Jasmin01 | 23.04.2014 08:34 | Avast durch Gruppenrichtlinie blockiert Hallo liebes-Trojaner-Board-Team,
ich wende mich an Euch, weil ich folgendes Problem feststellen musste und bitte Euch mir aus der verzwickten Lage zu helfen.
Mein Problem ist, das Avast nicht mehr funktioniert.
Erhaltene Fehlermeldung: Avast wird durch eine Gruppenrichtlinie blockiert, wenden Sie sich an den Systemadministrator. Zudem kam heute die Meldung, nach dem Hochfahren des Computers, Fehler in der mpjcgh.dat Datei.
Folgende Scans habe ich schon: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by Jasmin01 at 2014-04-23 09:15:41
Running from C:\Users\Jasmin01\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3007 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3502 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0517.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 7.0.1456.0 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP540 series Benutzerregistrierung (HKLM-x32\...\Canon MP540 series Benutzerregistrierung) (Version: - )
Canon MP540 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7709 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java(TM) 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KaRoMail V3.5 (HKLM-x32\...\{EEF1B144-E2BE-43D1-B912-B23582174D56}_is1) (Version: - Klaus Roosen)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6329 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
RoboForm 7-9-6-7 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-6-7 - Siber Systems)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 5.3 (HKLM-x32\...\{5335DADB-34BA-4AE8-A519-648D78498846}) (Version: 5.3.116 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
Ulead Photo Express 2.0 SE (HKLM-x32\...\Ulead Photo Express 2.0 SE) (Version: - )
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wisterer HX 4.2.32 (HKLM-x32\...\Wisterer HX_is1) (Version: - Michael Maier)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
28-03-2014 16:35:28 Windows Update
02-04-2014 06:32:44 Windows Update
05-04-2014 06:41:45 Windows Update
09-04-2014 06:11:16 Windows Update
09-04-2014 08:12:46 Windows Update
15-04-2014 05:23:22 Windows Update
18-04-2014 06:10:49 Windows Update
22-04-2014 05:24:57 Windows Update
22-04-2014 19:03:19 Windows Update
23-04-2014 05:15:18 Wiederherstellungsvorgang
23-04-2014 05:40:14 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {13FB08B0-7BE1-4560-B079-B726DD91416A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {1C6C52F0-9702-4479-9FDD-FE6C9ABFFE58} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)
Task: {21C3182B-3C91-4085-A772-8EA2E1701688} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {247F563B-754A-4B43-B866-BA95CEA50116} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15] (Google Inc.)
Task: {276BF61D-668E-4313-BA37-702F352555A9} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-12-18] (Adobe Systems Incorporated)
Task: {4EEE7FE9-F057-41FA-B018-6BB1EE8C56C5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-03] (AVAST Software)
Task: {5B741549-EA2C-4609-9319-F22430275479} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15] (Google Inc.)
Task: {AB7A6BC1-D631-40F7-AEB4-8822F6F04CD4} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-04-16] (Siber Systems)
Task: {C4630A3F-B5F1-4159-9F2B-8EF55530D99B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {E1805209-4DE2-4D14-9120-3F8BCB80506F} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJJLMIMGMKJOMMMKMCNMJOMMJIMCNLMIMLJLMCNGMKMOMJMCNJJKJMJJMMMMJLMNMOMPMNMOJJNJICMIMCNGMCNJMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMOMNMLJPMOMFMIMPMNMJNHICMEKMICNJJCKJNBJCMFLOJMICJGJBJPMOMJNKJCMJNNICMJNDJCMLJKJJNMJCMNMFMOMNMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {FF054DDE-873F-46EA-B359-042905BB2BCC} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-05-17 21:57 - 2008-01-22 10:35 - 00103808 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2009-01-22 01:45 - 2009-01-22 01:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2014-04-23 07:23 - 2014-04-22 20:32 - 02292224 _____ () C:\Program Files\AVAST Software\Avast\defs\14042201\algo.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-05-15 18:35 - 1996-05-03 22:05 - 00028672 _____ () C:\Windows\SysWow64\MsgHoo32.OCX
2012-05-15 18:35 - 2000-09-09 19:26 - 00048640 _____ () C:\Program Files (x86)\Wisterer HX\di_MD5dll.dll
2014-02-12 20:23 - 2014-02-12 20:23 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-07-25 04:42 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-05-20 11:13 - 2011-05-20 11:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-04-16 09:22 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-11 21:50 - 2014-03-11 21:50 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2014-03-18 20:27 - 2014-03-18 20:27 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-03-18 20:27 - 2014-03-18 20:27 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-03-18 20:27 - 2014-03-18 20:27 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/23/2014 08:50:52 AM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020)
Error: (04/23/2014 08:50:52 AM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020)
Error: (04/23/2014 08:50:52 AM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020)
Error: (04/23/2014 08:50:52 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020)
Error: (04/23/2014 08:49:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2014 07:51:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2014 07:21:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2014 07:05:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/22/2014 05:02:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/22/2014 07:17:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (04/23/2014 08:51:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/23/2014 08:51:00 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (04/23/2014 08:50:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/23/2014 08:50:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%32
Error: (04/23/2014 07:50:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "bProtector" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/23/2014 07:49:54 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (04/23/2014 07:41:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.173.291.0)
Error: (04/23/2014 07:24:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/23/2014 07:24:18 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Rapid Storage Technology erreicht.
Error: (04/23/2014 07:23:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (04/23/2014 08:50:52 AM) (Source: Windows Search Service)(User: )
Description:
Details:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020)
Error: (04/23/2014 08:50:52 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung
Details:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020)
Error: (04/23/2014 08:50:52 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020)
Error: (04/23/2014 08:50:52 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (HRESULT : 0x80070020) (0x80070020)
Search.TripoliIndexer
Error: (04/23/2014 08:49:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2014 07:51:25 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2014 07:21:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2014 07:05:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/22/2014 05:02:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/22/2014 07:17:25 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 4090.93 MB
Available physical RAM: 2427.15 MB
Total Pagefile: 8180.03 MB
Available Pagefile: 6326.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.66 GB) (Free:342.02 GB) NTFS
Drive d: (DVD_NEU) (CDROM) (Total:4.32 GB) (Free:0 GB) UDF
Drive g: () (Removable) (Total:0.93 GB) (Free:0.86 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5F61256A)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 953 MB) (Disk ID: 17118FED)
Partition 1: (Not Active) - (Size=952 MB) - (Type=06)
==================== End Of Log ============================
Außerdem habe ich schon malwarebytes laufen lassen und folgende Bedrohungen evakuiert: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 23.04.2014
Suchlauf-Zeit: 08:45:43
Logdatei: gefundViren.txt
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.04.23.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Jasmin01
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 267283
Verstrichene Zeit: 36 Min, 53 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 22
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [847c3ac6eb15e31d585390bdde24629e],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [847c3ac6eb15e31d585390bdde24629e],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}, , [ee128977728ea55b4c63ae9ff210de22],
PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DF84E609-C3A4-49CB-A160-61767DAF8899}, , [ee128977728ea55b4c63ae9ff210de22],
PUP.Optional.WebCake.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AF6B0594-6008-4327-93E5-608AD710A6FA}, , [04fcd62ae818d729dcd2cd8044be936d],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [f50b79870000ed13db16e964c73b40c0],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [53ad926e9769ac54b042d677e0227090],
PUP.Optional.MyScrapNook.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{23119123-0854-469D-807A-171568457991}, , [0ff1bb4524dc70902bd9aaa5ae5421df],
PUP.Optional.MyScrapNook.A, HKLM\SOFTWARE\CLASSES\TypeLib\{03119103-0854-469D-807A-171568457991}, , [50b0946c758bcb35d133b29d4db514ec],
PUP.Optional.LoadTubes, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\loadtbs-2.1, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [9f616b95986835cb2c3e1e64c83ad927],
PUP.Optional.BProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BPROTECTOR, , [946c5ba55ea2619fc213a1bc6f94dd23],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, , [2dd3fb0520e033cdc5b71c7b22e1b44c],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, , [21dfd52b1ee270904734d2c50300fe02],
PUP.Optional.Delta.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\delta LTD, , [25db67997b85c33ddc5c55447390a060],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, , [f907f50b4bb5af51f07bdda5bc4658a8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [49b702fe936d6e92ce694d5f42c155ab],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [b64afc04986813ed07af2c4f15edc23e],
PUP.Optional.Babylon.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , [41bf87795fa1956b166f9107f80bc040],
PUP.Optional.Conduit.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\FF, , [59a71fe136ca22deef3a4954966d4eb2],
PUP.Optional.ValueApps.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\ValueApps, , [53ad2dd3a35d8a768d5b0d74af53c63a],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [f20e04fc000048b8fe9e412ed32f5ea2],
Registrierungswerte: 3
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|VideoDownloadConverter_4z Browser Plugin Loader 64, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon64.exe, , [867ac93705fb17e96e8893dfd32fb44c]
PUP.Optional.BProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BPROTECTOR|ImagePath, C:\ProgramData\bProtector\bProtect.exe, , [946c5ba55ea2619fc213a1bc6f94dd23]
Trojan.Agent.RNSGen, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mpjcqh, regsvr32.exe "C:\ProgramData\mpjcqh.dat", , [d729cf31dd23c040e562b0f59d6651af]
Registrierungsdaten: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-3936831355-266564009-11773359-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?ctid=CT3322611&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP7E365815-C91A-4A45-8AA8-6F81A31C220A&SSPV=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.conduit.com/?ctid=CT3322611&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP7E365815-C91A-4A45-8AA8-6F81A31C220A&SSPV=),,[926ec0409070dc248fd4b17127ddb44c]
Ordner: 7
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\html, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\ct2319825, , [bd43a65ace323ac69279d78ae41e8b75],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\ct2319825\xpi, , [bd43a65ace323ac69279d78ae41e8b75],
PUP.Optional.ValueApps.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\valueApps, , [59a7629e966a3fc104c5a5c139c9659b],
PUP.Optional.ValueApps.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\valueApps\CT2319825, , [59a7629e966a3fc104c5a5c139c9659b],
PUP.Optional.MindSpark.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\VideoDownloadConverter_4z, , [e719e11ff60a8c74515097d3e220837d],
Dateien: 101
Trojan.Ransom.Gend, C:\ProgramData\dwffaec.dat, , [b24e14ec39c717e9fc67a66016eb3fc1],
PUP.BProtector, C:\Windows\SysWOW64\protector.dll, , [3dc3b54b0ff1e31d5e2717b8837eb54b],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\SPSetup.exe, , [0ef241bf07f942be029a70a9a45dee12],
PUP.LoadTubes, C:\Users\Jasmin01\AppData\Local\Temp\ltbs.zip, , [7d831ae68c74fa06b0c7425eaf5108f8],
PUP.Optional.SearchProtect.A, C:\Users\Jasmin01\AppData\Local\Temp\nsx4D0E.exe, , [1ae69d63c23eaa56d3da2afae71a669a],
PUP.Optional.SearchProtect.A, C:\Users\Jasmin01\AppData\Local\Temp\nshB18E.exe, , [f60a40c0768a649c1e8f82a29d6444bc],
PUP.Optional.SearchProtect.A, C:\Users\Jasmin01\AppData\Local\Temp\nsaAC20.exe, , [748c48b8fe02c33d6a4353d1ab56a060],
PUP.Optional.SearchProtect.A, C:\Users\Jasmin01\AppData\Local\Temp\nsc4984.exe, , [24dc32ceb7493dc3e0cdf52f58a91fe1],
PUP.Optional.SearchProtect.A, C:\Users\Jasmin01\AppData\Local\Temp\nsc5124.exe, , [1de32dd3837d16ea78352ff558a9f709],
PUP.Optional.SearchProtect.A, C:\Users\Jasmin01\AppData\Local\Temp\nscA849.exe, , [718f12ee5aa63cc40aa35cc8b64b926e],
PUP.LoadTubes, C:\Users\Jasmin01\AppData\Local\Temp\LoadTubes_Silent.zip, , [a759c33dc937b34d4730acf4d927d22e],
PUP.Optional.OptimizePro.A, C:\Users\Jasmin01\AppData\Local\Temp\OptimizerPro_new.zip, , [7a8650b058a86e92cd5e021c7b8541bf],
PUP.LoadTubes, C:\Users\Jasmin01\AppData\Local\Temp\winload_ltbs_20120803.zip, , [27d9da268b75a060bbbcf9a78d73e917],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\conduitinstaller.exe, , [916fce32e9170bf5310a49c5897835cb],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\conduitinstaller_econa.exe, , [669a2ad660a041bfbf7cde3017ea9a66],
PUP.Optional.SearchProtect.A, C:\Users\Jasmin01\AppData\Local\Temp\nsmAD1A.exe, , [f50ba25e16eaef110ca1e83c877a43bd],
PUP.Optional.BabSolution.A, C:\Users\Jasmin01\AppData\Local\Temp\E763A4EF-BAB0-7891-87EE-E861E7A9920D\Latest\BUSolution.dll, , [11efec14a759f60a604f6a9d936e6e92],
PUP.Optional.Babylon.A, C:\Users\Jasmin01\AppData\Local\Temp\E763A4EF-BAB0-7891-87EE-E861E7A9920D\Latest\CrxInstaller.dll, , [29d7956bd22ea759da89f2221ae759a7],
PUP.Optional.Babylon.A, C:\Users\Jasmin01\AppData\Local\Temp\E763A4EF-BAB0-7891-87EE-E861E7A9920D\Latest\MntrDLLInstall.dll, , [11ef02fe7f810ef297cd57bd0df4a759],
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Local\Temp\E763A4EF-BAB0-7891-87EE-E861E7A9920D\Latest\MyDeltaTB.exe, , [2ed2c63ad12f0ff1d62db4b7827f18e8],
PUP.Optional.Babylon.A, C:\Users\Jasmin01\AppData\Local\Temp\E763A4EF-BAB0-7891-87EE-E861E7A9920D\Latest\Setup.exe, , [827e916fea1642beee32839b9c64a35d],
PUP.Optional.BabylonToolBar.A, C:\Users\Jasmin01\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe, , [699734ccce32d42ca3334ac89968619f],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\bbf00f9d4bb6a2e678589c351ef6619c\conduitinstaller.exe, , [9b65eb15709046ba1a2129e5d32eed13],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\bbf00f9d4bb6a2e678589c351ef6619c_\conduitinstaller_econa.exe, , [e91717e94ab61fe170cb57b754ad956b],
PUP.LoadTubes, C:\Users\Jasmin01\AppData\Local\Temp\ltsilentio\npm.dll, , [f907788849b7738d482f98080cf43fc1],
PUP.LoadTubes, C:\Users\Jasmin01\AppData\Local\Temp\ltsilentio\ytdl.exe, , [27d96f91db2598684334c2dec04021df],
PUP.LoadTubes, C:\Users\Jasmin01\AppData\Local\Temp\1a3d9b37655eeb2f9bea641ce230178f\data\npm.dll, , [738d08f8de22c9371661e6ba29d705fb],
PUP.LoadTubes, C:\Users\Jasmin01\AppData\Local\Temp\1a3d9b37655eeb2f9bea641ce230178f\data\tb.dll, , [a759f20e5ca446baa6adae5b3ac630d0],
PUP.LoadTubes, C:\Users\Jasmin01\AppData\Local\Temp\1a3d9b37655eeb2f9bea641ce230178f\data\ytdl.exe, , [b24e9d6336cac9372d4a2e72a0602ad6],
PUP.Optional.BabylonToolBar.A, C:\Users\Jasmin01\AppData\Local\Temp\265A17BC-BAB0-7891-A0C1-75A0F1F7DE8E\MyBabylonTB.exe, , [fd033ec231cf16ea1fb7c052798819e7],
PUP.Optional.OptimizePro.A, C:\Users\Jasmin01\AppData\Local\Temp\2bc7f693c2d13e046771d4aac84aa3fd\OptimizerPro.exe, , [11ef2fd119e7e719fc2fc559fd038779],
PUP.Optional.OptimizePro.A, C:\Users\Jasmin01\AppData\Local\Temp\2bc7f693c2d13e046771d4aac84aa3fd_\OptimizerPro.exe, , [2ed2fe029e62758baf7c42dc1ee234cc],
PUP.Optional.OptimizePro.A, C:\Users\Jasmin01\AppData\Local\Temp\1606e1353324abdcd295dfd1d5956201\OptimizerPro.exe, , [956b58a85ba56e9287a49e809070de22],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\nsc1395\SpSetup.exe, , [e02048b8d8285ca45c409683e61be61a],
PUP.Optional.SmartBar, C:\Users\Jasmin01\AppData\Local\Temp\msgpl_a0dd.tmp\LinkuryInstaller.msi, , [13ed7b85a15f16ea61b247e7f50b52ae],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\ct2319825\ffLogic.exe, , [ea16c63afc04dd2318c09c7b04fd6d93],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\ct2319825\ieLogic.exe, , [1ce49c64ca3638c8d4047c9bb54c5da3],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\ct2319825\statisticsStub.exe, , [33cd35cbc63a53ad421b8a78877a14ec],
PUP.LyricsAd, C:\Users\Jasmin01\AppData\Local\Temp\nsqABA0.tmp\HappyLyrics_0506-bf58c4f0.exe, , [19e79d63df2135cbead19e5dff01e917],
PUP.Optional.CrossRider, C:\Users\Jasmin01\AppData\Local\Temp\nsqABA0.tmp\hdplus_2905_DE-ea5d235e.exe, , [1ee2be4205fbbf41acd29b8289787d83],
PUP.Optional.WebCake.A, C:\Users\Jasmin01\AppData\Local\Temp\nsqABA0.tmp\webcake_2205-a3f0f0d9.exe, , [d42c26da718fad53c565f31055ac32ce],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsjDD6A.exe, , [24dc45bb6f91cb35c8e5cb59c43d4fb1],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nso3BBE.exe, , [05fb4bb5cb35b14f5459b1736a9719e7],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsp2EE4.exe, , [0cf4f20efa06c23e931a051fb54c49b7],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nst3C2B.exe, , [c23e52ae6c9458a88d20c95b837e17e9],
Adware.InstallBrain, C:\Users\Jasmin01\Downloads\77ZipSetup.exe, , [13ede31dc53b4cb4938740c31be652ae],
Trojan.FakeAlert, C:\Users\Jasmin01\Downloads\DecryptHelper-0.5.3 (1).exe, , [0ff1ad538e724bb5c4d5a5ae49b726da],
PUP.Optional.Solimba.mr, C:\Users\Jasmin01\Downloads\RoboForm.exe, , [0cf4966a7789619fdd1161a8f011738d],
PUP.Optional.OpenCandy, C:\Users\Jasmin01\Downloads\ShapeCollage-2.5.3-Setup.exe, , [b34d867aa35d619f79e9212e06fe3ac6],
PUP.Optional.Softonic.A, C:\Users\Jasmin01\Downloads\SoftonicDownloader_fuer_java-runtime-environment.exe, , [27d978886a96ef1107589e7d25dcfa06],
PUP.Optional.Softonic.A, C:\Users\Jasmin01\Downloads\SoftonicDownloader_fuer_photoscape.exe, , [a65af907c937a858a4bbef2c12efec14],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\DownloadGuide\SPIdentifier.exe, , [c63aad53b34d3dc399136b9c758c3ac6],
Adware.Linkular, C:\Users\Jasmin01\AppData\Local\DownloadGuide\Offers\Lollipop.exe, , [26da48b8b64a18e8d1561e33f60e12ee],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\DownloadGuide\Offers\sp-downloader.exe, , [7987de221be598683f991106c23fd828],
PUP.Optional.Iminent.A, C:\Users\Jasmin01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, , [b64a2bd5f709c739e0213b364db5d12f],
PUP.Blabbers, C:\Users\Jasmin01\AppData\Local\Temp\blabbers-ff-le.xpi, , [9a66d82852aecc3402b98bfe36ccf20e],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\keyHash.txt, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\config.txt, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\domHash.txt, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\evHash.txt, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\uninstall.exe, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\updateHash.txt, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\html\dimensions.ini, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\html\install.html, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\html\uninstall.html, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.LoadTubes, C:\Users\Jasmin01\AppData\Roaming\loadtbs\html\uninstallComplete.html, , [49b7d030b848ee12513dabbf887beb15],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\ct2319825\conduit.xml, , [bd43a65ace323ac69279d78ae41e8b75],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\ct2319825\CT2319825.xpi, , [bd43a65ace323ac69279d78ae41e8b75],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\ct2319825\version.txt, , [bd43a65ace323ac69279d78ae41e8b75],
PUP.Optional.Conduit.A, C:\Users\Jasmin01\AppData\Local\Temp\ct2319825\xpi\install.rdf, , [bd43a65ace323ac69279d78ae41e8b75],
PUP.Optional.ValueApps.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\valueApps\CT2319825\mam_gk_appsConfig.txt, , [59a7629e966a3fc104c5a5c139c9659b],
PUP.Optional.ValueApps.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\valueApps\CT2319825\mam_gk_eventsCache.txt, , [59a7629e966a3fc104c5a5c139c9659b],
PUP.Optional.ValueApps.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\valueApps\CT2319825\mam_gk_localization.txt, , [59a7629e966a3fc104c5a5c139c9659b],
PUP.Optional.ValueApps.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\valueApps\CT2319825\mam_gk_settings1.11.4.2.txt, , [59a7629e966a3fc104c5a5c139c9659b],
PUP.Optional.ValueApps.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\valueApps\CT2319825\mam_gk_settings1.11.5.1.txt, , [59a7629e966a3fc104c5a5c139c9659b],
PUP.Optional.ValueApps.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\valueApps\CT2319825\mam_gk_settings1.12.0.5.txt, , [59a7629e966a3fc104c5a5c139c9659b],
PUP.Optional.ValueApps.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\valueApps\CT2319825\mam_gk_settings1.13.0.17.txt, , [59a7629e966a3fc104c5a5c139c9659b],
PUP.Optional.ValueApps.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\valueApps\CT2319825\response_cache.txt, , [59a7629e966a3fc104c5a5c139c9659b],
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.admin", false);), ,[c63a58a852aef30de83967f030d4c33d]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.aflt", "babsst");), ,[05fb3ec247b9827e7da494c3a65ec937]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");), ,[e51b10f021df47b93ee35afd8381e31d]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.autoRvrt", "false");), ,[46bac53b738d4fb17ca562f5689c9d63]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.dfltLng", "de");), ,[f709dc24f808fe020d144f0884802bd5]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.excTlbr", false);), ,[50b046ba34cc5ea234ed2631ef15966a]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.ffxUnstlRst", true);), ,[7a8658a8c53ba55b71b0e96ece3614ec]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.id", "b40b007100000000000000262d569880");), ,[23dd38c84db39f611b068fc8857f9b65]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlDay", "15942");), ,[5fa127d951af39c7c35ec1960cf88878]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlRef", "sst");), ,[31cf70904fb1e31d46dbd87f798b04fc]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.newTab", false);), ,[748c33cda95751afdd448ccb749029d7]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prdct", "delta");), ,[14ecab55b05037c94bd64c0b679d7789]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prtnrId", "delta");), ,[f709f709768a20e065bcacab72926e92]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.rvrt", "false");), ,[57a927d92fd16b952df4c1968a7a9769]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.smplGrp", "none");), ,[08f834ccca3626da5fc2094eb54f34cc]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrId", "base");), ,[a25e946cb54b817fd54cc09726ded62a]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrSrchUrl", "");), ,[6e92ba467c846c94d24f0750749009f7]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsn", "1.8.24.6");), ,[f80850b02bd53fc19e831146ba4ae21e]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsnTs", "1.8.24.68:22:51");), ,[da26fb05b54b43bdf42d4314788cc13f]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsni", "1.8.24.6");), ,[6c9427d9f010857b35ec193e6a9a9c64]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.babExt", "");), ,[ad53d22eb24e9c64d849d7807b8943bd]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.babTrack", "affID=119557&tsp=4985");), ,[f60afd03c43cb94766bb411660a4fd03]
PUP.Optional.Delta.A, C:\Users\Jasmin01\AppData\Roaming\Mozilla\Firefox\Profiles\9jkrs2m8.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.srcExt", "ss");), ,[24dce71920e0817f8d9462f5699b32ce]
Physische Sektoren: 0
(No malicious items detected)
(end) Ich hoffe, ich habe soweit alles richtig gemacht und nichts vergessen.
Liebe Grüße und vielen Dank im Voraus für die Hilfe.
Jasmin01 |