 2014-11-14 17:57 - 2014-11-14 17:57 - 00011836 _____ () C:\mbam.txt 2014-11-14 17:14 - 2014-11-17 01:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-14 17:13 - 2014-11-14 17:13 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-11-14 17:13 - 2014-11-14 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-14 17:13 - 2014-11-14 17:13 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-14 17:13 - 2014-11-14 17:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-11-14 17:13 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-14 17:13 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-14 17:13 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-14 17:11 - 2014-11-14 17:12 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\tine76\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-14 15:25 - 2014-11-16 23:40 - 00035238 _____ () C:\Users\tine76\Downloads\Addition.txt 2014-11-14 15:23 - 2014-11-17 01:33 - 00000000 ____D () C:\FRST 2014-11-14 15:23 - 2014-11-17 00:12 - 00040901 _____ () C:\Users\tine76\Downloads\FRST.txt 2014-11-14 15:22 - 2014-11-16 19:16 - 02117120 _____ (Farbar) C:\Users\tine76\Downloads\FRST64.exe 2014-11-14 14:33 - 2014-11-14 14:33 - 00000000 ____D () C:\Users\tine76\AppData\Local\Macromedia 2014-11-14 14:32 - 2014-11-17 00:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-14 14:32 - 2014-11-14 14:32 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-14 14:23 - 2014-11-14 14:23 - 00000000 __SHD () C:\found.001 2014-11-14 14:10 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-14 14:10 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-14 14:10 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-14 14:10 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-14 14:10 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-14 14:10 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-14 14:10 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-14 14:10 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-14 14:10 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-14 14:10 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-14 14:10 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-14 14:10 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-14 14:10 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-14 14:10 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-14 14:10 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-14 14:10 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-14 14:10 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-14 14:10 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-14 14:10 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-14 14:10 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-14 14:10 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-14 14:10 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-14 14:10 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-14 14:10 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-14 14:10 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-14 14:10 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-14 14:10 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-14 14:10 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-14 14:10 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-14 14:10 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-14 14:10 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-14 14:10 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-14 14:10 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-14 14:10 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-14 14:10 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-14 14:10 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-14 14:10 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-14 14:10 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-14 14:10 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-14 14:10 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-14 14:10 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-14 14:10 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-14 14:10 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-14 14:10 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-14 14:10 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-14 14:10 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-14 14:10 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-14 14:10 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-14 14:10 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-14 14:10 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-14 14:10 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-14 14:10 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-14 14:10 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-14 14:10 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-14 14:10 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-14 14:09 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-14 14:09 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-14 14:09 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-14 14:09 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-14 14:09 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-14 14:09 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-14 14:09 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-14 14:09 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-14 14:09 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-14 14:09 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-14 14:09 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-14 14:08 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-14 14:08 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-14 14:08 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-14 14:08 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-14 14:04 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-14 14:04 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-14 14:04 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-14 14:04 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-14 14:04 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-14 14:04 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-14 14:03 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-14 14:03 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-14 14:03 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-14 14:03 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-14 14:03 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-14 14:03 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-14 14:03 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-14 14:03 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-14 14:03 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-14 14:03 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-14 14:03 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-14 14:03 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-14 14:03 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-14 14:02 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-14 14:02 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-01 18:12 - 2014-11-17 00:42 - 00065536 _____ () C:\Windows\system32\Ikeext.etl ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-17 00:50 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-17 00:50 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-17 00:49 - 2013-12-07 17:19 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-17 00:47 - 2014-01-18 13:24 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003UA.job 2014-11-17 00:46 - 2012-12-06 17:42 - 01362213 _____ () C:\Windows\WindowsUpdate.log 2014-11-17 00:46 - 2011-09-03 11:08 - 00700118 _____ () C:\Windows\system32\perfh007.dat 2014-11-17 00:46 - 2011-09-03 11:08 - 00149968 _____ () C:\Windows\system32\perfc007.dat 2014-11-17 00:46 - 2009-07-14 06:13 - 01622228 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-17 00:43 - 2014-05-15 13:14 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\DropboxMaster 2014-11-17 00:43 - 2013-02-10 22:37 - 00000000 ___RD () C:\Users\tine76\Dropbox 2014-11-17 00:43 - 2013-02-10 22:35 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\Dropbox 2014-11-17 00:42 - 2013-12-07 17:19 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-17 00:42 - 2013-11-11 09:14 - 00097070 _____ () C:\Windows\setupact.log 2014-11-17 00:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-17 00:01 - 2011-11-24 16:58 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5B5EFC5C-CFD1-4F85-A4D0-78B4F8EC748B} 2014-11-16 18:38 - 2013-11-11 09:14 - 01986066 _____ () C:\Windows\PFRO.log 2014-11-16 18:37 - 2014-07-16 19:25 - 00001104 _____ () C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-11-16 18:37 - 2014-03-12 09:17 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\Common 2014-11-16 18:37 - 2013-06-14 17:15 - 00000000 ____D () C:\Users\Jugendliche 2014-11-16 18:37 - 2011-11-24 16:56 - 00000000 ____D () C:\Users\tine76 2014-11-16 08:44 - 2013-12-07 17:19 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-16 08:44 - 2013-12-07 17:19 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2014-11-15 11:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-11-15 07:23 - 2009-07-14 05:45 - 00293448 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-15 07:21 - 2014-05-07 06:43 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-15 02:09 - 2013-07-29 10:25 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-15 02:09 - 2011-11-25 16:10 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-15 01:46 - 2011-11-24 16:57 - 00001425 _____ () C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-11-14 18:06 - 2013-05-28 17:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-14 18:06 - 2013-02-21 17:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-14 18:02 - 2011-09-03 01:42 - 00000000 ____D () C:\Windows\hu 2014-11-14 18:01 - 2014-03-12 09:05 - 09894651 _____ () C:\Windows\system32\SavingsBullFilterService.log 2014-11-14 17:58 - 2013-08-15 17:09 - 00000000 ___HD () C:\Users\tine76\AppData\Roaming\Yyyyf 2014-11-14 14:44 - 2014-01-27 15:09 - 00003316 _____ () C:\Windows\System32\Tasks\SoftwareInformerService 2014-11-14 14:43 - 2014-01-27 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer 2014-11-14 14:43 - 2014-01-27 15:09 - 00000000 ____D () C:\Program Files\Software Informer 2014-11-14 14:32 - 2013-05-14 21:25 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-14 14:32 - 2011-12-01 23:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-14 13:36 - 2014-08-15 21:31 - 00184800 _____ () C:\Windows\SysWOW64\XMLOperations.xml 2014-11-14 12:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-11-11 16:21 - 2013-06-15 19:37 - 00000000 ____D () C:\Users\Jugendliche\AppData\Local\CrashDumps 2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-11-01 13:52 - 2014-01-26 17:14 - 00000315 _____ () C:\Users\Jugendliche\AppData\Roaming\WB.CFG 2014-10-29 17:15 - 2014-08-19 15:01 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-26 15:42 - 2014-01-18 13:24 - 00004126 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003UA 2014-10-26 15:42 - 2014-01-18 13:24 - 00003730 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003Core 2014-10-26 15:42 - 2014-01-18 13:24 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003Core.job Some content of TEMP: ==================== C:\Users\tine76\AppData\Local\Temp\6_Offer_14.exe C:\Users\tine76\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuoixfr.dll C:\Users\tine76\AppData\Local\Temp\InstallerLibrary.dll C:\Users\tine76\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\tine76\AppData\Local\Temp\ms.exe C:\Users\tine76\AppData\Local\Temp\Quarantine.exe C:\Users\tine76\AppData\Local\Temp\setup_297.exe C:\Users\tine76\AppData\Local\Temp\sqlite3.dll C:\Users\tine76\AppData\Local\Temp\tbDVD0.dll C:\Users\tine76\AppData\Local\Temp\tmpD217.tmp.exe C:\Users\tine76\AppData\Local\Temp\uninst1.exe C:\Users\tine76\AppData\Local\Temp\ValidationScriptLibrary.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-15 10:32 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- --- --- --- so dala,es sollte vielleicht mal mitgeteil werden das man dann bei einer Logdatei nicht immer STRG benutzen sollte,sondern das man es manuell rauskopiert.Dann klappt es ja doch. hier die Fixlog. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-11-2014 02
Ran by tine76 at 2014-11-17 01:39:42 Run:1
Running from C:\Users\tine76\Desktop
Loaded Profile: tine76 (Available profiles: tine76 & Jugendliche)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
GroupPolicyUsers\S-1-5-21-1990863777-1001858336-1583621791-1003\User: Group Policy restriction detected <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49708;https=127.0.0.1:49708
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml
FF Extension: Snap.Do - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944} [2014-11-14]
C:\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager [1].exe
C:\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager.exe
C:\found.001
C:\Users\tine76\AppData\Roaming\Yyyyf
cmd: dir /s C:\Windows\hu
AlternateDataStreams: C:\ProgramData\TEMP:03D08225
AlternateDataStreams: C:\ProgramData\TEMP:08D8BB20
AlternateDataStreams: C:\ProgramData\TEMP:10D98D98
AlternateDataStreams: C:\ProgramData\TEMP:1CE87230
AlternateDataStreams: C:\ProgramData\TEMP:22741C1F
AlternateDataStreams: C:\ProgramData\TEMP:2E9900EE
AlternateDataStreams: C:\ProgramData\TEMP:3766E957
AlternateDataStreams: C:\ProgramData\TEMP:393F7B1E
AlternateDataStreams: C:\ProgramData\TEMP:3AD6342E
AlternateDataStreams: C:\ProgramData\TEMP:4C49306C
AlternateDataStreams: C:\ProgramData\TEMP:4E79C4F8
AlternateDataStreams: C:\ProgramData\TEMP:517EFA90
AlternateDataStreams: C:\ProgramData\TEMP:538B96B5
AlternateDataStreams: C:\ProgramData\TEMP:5520ED93
AlternateDataStreams: C:\ProgramData\TEMP:6677D85A
AlternateDataStreams: C:\ProgramData\TEMP:6FD36C4B
AlternateDataStreams: C:\ProgramData\TEMP:7972CF54
AlternateDataStreams: C:\ProgramData\TEMP:883EDFB5
AlternateDataStreams: C:\ProgramData\TEMP:8B51CAAE
AlternateDataStreams: C:\ProgramData\TEMP:8E7F155B
AlternateDataStreams: C:\ProgramData\TEMP:91486201
AlternateDataStreams: C:\ProgramData\TEMP:969C0C96
AlternateDataStreams: C:\ProgramData\TEMP:97995ED4
AlternateDataStreams: C:\ProgramData\TEMP:A4BF246C
AlternateDataStreams: C:\ProgramData\TEMP:A9223B61
AlternateDataStreams: C:\ProgramData\TEMP:B12D1A7D
AlternateDataStreams: C:\ProgramData\TEMP:B36361EE
AlternateDataStreams: C:\ProgramData\TEMP:B6D84F71
AlternateDataStreams: C:\ProgramData\TEMP:D576A536
AlternateDataStreams: C:\ProgramData\TEMP:E1D818F7
AlternateDataStreams: C:\ProgramData\TEMP:E9FAC3AB
AlternateDataStreams: C:\ProgramData\TEMP:EA701346
AlternateDataStreams: C:\ProgramData\TEMP:FECEF728
EmptyTemp:
Hosts:
*****************
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1990863777-1001858336-1583621791-1003\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml => Moved successfully.
C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944} => Moved successfully.
C:\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager [1].exe => Moved successfully.
C:\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager.exe => Moved successfully.
C:\found.001 => Moved successfully.
C:\Users\tine76\AppData\Roaming\Yyyyf => Moved successfully.
========= dir /s C:\Windows\hu =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 6662-EF86
Verzeichnis von C:\Windows\hu
14.11.2014 18:02 <DIR> .
14.11.2014 18:02 <DIR> ..
10.11.2010 01:38 106.864 WLXPGSS.SCR.mui
1 Datei(en), 106.864 Bytes
Anzahl der angezeigten Dateien:
1 Datei(en), 106.864 Bytes
2 Verzeichnis(se), 400.369.848.320 Bytes frei
========= End of CMD: =========
C:\ProgramData\TEMP => ":03D08225" ADS removed successfully.
C:\ProgramData\TEMP => ":08D8BB20" ADS removed successfully.
C:\ProgramData\TEMP => ":10D98D98" ADS removed successfully.
C:\ProgramData\TEMP => ":1CE87230" ADS removed successfully.
C:\ProgramData\TEMP => ":22741C1F" ADS removed successfully.
C:\ProgramData\TEMP => ":2E9900EE" ADS removed successfully.
C:\ProgramData\TEMP => ":3766E957" ADS removed successfully.
C:\ProgramData\TEMP => ":393F7B1E" ADS removed successfully.
C:\ProgramData\TEMP => ":3AD6342E" ADS removed successfully.
C:\ProgramData\TEMP => ":4C49306C" ADS removed successfully.
C:\ProgramData\TEMP => ":4E79C4F8" ADS removed successfully.
C:\ProgramData\TEMP => ":517EFA90" ADS removed successfully.
C:\ProgramData\TEMP => ":538B96B5" ADS removed successfully.
C:\ProgramData\TEMP => ":5520ED93" ADS removed successfully.
C:\ProgramData\TEMP => ":6677D85A" ADS removed successfully.
C:\ProgramData\TEMP => ":6FD36C4B" ADS removed successfully.
C:\ProgramData\TEMP => ":7972CF54" ADS removed successfully.
C:\ProgramData\TEMP => ":883EDFB5" ADS removed successfully.
C:\ProgramData\TEMP => ":8B51CAAE" ADS removed successfully.
C:\ProgramData\TEMP => ":8E7F155B" ADS removed successfully.
C:\ProgramData\TEMP => ":91486201" ADS removed successfully.
C:\ProgramData\TEMP => ":969C0C96" ADS removed successfully.
C:\ProgramData\TEMP => ":97995ED4" ADS removed successfully.
C:\ProgramData\TEMP => ":A4BF246C" ADS removed successfully.
C:\ProgramData\TEMP => ":A9223B61" ADS removed successfully.
C:\ProgramData\TEMP => ":B12D1A7D" ADS removed successfully.
C:\ProgramData\TEMP => ":B36361EE" ADS removed successfully.
C:\ProgramData\TEMP => ":B6D84F71" ADS removed successfully.
C:\ProgramData\TEMP => ":D576A536" ADS removed successfully.
C:\ProgramData\TEMP => ":E1D818F7" ADS removed successfully.
C:\ProgramData\TEMP => ":E9FAC3AB" ADS removed successfully.
C:\ProgramData\TEMP => ":EA701346" ADS removed successfully.
C:\ProgramData\TEMP => ":FECEF728" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.6 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Ohweh schaut ja irgendwie böse aus.Sind da größere Probleme vorhanden? Gruß Simone |
|
17.11.2014, 10:42
| #24 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenverseuchter LaptopZitat:
 Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.11.2014, 11:24
| #25 |
| | Virenverseuchter Laptop Kann sein das ich nicht weiß was es bedeutet. Ich dachte es heißt kopieren,da ja auch alles markiert wird wenn man es benutzt. So,ich mach mich an die Arbeit. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 17.11.2014 Suchlauf-Zeit: 10:57:36 Logdatei: mbam.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.11.17.02 Rootkit Datenbank: v2014.11.12.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Aktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: tine76 Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 376165 Verstrichene Zeit: 21 Min, 54 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 3 PUP.Optional.CrossRider.A, C:\Users\Jugendliche\AppData\Roaming\Mozilla\Firefox\Profiles\yht1hjyq.default\extensions\ba9147e3-ae8c-4ced-9c9a-240425bd7d8e@6ddffb66-c974-42d7-8752-9e6a4ec073b0.com, In Quarantäne, [d118bc7e512bfb3b863f3bcfed16dd23], PUP.Optional.CrossRider.A, C:\Users\Jugendliche\AppData\Roaming\Mozilla\Firefox\Profiles\yht1hjyq.default\extensions\ba9147e3-ae8c-4ced-9c9a-240425bd7d8e@6ddffb66-c974-42d7-8752-9e6a4ec073b0.com\extensionData, In Quarantäne, [d118bc7e512bfb3b863f3bcfed16dd23], PUP.Optional.CrossRider.A, C:\Users\Jugendliche\AppData\Roaming\Mozilla\Firefox\Profiles\yht1hjyq.default\extensions\ba9147e3-ae8c-4ced-9c9a-240425bd7d8e@6ddffb66-c974-42d7-8752-9e6a4ec073b0.com\extensionData\plugins, In Quarantäne, [d118bc7e512bfb3b863f3bcfed16dd23], Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) |
|
17.11.2014, 11:41
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenverseuchter Laptop Mit STRG+A wird nur alles im aktuellen Fenster markiert. Das Markierte wird nur dann in die Zwischenablage kopiert wenn man STRG+C drückt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.11.2014, 11:52
| #27 |
| | Virenverseuchter Laptop Ah ok,danke. Eset läuft gerade und meldet schon 35 Bedrohungen. |
|
17.11.2014, 11:54
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenverseuchter Laptop Einfach in Ruhe weiterlaufen lassen, Rechner am besten in Ruhe lassen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.11.2014, 13:22
| #29 |
| | Virenverseuchter Laptop Ja,mache ich,ich schreibe von meinem Laptop und fasse den anderen nicht an. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b45cd1404259e54f8115a84691796cce
# engine=21122
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-17 12:14:08
# local_time=2014-11-17 01:14:08 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 50201 167856298 0 0
# scanned=203687
# found=62
# cleaned=0
# scan_time=5932
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert0.dll.vir"
sh=51DFB1057FF4CBAAEA77A28B24B3BEDEA96FE02A ft=1 fh=f29a8a3f66588642 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\DaemonProcess.exe.vir"
sh=5454230820B9172472548B91677FA99352A16A35 ft=1 fh=83c1a584ac14f3e4 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\Mobogenie.exe.vir"
sh=5BC0BBC3AC54D016E4C7878598350F9BE2A134F9 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\MUServer.apk.vir"
sh=04DF5DA720E5E531F57BD14454EAF99E750D8BED ft=1 fh=f3c242e732b4b342 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=2AA7B127F2729B87C2D85E0F391A1E36F7A04E6B ft=1 fh=7a4e8d911a1be1b6 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\UpdateMoboGenie.exe.vir"
sh=E901998362D225B8B087BE7FCC50F8C28DB48D70 ft=1 fh=47cf3d21604d7bd8 vn="Win32/Adware.AlimenMain.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PepperZip\PepperZip.exe.vir"
sh=DC2F44E408378C231AFA4D5E0BC65855573FA17D ft=1 fh=576bb7911dc12d10 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jugendliche\AppData\Local\iLivid\Helper.dll.vir"
sh=E04E1D4A0D31AD4A312B28536B7CF61429E93785 ft=1 fh=dd1f8942e7c0e2ca vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jugendliche\AppData\Local\torch\Helper.dll.vir"
sh=A25169C9C280A5210554B583D159ED1FE398BDD6 ft=1 fh=4f9f4f021d8f7ab1 vn="Variante von Win32/TorchMedia evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jugendliche\AppData\Local\torch\Uninstall.exe.vir"
sh=34CBF314F52AA2A899EB3DFA96FC9CFBF32467E3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jugendliche\AppData\Local\torch\User Data\Default\Extensions\iklgpchfbohgmghgfagediakopecfmbm\1.26.9_0\extensionData\plugins\91.js.vir"
sh=E082854FA3F7C89221E44406EA71086403E834E7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jugendliche\AppData\Local\torch\User Data\Default\Extensions\ofjpieepnfhpcpkjklohnpmmmmdhcbmd\1.26.21_0\extensionData\plugins\91.js.vir"
sh=7738C09B20F384D52FC9295966EE53222564D38C ft=1 fh=0215ddde6083ecb6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\tine76\AppData\Local\Conduit\CT2625848\DVDVideoSoftTB_DEAutoUpdateHelper.exe.vir"
sh=3B0392ADB64821DAD5347AA89CA7ADA85D4AD5C9 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\tine76\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.2.zip.vir"
sh=A2D473E09F7C019315030A2124DCED3B90CB4F87 ft=1 fh=37fc42c7c433ae0f vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\tine76\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=5454230820B9172472548B91677FA99352A16A35 ft=1 fh=83c1a584ac14f3e4 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\tine76\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=5BC0BBC3AC54D016E4C7878598350F9BE2A134F9 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\tine76\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=04DF5DA720E5E531F57BD14454EAF99E750D8BED ft=1 fh=f3c242e732b4b342 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\tine76\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=819DCBCC541924E7B98B6A6667188D451424BEB7 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\tine76\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx.vir"
sh=78EF5981C3519DFCC18D1E4513235A5FD9834677 ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{42e0ced7-806f-4983-af54-92bdeefee519}\chrome\content\dealplyshopping.xul.vir"
sh=281D834970C90ECD048476AE1136529645770B59 ft=1 fh=efc6b242fb35efa3 vn="Win32/AdWare.Snoozer.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\tine76\AppData\Roaming\Snz\Snz.exe.vir"
sh=12883B42F1321524DFC99A0C433A2306154469CE ft=1 fh=6c051e8af692ba0f vn="Variante von Win32/Agent.WGA Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\score.exe.vir"
sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=9CA71C727934861E9351AF97CC28CEA38811B07C ft=1 fh=15a0a042e9313939 vn="Variante von Win32/AdWare.Adpeak.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944}\components\SmartbarFireFoxRemotePlugin_22.dll"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944}\components\SmartbarFireFoxRemotePlugin_23.dll"
sh=0F471487AE6B71DC612987E9D60BA92BA2F53EF6 ft=1 fh=157500865f54afbd vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944}\components\SmartbarFireFoxRemotePlugin_25.dll"
sh=F91479B4D5D35AF13840AD77EDF3233D92409416 ft=1 fh=d6a695c8ffabdf98 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944}\components\SmartbarFireFoxRemotePlugin_26.dll"
sh=F13585922C1DE9717F25CB4CD774ACAB0F9C24FC ft=1 fh=cf6c8d88423b2499 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944}\components\SmartbarFireFoxRemotePlugin_27.dll"
sh=677E6420AA7EFEE73980EB906BEA9C2EAD0F02C9 ft=1 fh=6d4be5b0bfd794b0 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944}\components\SmartbarFireFoxRemotePlugin_28.dll"
sh=05D74759F3A9DB5B7664FBB744EC993D7130529C ft=1 fh=7149c4294690d160 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944}\components\SmartbarFireFoxRemotePlugin_29.dll"
sh=FF8EFDB0A93A0A9AE202B85B34F793B5CA23E844 ft=1 fh=43c6da0c808b8b3a vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944}\components\SmartbarFireFoxRemotePlugin_30.dll"
sh=5EB33BE5BDDB0964B06BA35484B8B7284B06F329 ft=1 fh=9db60c75ac50d8c4 vn="Variante von Win32/InstallCore.RA evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\tine76\Downloads\paint.net.4.0.3.install_CB-DL-Manager.exe.xBAD"
sh=6B6105C0BF9C8942B523C7BC6279BF1D241909BA ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\temp\InstallFilter64.msi"
sh=6205DDE47C041E3B67EFC540F89F24344835EE11 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\temp\t.msi"
sh=CFA4F63C577BC7CB531B7933D3195A289817E897 ft=1 fh=222be9551c840317 vn="Variante von Win32/DomaIQ.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000"
sh=AF84478DE5DAF5E225B7621D6689785853A5DCF8 ft=1 fh=00274045e81380eb vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000"
sh=60C34916424AF692A2EC441F977AFC85BEF1B402 ft=1 fh=565bbf9e64955f30 vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000"
sh=25C3D3930206543255638C25179DD2E9E4ED8FF0 ft=1 fh=1d42a857a52c15bf vn="Variante von Win32/DomaIQ.BF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000"
sh=03570DCBCFEC63F123197DEACE7F14374A33E41F ft=1 fh=4a6706356f39cfc2 vn="Variante von Win32/DomaIQ.BF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000001"
sh=FC03577BC4F4D80A04575D9439293118BF39DF20 ft=1 fh=3d289144697e1171 vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000"
sh=6DC4527A1837AC58AC1FE319DD58DA57562F329F ft=1 fh=24a198b45718e9b7 vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000001"
sh=CF4A397CFB1655A5BD56EF522762A0A428CEE927 ft=1 fh=4367b3a095527354 vn="Win32/Somoto.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\007\t\00\00000000"
sh=8EBB4840C719CA4E910F7F95D134BD8D804CA6CA ft=1 fh=c1c4e39f84ce1201 vn="Variante von Win32/DomaIQ.BG evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\008\t\00\00000000"
sh=51F3FC5312FCB05F6133D653B0B13266E51E1048 ft=1 fh=474391ce9cf09017 vn="Variante von Win32/DomaIQ.BD evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\009\t\00\00000001"
sh=97C5CD99337907A1FF4F83F231131C65DB6F4C5A ft=1 fh=5cc17304c62a6d02 vn="Variante von Win32/SoftPulse.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000"
sh=2DC5F2D5197EDDE04EB0DC1C3FE3BA8978FC2215 ft=1 fh=c4c15c2001cc75e8 vn="Variante von Win32/SoftPulse.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\011\t\00\00000000"
sh=19876B0C21073CE7AC4725124851FC36B7EA7301 ft=1 fh=31b372839de59c7b vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\Downloads\cbsidlm-cbsi188-Windows_Essentials_Media_Codec_Pack-ORG-10662709.exe"
sh=B62D873100A5B72D8F6347FF31B242981123CB6A ft=1 fh=1c39ef78f97fb48a vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\Downloads\Nintendogs-+Cats-Setup (1).exe"
sh=B62D873100A5B72D8F6347FF31B242981123CB6A ft=1 fh=1c39ef78f97fb48a vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\Downloads\Nintendogs-+Cats-Setup.exe"
sh=2DC5F2D5197EDDE04EB0DC1C3FE3BA8978FC2215 ft=1 fh=c4c15c2001cc75e8 vn="Variante von Win32/SoftPulse.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\Downloads\Player_Setup (1).exe"
sh=D1DEC68E9EDC46CB41D27994548EB0E81DFAAFA4 ft=1 fh=197ad0e2cc641384 vn="Variante von Win32/InstallCore.MZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\Downloads\skype_setup.exe"
sh=124E4CED100A9FF0BF021A0A99EA8EC45A0009E0 ft=1 fh=eedfc9f709bc7109 vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\Downloads\soft32_Cain &"
sh=E2149ED28CC20707719B3A7175D2949BBFA5632D ft=1 fh=59eb4b9778e1d80f vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\Downloads\soft32_Cain & (1)"
sh=3A94D4CC0BE41BCFE9F73EA83E561273BD286BC1 ft=1 fh=1832db0e934f8be0 vn="Variante von Win32/ELEX.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jugendliche\Downloads\yet_another_cleaner.exe"
sh=56BE45AF190FD7FE1554C90B74F0DD54DC78B792 ft=1 fh=35b9eb395b83875c vn="Win32/DomaIQ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\tine76\Downloads\zipper_V.6114633.exe"
sh=9A760DB340C47B2ED8F6ADEF7F431DBFCEDD71D0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\tine76\Pictures\konfer\EKD Evangelische Kirche in Deutschland - Leben & Glauben - Die Zehn Gebote-Dateien\default_adapter.js"
sh=335CBB6B03D82C6DD093400CC5AC19CCAC9F6B0D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\tine76\Pictures\konfer\EKD Evangelische Kirche in Deutschland - Leben & Glauben - Die Zehn Gebote-Dateien\minibar.js"
sh=433832796230962E47B208C9CE559430FAED321B ft=0 fh=0000000000000000 vn="MSIL/Toolbar.SmileysLove.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\1c5c589.msi"
sh=6B6105C0BF9C8942B523C7BC6279BF1D241909BA ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows\Installer\3d12bee1.msi"
|
|
17.11.2014, 13:57
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenverseuchter Laptop Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\temp\InstallFilter64.msi
C:\temp\t.msi
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000001
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000001
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\007\t\00\00000000
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\008\t\00\00000000
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\009\t\00\00000001
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000
C:\Users\Jugendliche\AppData\Local\Google\Chrome\User Data\Default\File System\011\t\00\00000000
C:\Users\Jugendliche\Downloads\cbsidlm-cbsi188-Windows_Essentials_Media_Codec_Pack-ORG-10662709.exe
C:\Users\Jugendliche\Downloads\Nintendogs-+Cats-Setup (1).exe
C:\Users\Jugendliche\Downloads\Nintendogs-+Cats-Setup.exe
C:\Users\Jugendliche\Downloads\Player_Setup (1).exe
C:\Users\Jugendliche\Downloads\skype_setup.exe
C:\Users\Jugendliche\Downloads\soft32_Cain &
C:\Users\Jugendliche\Downloads\soft32_Cain & (1)
C:\Users\Jugendliche\Downloads\yet_another_cleaner.exe
C:\Users\tine76\Downloads\zipper_V.6114633.exe
C:\Users\tine76\Pictures\konfer\EKD Evangelische Kirche in Deutschland - Leben & Glauben - Die Zehn Gebote-Dateien\default_adapter.js
C:\Users\tine76\Pictures\konfer\EKD Evangelische Kirche in Deutschland - Leben & Glauben - Die Zehn Gebote-Dateien\minibar.js
C:\Windows\Installer\1c5c589.msi
C:\Windows\Installer\3d12bee1.msi
EmptyTemp:
Hosts:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
Linear-Darstellung
