| stephan33 | 31.12.2013 18:56 |
Code:
# AdwCleaner v3.016 - Bericht erstellt am 31/12/2013 um 18:26:04
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Stephan Paetzke - STEPHANPAETZ-PC
# Gestartet von : C:\Users\Stephan Paetzke\Desktop\Reinigung Rechner\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : BackupStack
Dienst Gefunden : vToolbarUpdater15.2.0
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Datei Gefunden : C:\Users\Public\Desktop\speedupmypc.lnk
Datei Gefunden : C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gefunden : C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Datei Gefunden : C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
Datei Gefunden : C:\Users\Stephan Paetzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
Datei Gefunden : C:\Users\Stephan Paetzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gefunden : C:\Users\Stephan Paetzke\AppData\Roaming\Mozilla\Firefox\Profiles\8gwfw24m.default\searchplugins\iminent.xml
Datei Gefunden : C:\Users\Stephan Paetzke\AppData\Roaming\Mozilla\Firefox\Profiles\8gwfw24m.default\searchplugins\Web Search.xml
Datei Gefunden : C:\Users\Stephan Paetzke\AppData\Roaming\Mozilla\Firefox\Profiles\8gwfw24m.default\user.js
Datei Gefunden : C:\Users\Stephan Paetzke\Desktop\MyPC Backup.lnk
Datei Gefunden : C:\Windows\System32\Tasks\Advanced System Protector
Datei Gefunden : C:\Windows\System32\Tasks\BrowserProtect
Datei Gefunden : C:\Windows\System32\Tasks\Feven 1.5-chromeinstaller
Datei Gefunden : C:\Windows\System32\Tasks\Feven 1.5-codedownloader
Datei Gefunden : C:\Windows\System32\Tasks\Feven 1.5-enabler
Datei Gefunden : C:\Windows\System32\Tasks\Feven 1.5-firefoxinstaller
Datei Gefunden : C:\Windows\System32\Tasks\Feven 1.5-updater
Datei Gefunden : C:\Windows\System32\Tasks\RegClean Pro
Datei Gefunden : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
Datei Gefunden : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
Datei Gefunden : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Datei Gefunden : C:\Windows\System32\Tasks\SpeedUpMyPC
Datei Gefunden : C:\Windows\System32\Tasks\spmonitor
Datei Gefunden : C:\Windows\Tasks\Feven 1.5-chromeinstaller.job
Datei Gefunden : C:\Windows\Tasks\Feven 1.5-codedownloader.job
Datei Gefunden : C:\Windows\Tasks\Feven 1.5-enabler.job
Datei Gefunden : C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job
Datei Gefunden : C:\Windows\Tasks\Feven 1.5-updater.job
Datei Gefunden : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
Datei Gefunden : C:\Windows\Tasks\RegClean Pro_UPDATES.job
Datei Gefunden : C:\Windows\Tasks\SpeedUpMyPC.job
Datei Gefunden : C:\Windows\Tasks\spmonitor.job
Ordner Gefunden : C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Ordner Gefunden : C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Ordner Gefunden : C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
Ordner Gefunden : C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbegnhpbhfjiaelealfpieodkembdgbj
Ordner Gefunden : C:\Users\Stephan Paetzke\AppData\Roaming\Mozilla\Firefox\Profiles\8gwfw24m.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Ordner Gefunden : C:\Users\Stephan Paetzke\AppData\Roaming\Mozilla\Firefox\Profiles\8gwfw24m.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com
Ordner Gefunden : C:\Users\Stephan Paetzke\AppData\Roaming\Mozilla\Firefox\Profiles\8gwfw24m.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Ordner Gefunden C:\Program Files\Common Files\AVG Secure Search
Ordner Gefunden C:\Program Files\Feven 1.5
Ordner Gefunden C:\Program Files\IminentToolbar
Ordner Gefunden C:\Program Files\MyPC Backup
Ordner Gefunden C:\Program Files\Uniblue\SpeedUpMyPC
Ordner Gefunden C:\Program Files\WebEnhance
Ordner Gefunden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gefunden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\SpeedUpMyPC
Ordner Gefunden C:\SoftwareUpdater
Ordner Gefunden C:\Users\Stephan Paetzke\AppData\Local\apn
Ordner Gefunden C:\Users\Stephan Paetzke\AppData\Local\DownloadGuide
Ordner Gefunden C:\Users\Stephan Paetzke\AppData\Local\PackageAware
Ordner Gefunden C:\Users\Stephan Paetzke\AppData\LocalLow\GutscheinCodes
Ordner Gefunden C:\Users\Stephan Paetzke\AppData\LocalLow\wincoreimband
Ordner Gefunden C:\Users\Stephan Paetzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gefunden C:\Users\Stephan Paetzke\AppData\Roaming\Uniblue\SpeedUpMyPC
Ordner Gefunden C:\Users\Stephan Paetzke\AppData\Roaming\Windows Net Data
Ordner Gefunden C:\Users\Stephan Paetzke\Documents\optimizer pro
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Feven 1.5
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\mediabarim
Schlüssel Gefunden : HKCU\Software\FLEXnet
Schlüssel Gefunden : HKCU\Software\Imesh
Schlüssel Gefunden : HKCU\Software\Iminent.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Feven 1.5
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{814664B0-D93B-4DA6-9216-722C56179397}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{814664B0-D93B-4DA6-9216-722C56179397}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Schlüssel Gefunden : HKCU\Software\SIEN SA
Schlüssel Gefunden : HKCU\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\vShare.tv
Schlüssel Gefunden : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{59279625-EFF0-4F55-98F0-51EDDD800DD9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GutscheinCodes.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{814664B0-D93B-4DA6-9216-722C56179397}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GutscheinCodes.GutscheinCodesBHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GutscheinCodes.GutscheinCodesBHO.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355855532}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366856632}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344854432}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{F905535E-9C87-4A3F-8A3E-4E3B54C461C5}
Schlüssel Gefunden : HKLM\Software\DomaIQ
Schlüssel Gefunden : HKLM\Software\Feven 1.5
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mbegnhpbhfjiaelealfpieodkembdgbj
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Schlüssel Gefunden : HKLM\Software\iMeshMediabarTb
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4c25e349-4c99-48e2-a653-cdf66ecc5d73}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79ec1c31-0388-4f08-b11b-2057e4c0a03d}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83d4f148-b1fd-42ba-a3b7-4748c4b503e2}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ec746d72-1c09-44b2-a6f6-b598960cd7ff}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Advanced System Protector
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\BrowserProtect
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Feven 1.5-chromeinstaller
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Feven 1.5-codedownloader
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Feven 1.5-enabler
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Feven 1.5-firefoxinstaller
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Feven 1.5-updater
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro_DEFAULT
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro_UPDATES
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Scheduled Update for Ask Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\SpeedUpMyPC
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\spmonitor
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01C0984E-FD19-4F2D-BD16-8B3126FFCB66}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01C0984E-FD19-4F2D-BD16-8B3126FFCB66}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10A26357-68B6-4D5F-B219-A8427687F596}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3200E82B-BA47-4DB0-8ACA-2738A95C9D0D}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{324DB6B7-8C65-446D-B951-4F799294BEC1}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42588E44-B799-425B-B29B-7E8CD1CFF019}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42588E44-B799-425B-B29B-7E8CD1CFF019}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D07D238-BFD9-4ED7-9F34-4D2756F77CBF}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82A53890-FBFC-40BA-A6F8-63D30B562458}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BA2E1DC-9314-4DEA-A8C0-AC5D00EA2ADC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD716F9B-1C9B-4A43-B455-175FB7F87FF2}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5F4DF67-5F78-468B-8F31-50D50F0E5FB8}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E049450F-7DED-4CCD-95B3-D19AA321F7B5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6DED271-1C39-4072-801A-CE310DDE8E8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB97FB23-1082-4212-BB2D-2919CD505BDE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{814664B0-D93B-4DA6-9216-722C56179397}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Feven 1.5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : HKLM\Software\Uniblue
Schlüssel Gefunden : HKLM\Software\Uniblue\SpeedUpMyPC
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{38e9e285-5266-4fe2-b5b5-c14c29b0cd45}]
***** [ Browser ] *****
-\\ Internet Explorer v8.0.6001.19489
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=2ed44baf-02c5-4169-c59b-0baca96f2f09&searchtype=ds&q={searchTerms}&installDate=15/10/2013
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=2ed44baf-02c5-4169-c59b-0baca96f2f09&searchtype=hp&installDate=15/10/2013
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=2ed44baf-02c5-4169-c59b-0baca96f2f09&searchtype=ds&q={searchTerms}&installDate=15/10/2013
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=2ed44baf-02c5-4169-c59b-0baca96f2f09&searchtype=ds&q={searchTerms}&installDate=15/10/2013
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=2ed44baf-02c5-4169-c59b-0baca96f2f09&searchtype=ds&q={searchTerms}&installDate=15/10/2013
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=2ed44baf-02c5-4169-c59b-0baca96f2f09&searchtype=ds&q={searchTerms}&installDate=15/10/2013
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=2ed44baf-02c5-4169-c59b-0baca96f2f09&searchtype=ds&q={searchTerms}&installDate=15/10/2013
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Stephan Paetzke\AppData\Roaming\Mozilla\Firefox\Profiles\8gwfw24m.default\prefs.js ]
Zeile gefunden : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.InstallationThankYouPage", false);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.InstallationTime", 1379483028);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.active", true);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.addressbar", "NA");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.addressbarenhanced", "");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncdb_dbWasSet", true);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncdb_dbWasSet_FF25_FIX", true);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncinternaldb_dbWasSet", true);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncinternaldb_dbWasSet_FF25_FIX", true);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.backgroundver", 1);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.certdomaininstaller", "");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.changeprevious", false);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.Affiliate_settings.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.Affiliate_settings.value", "%22%7B%5C%22initUrl%5C%22%3A%5C%22hxxp%3A//api.jollywallet.com/[...]
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallationTime.value", "1379483028");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_aoi.value", "%221379517683%22");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_parent_zoneid.value", "%22345637%22");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_zoneid.value", "%22365846%22");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.geo.expiration", "Tue Dec 24 2013 22:17:40 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.geo.value", "%22DE%22");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.jw_token.value", "%22071319f7-f993-9c43-b18d-b07b5f1c5e97%22");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.key_list_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.key_list_id.value", "%2220120802-000%22");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.description", "Feven Shopping Companion");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.domain", "");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.enablesearch", false);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.homepage", "");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.iframe", false);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%224FEF33D44D0C43219843F231E8012[...]
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000272%22%2C%22sub_id%22%3A%220%2[...]
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%2297CA2CC27BB94CBABA37[...]
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_appVer.value", "77");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_lastVersion.value", "1");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_meta.value", "%7B%7D");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_nextCheck.expiration", "Sat Dec 21 2013 17:28:26 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_nextCheck.value", "true");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_queue.value", "%7B%7D");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb._country_code_.value", "%22DE%22");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%224FEF33D4[...]
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.monetization_plugin_last_executable_request.expiration", "Sat Dec 21 2013 23:35:20 GMT+[...]
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//m.xp1.ru4.com/activity[...]
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.lastDailyReport", "1387621677299");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.lastUpdate", "1387621706180");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.manifesturl", "");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.name", "Feven 1.5");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.newtab", "");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.opensearch", "");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/38532/plugins/093/ff/plugins.json");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.pluginsversion", 73);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.publisher", "Feven");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.searchstatus", 0);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.setnewtab", false);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.thankyou", "");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.updateinterval", 360);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.ver", 77);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.apps", "38532");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.bic", "1412f988b527724524498c967c509733");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.cid", 38532);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.firstrun", false);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.hadappinstalled", true);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.installationdate", 1379483028);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.modetype", "production");
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.reportInstall", true);
Zeile gefunden : user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.statsDailyCounter", 155);
Zeile gefunden : user_pref("extensions.crossrider.bic", "141a695047fcb0e318e9cefd7ad02007");
Zeile gefunden : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gefunden : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gefunden : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gefunden : user_pref("extensions.helperbar.Visibility", true);
Zeile gefunden : user_pref("extensions.helperbar.countryiso", "de");
Zeile gefunden : user_pref("extensions.helperbar.downloadprovider", "tuguucr");
Zeile gefunden : user_pref("extensions.helperbar.installationid", "2ed44baf-02c5-4169-c59b-0baca96f2f09");
Zeile gefunden : user_pref("extensions.helperbar.installdate", "15/10/2013");
Zeile gefunden : user_pref("extensions.helperbar.publisher", "tuguu");
Zeile gefunden : user_pref("extensions.iminent.admin", false);
Zeile gefunden : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gefunden : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gefunden : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gefunden : user_pref("extensions.iminent.cntry", "DE");
Zeile gefunden : user_pref("extensions.iminent.dfltLng", "");
Zeile gefunden : user_pref("extensions.iminent.excTlbr", false);
Zeile gefunden : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gefunden : user_pref("extensions.iminent.hdrMd5", "A4DC77FDBC5EEA8912B24A79AD7863D9");
Zeile gefunden : user_pref("extensions.iminent.id", "04d1f8e000000000000000245403404d");
Zeile gefunden : user_pref("extensions.iminent.instlDay", "15989");
Zeile gefunden : user_pref("extensions.iminent.instlRef", "");
Zeile gefunden : user_pref("extensions.iminent.lastVrsnTs", "1.8.25.010:04:43");
Zeile gefunden : user_pref("extensions.iminent.newTab", false);
Zeile gefunden : user_pref("extensions.iminent.prdct", "iminent");
Zeile gefunden : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gefunden : user_pref("extensions.iminent.rvrt", "false");
Zeile gefunden : user_pref("extensions.iminent.sg", "none");
Zeile gefunden : user_pref("extensions.iminent.smplGrp", "none");
Zeile gefunden : user_pref("extensions.iminent.tlbrId", "base");
Zeile gefunden : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://search.iminent.com/?ref=toolbarm#q=");
Zeile gefunden : user_pref("extensions.iminent.vrsn", "1.8.25.0");
Zeile gefunden : user_pref("extensions.iminent.vrsnTs", "1.8.25.010:04:43");
Zeile gefunden : user_pref("extensions.iminent.vrsni", "1.8.25.0");
Zeile gefunden : user_pref("iminent.LayoutId", "1");
Zeile gefunden : user_pref("iminent.ShowThankyouPixel", "0");
Zeile gefunden : user_pref("iminent.enabledAds", "false");
Zeile gefunden : user_pref("iminent.registerToolbarEvent102", "1381780432238");
Zeile gefunden : user_pref("iminent.registerToolbarEvent140", "1381780946118");
Zeile gefunden : user_pref("iminent.version", "7.41.2.1");
Zeile gefunden : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.41.2.1\",\"InstallEventCTime\":1381842411165}");
-\\ Google Chrome v31.0.1650.63
[ Datei : C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden : homepage
Gefunden : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [45458 octets] - [31/12/2013 18:26:04]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [45519 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Stephan Paetzke on 31.12.2013 at 18:36:06,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2236149280-2537161501-2249316146-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] "hkey_current_user\software\classes\typelib\{006ad7b2-968a-11de-88c9-5bde55d89593}"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
~~~ Files
Successfully deleted: [File] "C:\Users\Stephan Paetzke\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
Successfully deleted: [File] "C:\Users\Stephan Paetzke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
~~~ FireFox
Emptied folder: C:\Users\Stephan Paetzke\AppData\Roaming\mozilla\firefox\profiles\8gwfw24m.default\minidumps [342 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Stephan Paetzke\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Successfully deleted: [Folder] C:\Users\Stephan Paetzke\appdata\local\Google\Chrome\User Data\Default\Extensions\mbegnhpbhfjiaelealfpieodkembdgbj
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.12.2013 at 18:39:38,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-12-2013
Ran by Stephan Paetzke (administrator) on STEPHANPAETZ-PC on 31-12-2013 18:42:58
Running from C:\Users\Stephan Paetzke\Desktop\Reinigung Rechner
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Users\Stephan Paetzke\AppData\LocalLow\FileZilla\IE\FileZillaUpdater.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2008-12-24] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-05-20] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [PDFPrint] - C:\Program Files\PDF24\pdf24.exe [162856 2013-05-31] (Geek Software GmbH)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-28] (AVAST Software)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [EPSON Stylus SX200 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "C:\Windows\TEMP\E_S23E6.tmp" /EF "HKCU"
HKCU\...\Run: [EA Core] - "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKCU\...\Run: [MobileDocuments] - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
MountPoints2: F - F:\AutoRun.exe
MountPoints2: {3d48d1f8-6bc1-11e1-86c2-001e101f36d9} - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {4ebc0c00-dd9d-11de-882c-00245403404d} - G:\Autorun.exe
MountPoints2: {5db8485c-015a-11e1-811c-001e101f3315} - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {787cce54-f263-11e0-88ab-00245403404d} - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {787cce8a-f263-11e0-88ab-001e101f7f74} - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {8548a870-d46a-11e0-b143-00245403404d} - F:\AutoRun.exe
MountPoints2: {91030457-db75-11de-862f-00245403404d} - F:\UsbEnter.exe
MountPoints2: {979bec58-de43-11e0-b200-00245403404d} - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {aec694d4-26a1-11df-8d32-00245403404d} - H:\LaunchU3.exe -a
MountPoints2: {b81977a2-a865-11df-86ae-00245403404d} - F:\AutoRun.exe
MountPoints2: {b81977a3-a865-11df-86ae-00245403404d} - H:\AutoRun.exe
MountPoints2: {bad7046e-f812-11e0-8047-001e101f36d9} - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {ccc06b07-bfdd-11df-bf6a-00245403404d} - F:\AutoRun.exe
MountPoints2: {d339b6c8-2f1d-11e2-b457-806e6f6e6963} - E:\SETUP.EXE
MountPoints2: {d85ba0d7-591c-11df-bf0b-00245403404d} - F:\AutoRun.exe
MountPoints2: {d85ba13e-591c-11df-bf0b-00245403404d} - F:\AutoRun.exe
MountPoints2: {ea50a67c-11ee-11e1-bce8-001e101f36d9} - F:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {ec2e09d6-846a-11df-ba56-00245403404d} - F:\AutoRun.exe
MountPoints2: {ec2e09d8-846a-11df-ba56-00245403404d} - F:\AutoRun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {53AD1A49-7772-4BE0-A6A2-6B9EAABC0FDA} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKCU - {53AD1A49-7772-4BE0-A6A2-6B9EAABC0FDA} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: FileZilla - {7AAB1838-349A-4AAE-A039-8023951AF399} - C:\Users\Stephan Paetzke\AppData\LocalLow\FileZilla\IE\FileZilla.dll (Tim Kosse)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Stephan Paetzke\AppData\Roaming\Mozilla\Firefox\Profiles\8gwfw24m.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.16 - C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.16 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.16 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FileZilla - C:\Users\Stephan Paetzke\AppData\Roaming\Mozilla\Firefox\Profiles\8gwfw24m.default\Extensions\client@filezilla.org
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Stephan Paetzke\AppData\Roaming\Mozilla\Firefox\Profiles\8gwfw24m.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Search the web (Babylon)
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle Broadcaster Plugin) - C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (FileZilla) - C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gedcafmnbhjoenmgefkpiecngeheonjn\3.5.1_0
CHR Extension: (avast! Online Security) - C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.6_0
CHR Extension: (Skype Click to Call) - C:\Users\Stephan Paetzke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR HKLM\...\Chrome\Extension: [gedcafmnbhjoenmgefkpiecngeheonjn] - C:\Users\Stephan Paetzke\AppData\LocalLow\FileZilla\CHROME\FileZilla.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-27] (AVAST Software)
R2 FileZillaUpdater; C:\Users\Stephan Paetzke\AppData\LocalLow\FileZilla\IE\FileZillaUpdater.exe [18432 2011-09-30] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2008-11-25] ()
S3 SXDS10; C:\Program Files\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-11] (soft Xpansion)
R2 yksvc; C:\Windows\System32\ykx32mpcoinst.dll [282624 2009-01-30] (Marvell)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [35656 2013-10-27] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-10-27] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-10-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-10-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-11-19] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-10-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178304 2013-10-27] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2009-12-16] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-05-20] (AVG Technologies)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13904 2011-05-06] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2010-02-03] (LogMeIn, Inc.)
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2006-11-14] (SAMSUNG ELECTRONICS CO., LTD.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2009-12-16] ()
R1 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 ADDMEM; \??\C:\Users\STEPHA~1\AppData\Local\Temp\__Samsung_Update\ADDMEM.SYS [x]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [x]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 GtVUsb; system32\Drivers\GtVUsb.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-31 18:39 - 2013-12-31 18:39 - 00002232 _____ C:\Users\Stephan Paetzke\Desktop\JRT.txt
2013-12-31 18:25 - 2013-12-31 18:28 - 00000000 ____D C:\AdwCleaner
2013-12-31 16:41 - 2013-12-31 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-31 16:41 - 2013-12-31 17:16 - 00104664 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-31 16:41 - 2013-12-31 16:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 16:40 - 2013-12-31 17:16 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-31 16:35 - 2013-12-31 16:37 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Stephan Paetzke\Desktop\mbar-1.07.0.1008.exe
2013-12-30 22:20 - 2013-12-30 22:21 - 00678181 _____ C:\Users\Stephan Paetzke\Desktop\Gmer.zip
2013-12-30 22:11 - 2013-12-30 22:11 - 01110476 _____ C:\Users\Stephan Paetzke\Downloads\7z920.exe
2013-12-30 22:11 - 2013-12-30 22:11 - 00000000 ____D C:\Program Files\7-Zip
2013-12-29 23:14 - 2013-12-29 19:57 - 15206711 _____ C:\Gmer.txt
2013-12-29 23:13 - 2013-12-29 19:57 - 15206711 _____ C:\Users\Stephan Paetzke\Downloads\Gmer.txt
2013-12-29 18:25 - 2013-12-31 18:42 - 00000000 ____D C:\FRST
2013-12-29 18:18 - 2013-12-29 18:18 - 00000000 _____ C:\Users\Stephan Paetzke\defogger_reenable
2013-12-29 14:35 - 2013-12-31 18:42 - 00000000 ____D C:\Users\Stephan Paetzke\Desktop\Reinigung Rechner
2013-12-12 12:44 - 2013-12-12 12:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-11 09:44 - 2013-10-30 03:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-11 09:44 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 09:44 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 09:44 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 09:44 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 09:44 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 09:44 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 09:44 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-11 09:44 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 09:44 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 09:43 - 2013-10-25 09:25 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 09:43 - 2013-10-25 09:24 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 09:43 - 2013-10-25 09:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 09:43 - 2013-10-25 09:22 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 09:43 - 2013-10-25 09:20 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-12-11 09:43 - 2013-10-25 09:19 - 06018560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 09:43 - 2013-10-25 09:19 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 09:43 - 2013-10-25 09:19 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 09:43 - 2013-10-25 09:19 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 09:43 - 2013-10-25 09:18 - 11111936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 09:43 - 2013-10-25 09:18 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 09:43 - 2013-10-25 09:18 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 09:43 - 2013-10-25 09:18 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 09:43 - 2013-10-25 09:18 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 09:43 - 2013-10-25 09:18 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 09:43 - 2013-10-25 09:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 09:43 - 2013-10-25 09:18 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 09:43 - 2013-10-25 09:18 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 09:43 - 2013-10-25 09:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 09:43 - 2013-10-25 09:18 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 09:43 - 2013-10-25 09:16 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2013-12-11 09:43 - 2013-10-25 07:39 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 09:43 - 2013-10-25 05:55 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 09:43 - 2013-10-25 05:55 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 09:43 - 2013-10-25 05:53 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 09:43 - 2013-10-25 05:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-06 09:24 - 2013-12-14 09:33 - 00001879 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-12-06 09:24 - 2013-12-14 09:33 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-12-06 09:24 - 2013-12-06 09:24 - 00000000 ____D C:\ProgramData\McAfee Security Scan
==================== One Month Modified Files and Folders =======
2013-12-31 18:42 - 2013-12-29 18:25 - 00000000 ____D C:\FRST
2013-12-31 18:42 - 2013-12-29 14:35 - 00000000 ____D C:\Users\Stephan Paetzke\Desktop\Reinigung Rechner
2013-12-31 18:39 - 2013-12-31 18:39 - 00002232 _____ C:\Users\Stephan Paetzke\Desktop\JRT.txt
2013-12-31 18:36 - 2006-11-02 11:33 - 01716416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-31 18:33 - 2009-04-17 19:04 - 01983980 _____ C:\Windows\WindowsUpdate.log
2013-12-31 18:30 - 2011-08-14 12:30 - 00000444 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-31 18:29 - 2009-08-24 11:27 - 00000000 ____D C:\Users\Stephan Paetzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-12-31 18:29 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-31 18:29 - 2006-11-02 13:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-31 18:29 - 2006-11-02 13:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-31 18:28 - 2013-12-31 18:25 - 00000000 ____D C:\AdwCleaner
2013-12-31 18:28 - 2009-04-17 19:04 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-12-31 18:28 - 2006-11-02 14:01 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-31 17:36 - 2013-12-31 16:41 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-31 17:16 - 2013-12-31 16:41 - 00104664 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-31 17:16 - 2013-12-31 16:40 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-31 16:41 - 2013-12-31 16:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 16:37 - 2013-12-31 16:35 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Stephan Paetzke\Desktop\mbar-1.07.0.1008.exe
2013-12-30 22:21 - 2013-12-30 22:20 - 00678181 _____ C:\Users\Stephan Paetzke\Desktop\Gmer.zip
2013-12-30 22:11 - 2013-12-30 22:11 - 01110476 _____ C:\Users\Stephan Paetzke\Downloads\7z920.exe
2013-12-30 22:11 - 2013-12-30 22:11 - 00000000 ____D C:\Program Files\7-Zip
2013-12-29 19:57 - 2013-12-29 23:14 - 15206711 _____ C:\Gmer.txt
2013-12-29 19:57 - 2013-12-29 23:13 - 15206711 _____ C:\Users\Stephan Paetzke\Downloads\Gmer.txt
2013-12-29 18:18 - 2013-12-29 18:18 - 00000000 _____ C:\Users\Stephan Paetzke\defogger_reenable
2013-12-29 18:18 - 2010-04-19 23:00 - 00000000 ____D C:\Users\Stephan Paetzke
2013-12-27 10:44 - 2010-10-13 13:27 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-27 10:42 - 2009-04-17 03:18 - 00000000 ____D C:\Program Files\Google
2013-12-27 10:40 - 2010-10-13 13:27 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-14 09:33 - 2013-12-06 09:24 - 00001879 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-12-14 09:33 - 2013-12-06 09:24 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-12-13 09:52 - 2012-04-26 08:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-12 22:30 - 2006-11-02 13:47 - 00456952 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 22:29 - 2013-10-15 14:45 - 00032028 _____ C:\Windows\PFRO.log
2013-12-12 12:45 - 2013-12-12 12:44 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-12 11:58 - 2009-08-19 11:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 11:55 - 2013-10-06 12:15 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 11:49 - 2006-11-02 11:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-06 10:06 - 2012-09-12 13:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-06 09:52 - 2013-10-28 09:58 - 00000796 _____ C:\Windows\setupact.log
2013-12-06 09:24 - 2013-12-06 09:24 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-12-06 09:24 - 2012-09-12 13:07 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-06 09:24 - 2011-05-18 20:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-06 09:24 - 2009-04-17 03:25 - 00000000 ____D C:\ProgramData\McAfee
2013-12-06 09:23 - 2009-08-19 11:59 - 00000000 ____D C:\Users\Stephan Paetzke\AppData\Local\Adobe
Some content of TEMP:
====================
C:\Users\Stephan Paetzke\AppData\Local\Temp\BackupSetup.exe
C:\Users\Stephan Paetzke\AppData\Local\Temp\install_reader10_de_mssa_aaa_aih.exe
C:\Users\Stephan Paetzke\AppData\Local\Temp\Quarantine.exe
C:\Users\Stephan Paetzke\AppData\Local\Temp\setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-31 18:36
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-12-2013
Ran by Stephan Paetzke at 2013-12-31 18:54:37
Running from C:\Users\Stephan Paetzke\Desktop\Reinigung Rechner
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (Version: - Microsoft)
2007 Microsoft Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (Version: - )
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player (Version: 10.2.0.22 - Adobe Systems, Inc.)
Age of Empires III (Version: 1.00.0000 - Microsoft Game Studios)
Agere Systems HDA Modem (Version: - Agere Systems)
Any Video Converter 3.4.2 (Version: - Any-Video-Converter.com)
Apple Application Support (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Atheros WLAN Client (Version: 1.00.000 - )
ATI Catalyst Install Manager (Version: 3.0.728.0 - ATI Technologies, Inc.)
Auslogics Disk Defrag (Version: version 3.1 - Auslogics Software Pty Ltd)
AutoCAD 2010 - Deutsch (Version: 18.0.55.0 - Autodesk)
AutoCAD 2010 Language Pack - Deutsch (Version: 18.0.55.0 - Autodesk)
avast! Free Antivirus (Version: 9.0.2006 - Avast Software)
BatteryLifeExtender (Version: 1.0.0 - Samsung)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI)
Catalyst Control Center Core Implementation (Version: 2009.0520.1631.27815 - ATI)
Catalyst Control Center Graphics Full Existing (Version: 2009.0520.1631.27815 - ATI)
Catalyst Control Center Graphics Full New (Version: 2009.0520.1631.27815 - ATI)
Catalyst Control Center Graphics Light (Version: 2009.0520.1631.27815 - ATI)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0520.1631.27815 - ATI)
Catalyst Control Center InstallProxy (Version: 2009.0312.2223.38381 - ATI Technologies, Inc.)
Catalyst Control Center InstallProxy (Version: 2009.0520.1631.27815 - ATI Technologies, Inc.)
Catalyst Control Center Localization All (Version: 2009.0520.1631.27815 - ATI)
CCC Help Chinese Standard (Version: 2009.0520.1630.27815 - ATI)
CCC Help Chinese Traditional (Version: 2009.0520.1630.27815 - ATI)
CCC Help Czech (Version: 2009.0520.1630.27815 - ATI)
CCC Help Danish (Version: 2009.0520.1630.27815 - ATI)
CCC Help Dutch (Version: 2009.0520.1630.27815 - ATI)
CCC Help English (Version: 2009.0520.1630.27815 - ATI)
CCC Help Finnish (Version: 2009.0520.1630.27815 - ATI)
CCC Help French (Version: 2009.0520.1630.27815 - ATI)
CCC Help German (Version: 2009.0520.1630.27815 - ATI)
CCC Help Greek (Version: 2009.0520.1630.27815 - ATI)
CCC Help Hungarian (Version: 2009.0520.1630.27815 - ATI)
CCC Help Italian (Version: 2009.0520.1630.27815 - ATI)
CCC Help Japanese (Version: 2009.0520.1630.27815 - ATI)
CCC Help Korean (Version: 2009.0520.1630.27815 - ATI)
CCC Help Norwegian (Version: 2009.0520.1630.27815 - ATI)
CCC Help Polish (Version: 2009.0520.1630.27815 - ATI)
CCC Help Portuguese (Version: 2009.0520.1630.27815 - ATI)
CCC Help Russian (Version: 2009.0520.1630.27815 - ATI)
CCC Help Spanish (Version: 2009.0520.1630.27815 - ATI)
CCC Help Swedish (Version: 2009.0520.1630.27815 - ATI)
CCC Help Thai (Version: 2009.0520.1630.27815 - ATI)
CCC Help Turkish (Version: 2009.0520.1630.27815 - ATI)
ccc-core-static (Version: 2009.0520.1631.27815 - Ihr Firmenname)
ccc-utility (Version: 2009.0520.1631.27815 - ATI)
CCleaner (Version: 2.33 - Piriform)
CyberLink LabelPrint (Version: 2.20.3605 - CyberLink Corp.)
CyberLink Power2Go (Version: 6.0.2809 - CyberLink Corp.)
CyberLink PowerDirector (Version: 7.0.2426 - CyberLink Corp.)
CyberLink PowerDVD 8 (Version: 8.0.2815 - CyberLink Corp.)
CyberLink YouCam (Version: 2.0.2706 - CyberLink Corp.)
DarksidersInstaller (Version: 1.00.1000 - Ihr Firmenname)
Diablo II (Version: - Blizzard Entertainment)
Diablo III (Version: - Blizzard Entertainment)
EA Installer (Version: 2.3.0.74 - Electronic Arts, Inc.)
Easy Battery Manager (Version: 3.2.1.7 - Samsung)
Easy Display Manager (Version: 2.3 - Samsung Electronics Co., Ltd.)
Easy Network Manager (Version: 4.0.2 - Samsung)
Easy SpeedUp Manager (Version: 2.0.2.4 - )
EPSON Attach To Email (Version: 1.01.0000 - SEIKO EPSON)
EPSON Easy Photo Print (Version: 1.5.1.0 - SEIKO EPSON CORPORATION)
EPSON File Manager (Version: 1.3.1.0 - )
EPSON Scan (Version: - )
EPSON Scan Assistant (Version: 1.10.00 - )
EPSON Stylus SX200 Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
EPSON Stylus SX200_SX400_TX200_TX400 Handbuch (Version: - )
FARO LS 1.1.406.58 (Version: 4.6.58.2 - FARO Scanner Production)
Free Audio CD Burner version 1.2 (Version: - DVDVideoSoft Limited.)
FUSSBALL MANAGER 11 (Version: 1.0.0.2 - Electronic Arts)
Google Chrome (Version: 31.0.1650.63 - Google Inc.)
Google Drive (Version: 1.13.5782.599 - Google, Inc.)
Google Earth Plug-in (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (Version: - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.)
Hardlock Gerätetreiber (Version: - )
iCloud (Version: 1.1.0.40 - Apple Inc.)
imagine digital freedom - Samsung (Version: 1.0.2.2 - Samsung Electronics Co. Ltd.,)
Intel PROSet Wireless (Version: - )
Intel(R) PROSet/Wireless WiFi Software (Version: 12.01.2000 - Intel(R) Corporation)
Intel® Matrix Storage Manager (Version: - Intel Corporation)
iTunes (Version: 11.0.2.26 - Apple Inc.)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.)
Java(TM) 6 Update 30 (Version: 6.0.300 - Oracle)
Marvell Miniport Driver (Version: 10.67.5.3 - Marvell)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2003 Web Components (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00 - Microsoft Corporation)
Microsoft SQL Server Native Client (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
MobileMe Control Panel (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Origin (Version: 8.5.2.23 - Electronic Arts, Inc.)
PCTroubleshooting (Version: 2.0.0.4 - Samsung Electronics Co.,LTD.)
PDF24 Creator 5.5.1 (Version: - PDF24.org)
Play AVStation (Version: 4.1.20.51 - Ihr Firmenname)
PowerProducer (Version: 5.00.0000 - CyberLink Corp.)
QuickTime (Version: 7.71.80.42 - Apple Inc.)
Safari (Version: 5.34.51.22 - Apple Inc.)
Samsung Magic Doctor (Version: 5.0 - Samsung Electronics Co., LTD)
SAMSUNG Mobile Composite Device Software (Version: - )
Samsung Mobile phone USB driver Software (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (Version: - )
SAMSUNG Mobile USB Modem Software (Version: - )
Samsung PC Studio 3 (Version: 3.0.0.80405 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (Version: 3.2.2.80405 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution III (Version: 3.0.0.8 - Samsung)
Samsung Update Plus (Version: 2.0 - Samsung Electronics Co., LTD)
Skat-Online V9 (Version: - Skat.com, c/o Markus Riehl)
Skins (Version: 2009.0520.1631.27815 - ATI)
Skype Click to Call (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.3 (Version: 6.3.105 - Skype Technologies S.A.)
SpyHunter (Version: 4.15.1.4270 - Enigma Software Group USA, LLC)
TurtleBay (Version: - )
Ubisoft Game Launcher (Version: 1.0.0.0 - UBISOFT)
Uninstall 1.0.0.1 (Version: - )
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft)
Veetle TV 0.9.16 (Version: 0.9.16 - Veetle, Inc)
vShare.tv plugin 1.3 (Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
Warcraft III (Version: - )
WebEnhance (Version: - )
Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (Version: 02/23/2007 2.5.0.0 - MobileTop)
ZehnFinger5 5.21 (Version: - )
==================== Restore Points =========================
22-11-2013 21:21:12 Windows Update
26-11-2013 19:18:32 Windows Update
29-11-2013 21:20:50 Windows Update
03-12-2013 19:23:20 Windows Update
06-12-2013 20:34:47 Windows Update
11-12-2013 08:34:14 Windows Update
12-12-2013 10:44:08 Windows Update
17-12-2013 21:22:19 Windows Update
27-12-2013 09:33:51 Windows Update
31-12-2013 08:12:40 Windows Update
31-12-2013 16:05:58 Malwarebytes Anti-Rootkit Restore Point
==================== Hosts content: ==========================
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {4D961B17-5468-4232-9AA8-8C9171BFA16A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-10-27] (AVAST Software)
Task: {C5830F94-DCCF-40BF-B11E-8AB2643E1B62} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-13] (Google Inc.)
Task: {E8B8D8A3-74B6-4073-BFF0-CEA7A915DF20} - System32\Tasks\Microsoft\Windows\RestartManager\{D5D38467-E3F7-4fc6-BBA5-A600E7FA87CD} => C:\Windows\System32\RmClient.exe [2006-11-02] (Microsoft Corporation)
Task: {E9AA4D0D-3BC6-4DE9-B9EA-DA84459082C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-13] (Google Inc.)
Task: {ECF74493-CC76-4477-B8FD-29E0ECA8A66D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-06] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegistryDoktor.job => C:\Program Files\Registry_Doktor 4.1\RegistryDoktor.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{57F0F4C4-83C1-4964-BC15-2957701A55B4}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2013-12-31 16:23 - 2013-12-31 13:30 - 02152960 _____ () C:\Program Files\AVAST Software\Avast\defs\13123100\algo.dll
2008-12-24 11:29 - 2008-12-24 11:29 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2008-12-24 11:30 - 2008-12-24 11:30 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2013-10-27 14:01 - 2013-10-27 14:01 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-04-20 17:26 - 2010-04-20 17:26 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2009-02-12 13:32 - 2009-02-12 13:32 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-04-20 17:26 - 2010-04-20 17:26 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-12-12 12:44 - 2013-12-12 12:45 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Atheros AR5007EG Wireless Network Adapter
Description: Atheros AR5007EG Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (10/09/2011 01:13:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 35 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-12-31 18:54:31.898
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-31 18:54:31.180
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-31 18:54:30.463
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-31 18:54:29.745
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-31 18:54:29.027
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-31 18:54:28.310
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-31 18:54:27.592
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-31 18:54:26.890
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-31 18:43:21.359
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-31 18:43:20.657
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 3035.88 MB
Available physical RAM: 1825.32 MB
Total Pagefile: 6296.13 MB
Available Pagefile: 5182.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:142.09 GB) (Free:36.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:143 GB) (Free:28.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 47434762)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=142 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=143 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
Lesestoff:
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
AdwCleaner auf deinen Desktop.
FRST 32-Bit | FRST 64-Bit