| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Werbung ohne Ende..Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
02.01.2014, 02:11
| #1 |
 |  Werbung ohne Ende.. Guten Tag, seit heute ist mir aufgefallen, dass ich trotz AdBlockmassenhaft Werbung in Firefox bekomme.. ich hatte dann einen Durchlauf mit Malewarebytes gemacht 7 Ergebnisse,alle gelöscht. Werbung blieb. Dann Spybot durchlaufen lassen 191infizierte Objekte !!! alle gelöscht, nun bin ich mir aber nicht sicher obes das schon war.. Dabei waren aufjedenfall FakePorn.winlock etc, im anhang der Lock... Wäre sehr froh, wenn mir geholfen wird. MFG |
|
02.01.2014, 08:29
| #2 |
| /// the machine /// TB-Ausbilder    | Werbung ohne Ende.. Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
03.01.2014, 09:44
| #3 |
| | Werbung ohne Ende..Code:
ATTFilter Search results from Spybot - Search & Destroy
02.01.2014 01:44:06
Scan took 01:12:47.
197 items found.
Barowwsoe2Save: [SBI $ACCD80B7] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Barowwsoe2Save: [SBI $ACCD80B7] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Barowwsoe2Save: [SBI $092123B5] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Barowwsoe2Save: [SBI $092123B5] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Barowwsoe2Save: [SBI $284E9FC1] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Barowwsoe2Save: [SBI $284E9FC1] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Barowwsoe2Save: [SBI $EBFF04E2] Executable (File, nothing done)
C:\ProgramData\InstallMate\{09F3AE8E-87F4-4D2A-AFC1-CFD6D2108C78}\Setup.exe
Properties.size=15968
Properties.md5=98B03BEF5A2808C5EFA2A0D2430144DE
Properties.filedate=1360019977
Properties.filedatetext=2013-02-05 00:19:36
Barowwsoe2Save: [SBI $F0D49796] Program directory (Directory, nothing done)
C:\ProgramData\InstallMate\{38CE977E-C852-4EE3-AC08-8070E32DB588}\
Directory.subfile=C:\ProgramData\InstallMate\{38CE977E-C852-4EE3-AC08-8070E32DB588}\20130408232024.log
Directory.subfile.size=282077
Directory.subfile.md5=7FCFA5E954CC64F14DFCD755A4006C34
Directory.subfile.filedate=1365456040
Directory.subfile.filedatetext=2013-04-08 22:20:40
Directory.subfile=C:\ProgramData\InstallMate\{38CE977E-C852-4EE3-AC08-8070E32DB588}\Readme.txt
Directory.subfile.size=1854
Directory.subfile.md5=B846D99A841254958E9A7A6EF6761F63
Directory.subfile.filedate=1358351340
Directory.subfile.filedatetext=2013-01-16 16:48:59
Directory.subfile=C:\ProgramData\InstallMate\{38CE977E-C852-4EE3-AC08-8070E32DB588}\Setup.dat
Directory.subfile.size=504373
Directory.subfile.md5=58CCAF0D09C623140645EF581D5FB469
Directory.subfile.filedate=1365456040
Directory.subfile.filedatetext=2013-04-08 22:20:40
Directory.subfile=C:\ProgramData\InstallMate\{38CE977E-C852-4EE3-AC08-8070E32DB588}\Setup.exe
Directory.subfile.size=15528
Directory.subfile.md5=DF81BE0582A7F860EEFFDB0A86DEDF73
Directory.subfile.filedate=1354237755
Directory.subfile.filedatetext=2012-11-30 02:09:14
Directory.subfile=C:\ProgramData\InstallMate\{38CE977E-C852-4EE3-AC08-8070E32DB588}\Setup.ico
Directory.subfile.size=4846
Directory.subfile.md5=C3926CEF276C0940DADBC8142153CEC9
Directory.subfile.filedate=1344477418
Directory.subfile.filedatetext=2012-08-09 02:56:57
Directory.subfile=C:\ProgramData\InstallMate\{38CE977E-C852-4EE3-AC08-8070E32DB588}\TsuDll.dll
Directory.subfile.size=273576
Directory.subfile.md5=D1DDD2BED23DD1E6A70855F5F7BA3E7B
Directory.subfile.filedate=1354237782
Directory.subfile.filedatetext=2012-11-30 02:09:42
Directory.subfile=C:\ProgramData\InstallMate\{38CE977E-C852-4EE3-AC08-8070E32DB588}\_Setup.dll
Directory.subfile.size=227840
Directory.subfile.md5=27331DF658C661FEDF7F98404A45CAAF
Directory.subfile.filedate=1358351340
Directory.subfile.filedatetext=2013-01-16 16:48:59
Directory.subfile=C:\ProgramData\InstallMate\{38CE977E-C852-4EE3-AC08-8070E32DB588}\_Setupx.dll
Directory.subfile.size=54272
Directory.subfile.md5=CE3B67E5923E1BC427E541B2A0A53CB4
Directory.subfile.filedate=1357740718
Directory.subfile.filedatetext=2013-01-09 15:11:57
SafeSaver.BHO: [SBI $75D1178A] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\SProtector
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\103.31.187.78\com.jeroenwijering.sol
Properties.size=54
Properties.md5=27D8343FFABB292E44F04F9CC9517E0B
Properties.filedate=1380469217
Properties.filedatetext=2013-09-29 16:40:16
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\162.218.94.33\com.jeroenwijering.sol
Properties.size=71
Properties.md5=E76B131B15B2ECCFC259C24BF341CE0B
Properties.filedate=1382890701
Properties.filedatetext=2013-10-27 17:18:21
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\37.221.163.251\com.jeroenwijering.sol
Properties.size=71
Properties.md5=4A32F28FD24D78152992EF0C808F5EE3
Properties.filedate=1384014021
Properties.filedatetext=2013-11-09 17:20:20
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\46.19.143.122\com.jeroenwijering.sol
Properties.size=54
Properties.md5=A8F62011FC105C9230224F5B092A060B
Properties.filedate=1375550465
Properties.filedatetext=2013-08-03 18:21:05
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\85.25.119.26\com.jeroenwijering.sol
Properties.size=71
Properties.md5=BC77D40C90FE6484A5947C26977E6114
Properties.filedate=1379176043
Properties.filedatetext=2013-09-14 17:27:22
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\85.25.198.227\com.jeroenwijering.sol
Properties.size=71
Properties.md5=A29AEF5446B9600EF233C5F9C895344E
Properties.filedate=1383400224
Properties.filedatetext=2013-11-02 14:50:24
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\95.141.47.237\com.jeroenwijering.sol
Properties.size=71
Properties.md5=B34A35FDE48E1B2DD01C04AF3629B8C7
Properties.filedate=1385501969
Properties.filedatetext=2013-11-26 22:39:28
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\97ff0e7e610f20512dbe-483e6ce63d68aeb3d05af6c054efb801.r29.cf1.rackcdn.com\com.jeroenwijering.sol
Properties.size=71
Properties.md5=3D7F5C84F7DCB089802B70D36065801F
Properties.filedate=1384011573
Properties.filedatetext=2013-11-09 16:39:33
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\admin.brightcove.com\analytics.sol
Properties.size=419
Properties.md5=D3E70541B6CACF3AC8324FB6CD15088F
Properties.filedate=1382065529
Properties.filedatetext=2013-10-18 04:05:29
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\ahmestatic.fuckandcdn.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=03AEFF3BEF29F09BEB3538EA9C493844
Properties.filedate=1387940008
Properties.filedatetext=2013-12-25 03:53:27
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\c1.lebenna.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=CA17D2568D3E7F814C635FB6D508A465
Properties.filedate=1385122239
Properties.filedatetext=2013-11-22 13:10:39
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\c2.lebenna.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=E71DEC9ADCBB06BF4DF8CD52892EA8F7
Properties.filedate=1388459946
Properties.filedatetext=2013-12-31 04:19:05
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cache.hdcastream.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=8C3C798A38E8A5BABA7C2F8EA88FE5F6
Properties.filedate=1374254366
Properties.filedatetext=2013-07-19 18:19:25
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cachinga.tape.tv\analytics.sol
Properties.size=419
Properties.md5=17807F47C65E2C4846DF9CD6BF20FCC2
Properties.filedate=1378073198
Properties.filedatetext=2013-09-01 23:06:38
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cachinga.tape.tv\OVPMetricsProvider.sol
Properties.size=64
Properties.md5=F7F532843D933160DAF7F94DA13C5DB5
Properties.filedate=1378073198
Properties.filedatetext=2013-09-01 23:06:38
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cdn.flashtalking.com\FT_cookie.sol
Properties.size=43
Properties.md5=5BD98BB813EEDA3C606E3671EE84AA76
Properties.filedate=1388458852
Properties.filedatetext=2013-12-31 04:00:52
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cdn.goodcast.org\com.jeroenwijering.sol
Properties.size=71
Properties.md5=AA87FF6F2AC16A6A9AE7877EA354448C
Properties.filedate=1381073661
Properties.filedatetext=2013-10-06 16:34:21
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cdn.nordeus.com\analytics.sol
Properties.size=452
Properties.md5=D2AF16EB32EFB2D18AD753E40A9BA3C5
Properties.filedate=1386292822
Properties.filedatetext=2013-12-06 02:20:22
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cdn.nordeus.com\TELanguageObject.sol
Properties.size=74
Properties.md5=C14D53D9FBF0B50B88C747B56142056A
Properties.filedate=1376160267
Properties.filedatetext=2013-08-10 19:44:27
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cdn.nordeus.com\TESharedObject.sol
Properties.size=274
Properties.md5=28E6B8D8159185DED3F0B6ECCE6571F8
Properties.filedate=1386292628
Properties.filedatetext=2013-12-06 02:17:08
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cdn1b.thumbnails.4tube.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=8B17D8890B64D29CCB947281A2645B49
Properties.filedate=1380404421
Properties.filedatetext=2013-09-28 22:40:20
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cdn1b.thumbnails.porntube.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=CDB778D05651E8B495A2D70AA287E01B
Properties.filedate=1385604893
Properties.filedatetext=2013-11-28 03:14:52
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\chatango.com\fixed_id.sol
Properties.size=54
Properties.md5=6EFA9D5E4F01FB8B1A796A2800DEDCE4
Properties.filedate=1374589072
Properties.filedatetext=2013-07-23 15:17:51
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\chatango.com\mini_login.sol
Properties.size=48
Properties.md5=24D469038E947632F5BA50468F0384C0
Properties.filedate=1374593341
Properties.filedatetext=2013-07-23 16:29:00
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\de-uim.cdn.videoplaza.tv\com.videoplaza.adplayer.sol
Properties.size=132
Properties.md5=035D8DF4B195DB893C2FBAB8AE505D08
Properties.filedate=1374968215
Properties.filedatetext=2013-07-28 00:36:54
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\de-uim.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
Properties.size=121
Properties.md5=E44DFAF00C80B31402C140DFA4A3638E
Properties.filedate=1386385139
Properties.filedatetext=2013-12-07 03:58:59
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\diz.yobt.tv\com.jeroenwijering.sol
Properties.size=54
Properties.md5=0C23108038F6354048E71C01FC6342D5
Properties.filedate=1387939674
Properties.filedatetext=2013-12-25 03:47:53
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\effectivemeasure.net\EM_APP.sol
Properties.size=100
Properties.md5=00A00E00CBF45D58A07921CFAE679EC5
Properties.filedate=1384902378
Properties.filedatetext=2013-11-20 00:06:17
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\files.leton.tv\com.longtailvideo.jwplayer.sol
Properties.size=55
Properties.md5=4A5621B8838D1E72DE9838582FC82B90
Properties.filedate=1383409002
Properties.filedatetext=2013-11-02 17:16:42
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\filo.hqstream.tv\com.longtailvideo.jwplayer.sol
Properties.size=65
Properties.md5=609B3E559E8BB0BB1AB8004753B66443
Properties.filedate=1387640003
Properties.filedatetext=2013-12-21 16:33:22
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\img.widgets.video.s-msn.com\AdModel.sol
Properties.size=180
Properties.md5=6F9FD2E93CCE89837CAFE732A690209A
Properties.filedate=1380116922
Properties.filedatetext=2013-09-25 14:48:42
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\img.widgets.video.s-msn.com\CountryCode.sol
Properties.size=112
Properties.md5=52DCEF9B35C14C9101E048A8650B0150
Properties.filedate=1380116802
Properties.filedatetext=2013-09-25 14:46:41
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\img.widgets.video.s-msn.com\PlaylistModel.sol
Properties.size=132
Properties.md5=4926FE3DFB8500372C216D758C47A052
Properties.filedate=1380116922
Properties.filedatetext=2013-09-25 14:48:42
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\img.widgets.video.s-msn.com\reportingSegment.sol
Properties.size=83
Properties.md5=080F3E63A1AE7F439EC2B1B98E4AB52B
Properties.filedate=1380116802
Properties.filedatetext=2013-09-25 14:46:42
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\is.myvideo.de\com.conviva.livePass.sol
Properties.size=228
Properties.md5=31FC728A858AA46F1804C6679D377B4A
Properties.filedate=1386022277
Properties.filedatetext=2013-12-02 23:11:17
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\is1.myvideo.de\com.conviva.livePass.sol
Properties.size=228
Properties.md5=A26900BE2A0E18048845E5882642F576
Properties.filedate=1388201376
Properties.filedatetext=2013-12-28 04:29:36
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\jjcast.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=090B08B7DC0F3838DFC4FA24D0C4E086
Properties.filedate=1376410585
Properties.filedatetext=2013-08-13 17:16:24
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\kiks.yandex.ru\fuid01.sol
Properties.size=188
Properties.md5=4BCC8CE6E8D82051EE6CD9CC3CEEAF76
Properties.filedate=1378307234
Properties.filedatetext=2013-09-04 16:07:14
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\liveview365.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=B7ACC8977515AB4AF287A733B25E9C3F
Properties.filedate=1379176298
Properties.filedatetext=2013-09-14 17:31:38
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\media.mtvnservices.com\com.conviva.livePass.sol
Properties.size=225
Properties.md5=B8700C63CE36FFA31F983210B33B5AAC
Properties.filedate=1381962450
Properties.filedatetext=2013-10-16 23:27:29
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\media.mtvnservices.com\com.mtvnservices.media.as3player.model.user.SavedPreferencesVO.sol
Properties.size=184
Properties.md5=D97594DC2F783873CE81AAAA3F989EED
Properties.filedate=1374870018
Properties.filedatetext=2013-07-26 21:20:18
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\media.mtvnservices.com\MetadataHistory.sol
Properties.size=4740
Properties.md5=EF926011D1D5E0EBEC01E637C19F85A5
Properties.filedate=1381963736
Properties.filedatetext=2013-10-16 23:48:56
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\media.mtvnservices.com\OVPMetricsProvider.sol
Properties.size=64
Properties.md5=9D2E335F3CA6E8E13F4396E5580426AE
Properties.filedate=1381963736
Properties.filedatetext=2013-10-16 23:48:56
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\media.mtvnservices.com\playerCounter.sol
Properties.size=297
Properties.md5=86328E61ECAB4C03364C7D1465974ED7
Properties.filedate=1381963423
Properties.filedatetext=2013-10-16 23:43:42
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\media.mtvnservices.com\userPrefs4.sol
Properties.size=335
Properties.md5=767BD4E60E765A6E80DE2437A31D9142
Properties.filedate=1381963736
Properties.filedatetext=2013-10-16 23:48:56
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\members.bet365.com\FCE.sol
Properties.size=87
Properties.md5=3837A73D9AD66FF003A2C5187D9C27AD
Properties.filedate=1381072559
Properties.filedatetext=2013-10-06 16:15:59
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\mochiads.com\com.mochiads.lock.sol
Properties.size=97
Properties.md5=FBDD9F097806528E9D91141762B494C2
Properties.filedate=1387757512
Properties.filedatetext=2013-12-23 01:11:51
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\mochiads.com\com.mochiads.sol
Properties.size=1212
Properties.md5=6F9B3F95DA9F015C97E58F6DEC61A4E7
Properties.filedate=1387757517
Properties.filedatetext=2013-12-23 01:11:56
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\mpsnare.iesnare.com\stm.sol
Properties.size=79
Properties.md5=B47E650BD806E68774010F0370DD0E94
Properties.filedate=1376247647
Properties.filedatetext=2013-08-11 20:00:47
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\player.ooyala.com\auth.sol
Properties.size=47
Properties.md5=6A269EBEADA0462A67572322FAFE2C52
Properties.filedate=1380485207
Properties.filedatetext=2013-09-29 21:06:46
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\player.ooyala.com\auth2.sol
Properties.size=132
Properties.md5=8E26184515F900E05D6E4466C9AAE767
Properties.filedate=1380485388
Properties.filedatetext=2013-09-29 21:09:48
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\player.ooyala.com\auth_id.sol
Properties.size=40
Properties.md5=4D8ABC885EBEA1988A6D0559C14C1E5A
Properties.filedate=1380485207
Properties.filedatetext=2013-09-29 21:06:47
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\player.ooyala.com\perf.sol
Properties.size=125
Properties.md5=2B2A419CD371F80F726A70C28DD65024
Properties.filedate=1380485307
Properties.filedatetext=2013-09-29 21:08:26
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\rutube.ru\analytics.sol
Properties.size=544
Properties.md5=3CDA8B2BAF666DB36AE2B5F92A6BC343
Properties.filedate=1376669346
Properties.filedatetext=2013-08-16 17:09:06
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\rutube.ru\rutube.cookies.sol
Properties.size=119
Properties.md5=494DAB392B8F8A41EA864CD8C77A7660
Properties.filedate=1376669095
Properties.filedatetext=2013-08-16 17:04:54
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\s-assets.tp-cdn.com\dealspot.sol
Properties.size=281
Properties.md5=98D725BBAEFF8DC02C77170595E6F7F7
Properties.filedate=1380063665
Properties.filedatetext=2013-09-25 00:01:04
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\s.ytimg.com\soundData.sol
Properties.size=49
Properties.md5=F2945B8419B125F71FC8FD7CDDB59948
Properties.filedate=1388513277
Properties.filedatetext=2013-12-31 19:07:56
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\s.ytimg.com\subtitlesModuleData.sol
Properties.size=385
Properties.md5=A64D2E066AE8BB5C10FB354524455F84
Properties.filedate=1387134104
Properties.filedatetext=2013-12-15 20:01:44
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\secure-a.vimeocdn.com\com.conviva.livePass.sol
Properties.size=226
Properties.md5=32968E09BF0B96702B7D0FD47A8F078B
Properties.filedate=1382361169
Properties.filedatetext=2013-10-21 14:12:48
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\secure-uk.imrworldwide.com\_ggCvar.sol
Properties.size=74
Properties.md5=0F452D552AC6FA35401EABC40FB4DDB4
Properties.filedate=1377354441
Properties.filedatetext=2013-08-24 15:27:21
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\secure-uk.imrworldwide.com\_ggCvar_temp.sol
Properties.size=79
Properties.md5=FACA7C4EBE57294E53B8C61798EA95A7
Properties.filedate=1377354441
Properties.filedatetext=2013-08-24 15:27:21
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\secure-uk.imrworldwide.com\_ggMCvar_1.sol
Properties.size=180
Properties.md5=6613B7562634A590BFF4EBB3EC763B34
Properties.filedate=1388433929
Properties.filedatetext=2013-12-30 21:05:28
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\secureinclude.ebaystatic.com\ebayLSO.sol
Properties.size=131
Properties.md5=CBD29D5B0A5B84F9DF1958CCDEB57584
Properties.filedate=1376252655
Properties.filedatetext=2013-08-11 21:24:14
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\secureinclude.ebaystatic.com\ebayT.sol
Properties.size=39
Properties.md5=B43F43445AA3414DDC22EC80FBB22871
Properties.filedate=1376252655
Properties.filedatetext=2013-08-11 21:24:15
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\static.castalba.tv\com.jeroenwijering.sol
Properties.size=71
Properties.md5=843D8B2E0BDD0A8A6BEB30FFC0885528
Properties.filedate=1379182834
Properties.filedatetext=2013-09-14 19:20:34
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\static.doyoo.net\looyu2.sol
Properties.size=152
Properties.md5=38F9E8F965B50684C37CCDD6739D5600
Properties.filedate=1382150769
Properties.filedatetext=2013-10-19 03:46:09
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\static.eplayer.performgroup.com\com.conviva.livePass.sol
Properties.size=225
Properties.md5=FCD28F5FD3F10B8EC51C55DABFC10C29
Properties.filedate=1388433749
Properties.filedatetext=2013-12-30 21:02:28
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\static1.4players.de\analytics.sol
Properties.size=419
Properties.md5=715C37B44761B48430F485B3C255606D
Properties.filedate=1380427674
Properties.filedatetext=2013-09-29 05:07:54
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\static1.dmcdn.net\com.dm.player.sol
Properties.size=244
Properties.md5=8BFF6D2EBDBD639FA433E89A6B8C4B1A
Properties.filedate=1383447249
Properties.filedatetext=2013-11-03 03:54:09
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\static2.sawlive.tv\com.jeroenwijering.sol
Properties.size=54
Properties.md5=F919CC25EB45353089D84C3481CEDC84
Properties.filedate=1380469752
Properties.filedatetext=2013-09-29 16:49:11
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\streamcloud.eu\com.jeroenwijering.sol
Properties.size=63
Properties.md5=33168B739E5CEB12B7D2A2CD057A86AD
Properties.filedate=1388373189
Properties.filedatetext=2013-12-30 04:13:09
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\sunstatic.fuckandcdn.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=1B874FE72DFE38A9C1D960CC75EFDF53
Properties.filedate=1386294502
Properties.filedatetext=2013-12-06 02:48:21
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\t01.pornoxo.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=A754DE6C531523055EFDF2178507CF02
Properties.filedate=1383246973
Properties.filedatetext=2013-10-31 20:16:12
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\thebestplayeronline.com\com.jeroenwijering.sol
Properties.size=71
Properties.md5=9EA9B5C861D0D160F0797FE9F3714B9C
Properties.filedate=1387311785
Properties.filedatetext=2013-12-17 21:23:04
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\up4free.com\com.jeroenwijering.sol
Properties.size=64
Properties.md5=068C6BEC515000A70EA3514131946E63
Properties.filedate=1384011428
Properties.filedatetext=2013-11-09 16:37:07
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\video1.hidemyass.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=B34535115233B5B72667597AC6ED2554
Properties.filedate=1378420510
Properties.filedatetext=2013-09-05 23:35:09
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\video3.hidemyass.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=F2FD0F13470433DD88499FC07055359E
Properties.filedate=1378420277
Properties.filedatetext=2013-09-05 23:31:16
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\vk.com\VkontaktePlayer.sol
Properties.size=54
Properties.md5=4C931C53AF72AD9275309F55428BF298
Properties.filedate=1380158819
Properties.filedatetext=2013-09-26 02:26:59
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\wds.liveall.tv\com.longtailvideo.jwplayer.sol
Properties.size=55
Properties.md5=3E32B09E3492C5BA32BF871057EF5404
Properties.filedate=1383407533
Properties.filedatetext=2013-11-02 16:52:12
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.dailymotion.com\com.dm.player.sol
Properties.size=220
Properties.md5=DE452A10DFDF827DAAF5BCAF6671740A
Properties.filedate=1383447195
Properties.filedatetext=2013-11-03 03:53:14
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.ecostream.tv\com.jeroenwijering.sol
Properties.size=54
Properties.md5=128482827EEB71E7830465CCBE165F2A
Properties.filedate=1378302022
Properties.filedatetext=2013-09-04 14:40:21
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.hsvtotal.de\AdobeDynamicStream.sol
Properties.size=63
Properties.md5=01FDF5814744A3851E6C664C368EB9D0
Properties.filedate=1382066858
Properties.filedatetext=2013-10-18 04:27:37
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.maniacworld.com\com.jeroenwijering.sol
Properties.size=53
Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
Properties.filedate=1381187413
Properties.filedatetext=2013-10-08 00:10:12
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.maxstream.in\com.jeroenwijering.sol
Properties.size=54
Properties.md5=2B0707BA740F43D2249F0AA268916599
Properties.filedate=1379176240
Properties.filedatetext=2013-09-14 17:30:39
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.mdr.de\AdobeDynamicStream.sol
Properties.size=63
Properties.md5=D6B896B87C6D8B092DE8762CD7C6A377
Properties.filedate=1375294773
Properties.filedatetext=2013-07-31 19:19:32
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.paypalobjects.com\paypalLSO.sol
Properties.size=111
Properties.md5=CE8B00F6CE544342FFCB4EE80481D9DF
Properties.filedate=1376249192
Properties.filedatetext=2013-08-11 20:26:31
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.paypalobjects.com\ppLsoTest.sol
Properties.size=48
Properties.md5=74EE4375686A2069414EEF13E7B62789
Properties.filedate=1376247312
Properties.filedatetext=2013-08-11 19:55:12
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.transfermarkt.tv\analytics.sol
Properties.size=487
Properties.md5=6772CE316944772A6BCE7B984D6EFA09
Properties.filedate=1386008199
Properties.filedatetext=2013-12-02 19:16:38
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.transfermarkt.tv\com.jeroenwijering.sol
Properties.size=57
Properties.md5=1E5CF673119D2F7AF2505766B2893B33
Properties.filedate=1386008070
Properties.filedatetext=2013-12-02 19:14:29
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.udemy.com\com.jeroenwijering.sol
Properties.size=61
Properties.md5=CADF0A52786CA8160C49D2EB7091019A
Properties.filedate=1385218630
Properties.filedatetext=2013-11-23 15:57:09
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.ukcast.tv\com.jeroenwijering.sol
Properties.size=54
Properties.md5=80A1949C5C375C12FDBF3722B6517F19
Properties.filedate=1380469722
Properties.filedatetext=2013-09-29 16:48:41
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.yycast.com\analytics.sol
Properties.size=454
Properties.md5=8F5A9EFB3D68C8B5798D8B149934FC56
Properties.filedate=1382801264
Properties.filedatetext=2013-10-26 16:27:44
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.yycast.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=0C4A61B8BD6CE1BF44C0A0AA08BD32FF
Properties.filedate=1382801264
Properties.filedatetext=2013-10-26 16:27:44
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www1.belboon.de\000016528.sol
Properties.size=122
Properties.md5=5B6A5CD2B1F6D50150855DBFD0B4EAC2
Properties.filedate=1386854651
Properties.filedatetext=2013-12-12 14:24:10
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\aa.online-metrix.net\fpc.swf\session.sol
Properties.size=76
Properties.md5=3B39809BDBF9FD437050BE2011A61404
Properties.filedate=1382211710
Properties.filedatetext=2013-10-19 20:41:49
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\animal-sex.ws\#kernelteam\preferences.sol
Properties.size=70
Properties.md5=E90566F37E09014F927E8E17A91E2122
Properties.filedate=1379890483
Properties.filedatetext=2013-09-22 23:54:43
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\animalmatingsexvideos.net\#kernelteam\preferences.sol
Properties.size=70
Properties.md5=86BA541A1DF996E6FEE216F17DFC1541
Properties.filedate=1388030592
Properties.filedatetext=2013-12-26 05:03:12
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\animalsextube.tv\#kernelteam\preferences.sol
Properties.size=70
Properties.md5=E90566F37E09014F927E8E17A91E2122
Properties.filedate=1380240984
Properties.filedatetext=2013-09-27 01:16:24
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\beastiality.tv\#kernelteam\preferences.sol
Properties.size=70
Properties.md5=86BA541A1DF996E6FEE216F17DFC1541
Properties.filedate=1388030350
Properties.filedatetext=2013-12-26 04:59:10
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\bestialitysexvideos.net\#kernelteam\preferences.sol
Properties.size=70
Properties.md5=86BA541A1DF996E6FEE216F17DFC1541
Properties.filedate=1388030974
Properties.filedatetext=2013-12-26 05:09:33
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\f2.spielen.es\sports-heads-football-championship.swf\kChampSportsHeadsSoccer4.sol
Properties.size=1061
Properties.md5=551C6A2A7BD8C141D9BB3CA4AED21B30
Properties.filedate=1387571531
Properties.filedatetext=2013-12-20 21:32:11
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\fakeagent.org\#kernelteam\preferences.sol
Properties.size=91
Properties.md5=AEBA6863D64AB1F305E68C31716A6A45
Properties.filedate=1380403452
Properties.filedatetext=2013-09-28 22:24:11
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\fakeagentuk1.com\#kernelteam\preferences.sol
Properties.size=91
Properties.md5=AEBA6863D64AB1F305E68C31716A6A45
Properties.filedate=1380403734
Properties.filedatetext=2013-09-28 22:28:54
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\mailing.firefoxplugin.info\video.swf\1194748_2_fr.sol
Properties.size=1303
Properties.md5=79FFD7BF8C06262E41515F1DDBE4E872
Properties.filedate=1374598803
Properties.filedatetext=2013-07-23 18:00:02
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\maps-4-u.com\lso.swf\e.sol
Properties.size=44
Properties.md5=E1FC9125F1C35FBA888C50AB235527C7
Properties.filedate=1374688423
Properties.filedatetext=2013-07-24 18:53:43
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\onlyanimalporn.com\#kernelteam\preferences.sol
Properties.size=70
Properties.md5=E90566F37E09014F927E8E17A91E2122
Properties.filedate=1380240568
Properties.filedatetext=2013-09-27 01:09:27
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\shockingtube.org\#kernelteam\preferences.sol
Properties.size=91
Properties.md5=5CBE770B3D654C7A157BB60DB23B33D4
Properties.filedate=1385605004
Properties.filedatetext=2013-11-28 03:16:44
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\skype.com\#ui\preferences.sol
Properties.size=219
Properties.md5=97C7D2C221ECB6A3A1C34D9E09AAF004
Properties.filedate=1384813320
Properties.filedatetext=2013-11-18 23:22:00
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\static.putlocker.com\video_player.swf\org.flowplayer.sol
Properties.size=60
Properties.md5=180B425B659ECE264684E4F035E572BF
Properties.filedate=1386383198
Properties.filedatetext=2013-12-07 03:26:37
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.bizarreanimalsex.net\#kernelteam\preferences.sol
Properties.size=70
Properties.md5=86BA541A1DF996E6FEE216F17DFC1541
Properties.filedate=1388031103
Properties.filedatetext=2013-12-26 05:11:43
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.bravotube.net\#kernelteam\preferences.sol
Properties.size=70
Properties.md5=86BA541A1DF996E6FEE216F17DFC1541
Properties.filedate=1383246509
Properties.filedatetext=2013-10-31 20:08:28
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\yourlust.com\#kernelteam\preferences.sol
Properties.size=70
Properties.md5=E90566F37E09014F927E8E17A91E2122
Properties.filedate=1387939437
Properties.filedatetext=2013-12-25 03:43:56
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\boilix.net\game\Boilix.swf\Settings.sol
Properties.size=111
Properties.md5=E0EC485FCFC321D445A2DDFACBA865B1
Properties.filedate=1384786957
Properties.filedatetext=2013-11-18 16:02:37
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\boilix.net\game\Boilix.swf\Settings_2661.sol
Properties.size=52
Properties.md5=B4AB8D990D5023CF49E1C3A2EA7AFB31
Properties.filedate=1384874032
Properties.filedatetext=2013-11-19 16:13:52
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cachinga.tape.tv\static\embedV2-15872.swf\tapeTvStats.sol
Properties.size=94
Properties.md5=D96CD2646C3455DF268336B2821C9A9C
Properties.filedate=1378073140
Properties.filedatetext=2013-09-01 23:05:40
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cdn.content1.de\js\flowplayer.commercial-3.2.16_c1.swf\org.flowplayer.sol
Properties.size=60
Properties.md5=11B628CEABE61125FA85414F1AC515EA
Properties.filedate=1376952396
Properties.filedatetext=2013-08-19 23:46:36
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cdn1b.thumbnails.4tube.com\swf-4tube\qualityselector.swf\qualityselector_persistence.sol
Properties.size=80
Properties.md5=D06B5F2F3E5E6E315EA3DA7EB0FBCA7C
Properties.filedate=1380403988
Properties.filedatetext=2013-09-28 22:33:08
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\cdn1b.thumbnails.4tube.com\swf-4tube\related_v3.swf\4tube-postroll-advertising-rotation.sol
Properties.size=71
Properties.md5=594DF77F81155C6BCD96A477C11AC27F
Properties.filedate=1380403810
Properties.filedatetext=2013-09-28 22:30:10
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\embed.divxstage.eu\player\divxstage-v5.swf\novaPlayer.sol
Properties.size=78
Properties.md5=F5ABE77DB410BF0DB11E86FD8103A4C6
Properties.filedate=1383354432
Properties.filedatetext=2013-11-02 02:07:12
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\myfussball.net\files\1.php\1.sol
Properties.size=44
Properties.md5=3D853266D0F692B683A05732A7F69608
Properties.filedate=1374598205
Properties.filedatetext=2013-07-23 17:50:05
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
Properties.size=79
Properties.md5=543498E14A277A462367845F0AA228D5
Properties.filedate=1375753431
Properties.filedatetext=2013-08-06 02:43:51
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\static.xvideos.com\swf\flv_player_site_v4.swf\hexaplayerVolumeCookie.sol
Properties.size=61
Properties.md5=315EFC2B22C338CA28CF1126167B41F5
Properties.filedate=1379812115
Properties.filedatetext=2013-09-22 02:08:35
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\static.xvideos.com\swf\xv-player.swf\hexaplayerVolumeCookie.sol
Properties.size=61
Properties.md5=44E5D6A453380A15806BF03D096F53CC
Properties.filedate=1374278754
Properties.filedatetext=2013-07-20 01:05:54
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.boilix.net\game\Boilix.swf\Settings.sol
Properties.size=111
Properties.md5=F5CC26EC8E9A7D878C4339DA86F973C7
Properties.filedate=1384655667
Properties.filedatetext=2013-11-17 03:34:27
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.boilix.net\game\Boilix.swf\Settings_2661.sol
Properties.size=72
Properties.md5=791C0C41F377418D932F75CC42BA7010
Properties.filedate=1384736508
Properties.filedatetext=2013-11-18 02:01:47
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.ndr.de\flash\OSMFPlayer.swf\HDCore.sol
Properties.size=42
Properties.md5=B0A684D97BDBD07136E2DB44530878CE
Properties.filedate=1382391454
Properties.filedatetext=2013-10-21 22:37:33
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2R3NCX4R\www.nuvid.com\player\videoplayer.swf\dat.sol
Properties.size=41
Properties.md5=2F80A0F3987B1A2D0D34D7743F341373
Properties.filedate=1375663046
Properties.filedatetext=2013-08-05 01:37:25
FakePorn.Winlock: [SBI $8F44C451] Data (File, nothing done)
C:\Users\TeckForce\AppData\Roaming\skype.ini
Properties.size=4
Properties.md5=4A2BEC527A06E219B42CC7143F143175
Properties.filedate=1372447709
Properties.filedatetext=2013-06-28 20:28:29
DoubleClick: [SBI $19447DDC] Tracking cookie (Internet Explorer (Benutzer): TeckForce) (Browser: Cookie, nothing done)
Right Media: [SBI $19447DDC] Tracking cookie (Internet Explorer (Benutzer): TeckForce) (Browser: Cookie, nothing done)
MediaPlex: [SBI $19447DDC] Tracking cookie (Internet Explorer (Benutzer): TeckForce) (Browser: Cookie, nothing done)
CasaleMedia: [SBI $19447DDC] Tracking cookie (Internet Explorer (Benutzer): TeckForce) (Browser: Cookie, nothing done)
FastClick: [SBI $19447DDC] Tracking cookie (Internet Explorer (Benutzer): TeckForce) (Browser: Cookie, nothing done)
MediaPlex: [SBI $19447DDC] Tracking cookie (Internet Explorer (Benutzer): TeckForce) (Browser: Cookie, nothing done)
DoubleClick: [SBI $19447DDC] Tracking cookie (Firefox: PE_C_UPDATUSUSER.MALTE-NOTEBOOK (default)) (Browser: Cookie, nothing done)
Statcounter: [SBI $19447DDC] Tracking cookie (Firefox: PE_C_UPDATUSUSER.MALTE-NOTEBOOK (default)) (Browser: Cookie, nothing done)
DoubleClick: [SBI $19447DDC] Tracking cookie (Firefox: PE_C_UPDATUSUSER.MALTE-NOTEBOOK (default)) (Browser: Cookie, nothing done)
DoubleClick: [SBI $19447DDC] Tracking cookie (Firefox: PE_C_UPDATUSUSER.MALTE-NOTEBOOK (default)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $19447DDC] Tracking cookie (Firefox: PE_C_UPDATUSUSER.MALTE-NOTEBOOK (default)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $19447DDC] Tracking cookie (Firefox: PE_C_UPDATUSUSER.MALTE-NOTEBOOK (default)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $19447DDC] Tracking cookie (Firefox: PE_C_UPDATUSUSER.MALTE-NOTEBOOK (default)) (Browser: Cookie, nothing done)
Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Internet Explorer\TypedURLs
Internet Explorer: [SBI $FF589D0C] Download directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Internet Explorer\Download Directory
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\PE_C_UPDATUSUSER.MALTE-NOTEBOOK\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1020\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Microsoft Management Console\Recent File List
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id
MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows.OpenWith: [SBI $16E309E0] Open with list - .ASF extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList
Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
Windows.OpenWith: [SBI $21C40B70] Open with list - .CAL extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAL\OpenWithList
Windows.OpenWith: [SBI $90385037] Open with list - .CMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CMP\OpenWithList
Windows.OpenWith: [SBI $A6576FA1] Open with list - .CUR extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUR\OpenWithList
Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\WinRAR\ArcHistory
WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\WinRAR\General\LastFolder
WinRAR: [SBI $B510882E] Extraction directory history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\WinRAR\DialogEditHistory\ExtrPath
Cookie: [SBI $49804B54] Browser: Cookie (202) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (986) (Browser: Cache, nothing done)
Verlauf: [SBI $49804B54] Browser: History (92) (Browser: History, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (2915) (Browser: Cookie, nothing done)
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2014-01-02 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2013-11-12 Includes\Adware.sbi (*)
2013-12-23 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2013-10-16 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2013-10-29 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-12-23 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2013-10-29 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-12-03 Includes\TrojansC-03.sbi (*)
2013-12-23 Includes\TrojansC-04.sbi (*)
2013-12-10 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)
Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 03/01/2014 um 04:17:49
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Professional (64 bits)
# Benutzername : TeckForce - MALTENOTEBOOK
# Gestartet von : C:\Users\TeckForce\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
[!] Ordner Gelöscht : C:\ProgramData\clsoft ltd
[!] Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
[!] Ordner Gelöscht : C:\ProgramData\Premium
[!] Ordner Gelöscht : C:\ProgramData\MiaigNiPiC
[!] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiaigNiPiC
[!] Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
[!] Ordner Gelöscht : C:\Program Files (x86)\MagniPic
[!] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
[!] Ordner Gelöscht : C:\Users\TeckForce\AppData\Roaming\dvdvideosoftiehelpers
[!] Ordner Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\ICQToolbarData
[!] Ordner Gelöscht : C:\Users\TeckForce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooaoddbahjfekekgbmmabfdpfeajnfpf
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-10.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-11.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-12.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-13.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-14.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-15.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-16.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-4.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-5.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-6.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-7.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-8.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\icqplugin-9.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\Startsear.xml
Datei Gelöscht : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKCU\Software\Ciuvo
Schlüssel Gelöscht : HKCU\Software\PrivitizeVPNInstallDates
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\systweak
***** [ Browser ] *****
-\\ Internet Explorer v8.0.7600.16385
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\prefs.js ]
Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("extensions.AaQqy.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)return a(!1);var d=t[...]
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("extensions.VjqwvXw.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)return a(!1);var d[...]
Zeile gelöscht : user_pref("extensions.privitize.srchPrvdr", "Search The Web (privitize)");
Zeile gelöscht : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Zeile gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Zeile gelöscht : user_pref("icqtoolbar.engineVerified", false);
Zeile gelöscht : user_pref("icqtoolbar.geolastmodified", 1318410887);
Zeile gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options");
Zeile gelöscht : user_pref("icqtoolbar.history", "t%C3%BCrme%20umhaun%20game||youtube%2Cde||anabolika||joint%20drehen||green%20lake%20texas||was%20wollen%20wir%20trinken||facebook||disaster%20myspace||prim%20hahn%20my[...]
Zeile gelöscht : user_pref("icqtoolbar.hpChange", true);
Zeile gelöscht : user_pref("icqtoolbar.icqgeo", 49);
Zeile gelöscht : user_pref("icqtoolbar.installTime", "1318776614");
Zeile gelöscht : user_pref("icqtoolbar.installsource", "1");
Zeile gelöscht : user_pref("icqtoolbar.itbsitescount", 6);
Zeile gelöscht : user_pref("icqtoolbar.newtab_state", "1");
Zeile gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gelöscht : user_pref("icqtoolbar.previousFFVersion", "3.6.23");
Zeile gelöscht : user_pref("icqtoolbar.removedsitescount", 25);
Zeile gelöscht : user_pref("icqtoolbar.showAds", false);
Zeile gelöscht : user_pref("icqtoolbar.showVoucher", false);
Zeile gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gelöscht : user_pref("icqtoolbar.suggestions", false);
Zeile gelöscht : user_pref("icqtoolbar.uniqueID", "126506150512650615041265134148152");
Zeile gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1318785968);
Zeile gelöscht : user_pref("icqtoolbar.userHpApproved", true);
Zeile gelöscht : user_pref("icqtoolbar.version", "1.3.3");
Zeile gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
Zeile gelöscht : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", true);
Zeile gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v
[ Datei : C:\Users\TeckForce\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [10994 octets] - [03/01/2014 04:15:48]
AdwCleaner[S0].txt - [10567 octets] - [03/01/2014 04:17:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10628 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Professional x64
Ran by TeckForce on 03.01.2014 at 4:24:00,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{16C14024-95DB-47AD-A5F8-D5C451AC7927}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\TeckForce\AppData\Roaming\getrighttogo"
~~~ FireFox
Successfully deleted the following from C:\Users\TeckForce\AppData\Roaming\mozilla\firefox\profiles\b7q0tiwk.default\prefs.js
user_pref("extensions.privitize.admin", false);
user_pref("extensions.privitize.aflt", "orgnl");
user_pref("extensions.privitize.appId", "{301966DF-A84B-4255-AAB9-574B5CE237E4}");
user_pref("extensions.privitize.autoRvrt", "false");
user_pref("extensions.privitize.dfltLng", "");
user_pref("extensions.privitize.dfltSrch", true);
user_pref("extensions.privitize.dnsErr", true);
user_pref("extensions.privitize.excTlbr", true);
user_pref("extensions.privitize.ffxUnstlRst", false);
user_pref("extensions.privitize.hmpg", true);
user_pref("extensions.privitize.hmpgUrl", "hxxp://searchou.com/?id=cc4771f80000000000000026b65a295a");
user_pref("extensions.privitize.hpOld0", "hxxp://facebook.de/");
user_pref("extensions.privitize.id", "cc4771f80000000000000026b65a295a");
user_pref("extensions.privitize.instlDay", "15803");
user_pref("extensions.privitize.instlRef", "");
user_pref("extensions.privitize.kw_url", "hxxp://searchou.com/?q={searchTerms}&id=cc4771f80000000000000026b65a295a");
user_pref("extensions.privitize.newTab", true);
user_pref("extensions.privitize.newTabUrl", "hxxp://searchou.com/?id=cc4771f80000000000000026b65a295a");
user_pref("extensions.privitize.prdct", "privitize");
user_pref("extensions.privitize.prtnrId", "privitize");
user_pref("extensions.privitize.rvrt", "false");
user_pref("extensions.privitize.smplGrp", "none");
user_pref("extensions.privitize.tlbrId", "base");
user_pref("extensions.privitize.tlbrSrchUrl", "hxxp://searchou.com/?id=cc4771f80000000000000026b65a295a&q=");
user_pref("extensions.privitize.vrsn", "1.8.16.22");
user_pref("extensions.privitize.vrsnTs", "1.8.16.2223:20:13");
user_pref("extensions.privitize.vrsni", "1.8.16.22");
Emptied folder: C:\Users\TeckForce\AppData\Roaming\mozilla\firefox\profiles\b7q0tiwk.default\minidumps [386 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.01.2014 at 4:36:27,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2014
Ran by TeckForce (administrator) on MALTENOTEBOOK on 03-01-2014 04:39:45
Running from C:\Users\TeckForce\Downloads
Windows 7 Professional (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\ProgramData\DatacardService\DCService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2010-01-23] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2010-01-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
MountPoints2: {15d3a740-45f6-11e2-b85f-806e6f6e6963} - F:\RA2+YR_multi.exe
MountPoints2: {9c573ac8-32f5-11e1-ba12-aa427b7f67a5} - G:\AutoRun.exe
MountPoints2: {9c573ad2-32f5-11e1-ba12-aa427b7f67a5} - G:\AutoRun.exe
MountPoints2: {f066b1a4-0850-11df-9bad-00245421f55b} - F:\autorun.exe
AppInit_DLLs: C:\ProgramData\Performancer\Performancer_x64.dll [4568576 2013-12-27] ()
AppInit_DLLs-x32: c:\progra~4\perfor~1\perfor~1.dll [4115456 2013-12-27] ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFB602961E9A1CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: ReguluarDeealls - {065B7D9A-4AD5-1B34-D5C0-E4BCAA3B3210} - C:\ProgramData\ReguluarDeealls\YGpfp.x64.dll No File
BHO: SaaveNewaAppz - {EEF0F387-CEB7-8C95-3393-650E7DC838AC} - C:\ProgramData\SaaveNewaAppz\dmP.x64.dll No File
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default
FF DefaultSearchEngine: Wikipedia (de)
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: hxxp://facebook.de/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
Chrome:
=======
CHR Extension: (SaaveNewaAppz) - C:\Users\TeckForce\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgeleddekloegnjmjdpiiahleecfkonh\5.5
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] ()
S2 dfc86759; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
S2 dfc86759; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2011-11-13] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [103736 2011-11-13] ()
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821720 2012-11-25] (Mister Group)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-28] (DT Soft Ltd)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-12-14] (Duplex Secure Ltd.)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-03 04:39 - 2014-01-03 04:40 - 00010377 _____ C:\Users\TeckForce\Downloads\FRST.txt
2014-01-03 04:39 - 2014-01-03 04:39 - 00000000 ____D C:\FRST
2014-01-03 04:36 - 2014-01-03 04:36 - 00003876 _____ C:\Users\TeckForce\Desktop\JRT.txt
2014-01-03 04:34 - 2014-01-03 04:34 - 01931750 _____ (Farbar) C:\Users\TeckForce\Downloads\FRST64.exe
2014-01-03 04:23 - 2014-01-03 04:23 - 00000000 ____D C:\Windows\ERUNT
2014-01-03 04:15 - 2014-01-03 04:17 - 00000000 ____D C:\AdwCleaner
2014-01-03 04:13 - 2014-01-03 04:13 - 01036305 _____ (Thisisu) C:\Users\TeckForce\Downloads\JRT.exe
2014-01-02 04:23 - 2014-01-02 04:23 - 00000085 _____ C:\Windows\wininit.ini
2014-01-02 00:28 - 2014-01-02 21:56 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-02 00:28 - 2014-01-02 04:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-02 00:28 - 2014-01-02 00:28 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-12-31 02:16 - 2014-01-01 23:35 - 00000000 ____D C:\ProgramData\SaaveNewaAppz
2013-12-31 02:16 - 2014-01-01 23:35 - 00000000 ____D C:\ProgramData\ReguluarDeealls
2013-12-31 02:16 - 2013-12-31 02:16 - 00000000 ____D C:\ProgramData\glabdaacdcpgfhaijchagfpccpompelb
2013-12-31 02:16 - 2013-12-31 02:16 - 00000000 ____D C:\ProgramData\84c21818bc06a818
2013-12-27 17:44 - 2013-12-27 17:44 - 00000000 ____D C:\ProgramData\Performancer
2013-12-14 02:20 - 2013-12-14 02:20 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
==================== One Month Modified Files and Folders =======
2014-01-03 04:40 - 2014-01-03 04:39 - 00010377 _____ C:\Users\TeckForce\Downloads\FRST.txt
2014-01-03 04:39 - 2014-01-03 04:39 - 00000000 ____D C:\FRST
2014-01-03 04:36 - 2014-01-03 04:36 - 00003876 _____ C:\Users\TeckForce\Desktop\JRT.txt
2014-01-03 04:34 - 2014-01-03 04:34 - 01931750 _____ (Farbar) C:\Users\TeckForce\Downloads\FRST64.exe
2014-01-03 04:31 - 2010-10-19 16:19 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 04:31 - 2009-07-14 05:45 - 00014080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-03 04:31 - 2009-07-14 05:45 - 00014080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-03 04:28 - 2013-01-01 17:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 04:23 - 2014-01-03 04:23 - 00000000 ____D C:\Windows\ERUNT
2014-01-03 04:23 - 2010-01-23 17:23 - 01072838 _____ C:\Windows\WindowsUpdate.log
2014-01-03 04:19 - 2013-04-08 22:20 - 00000382 ____H C:\Windows\Tasks\MagniPicUpdaterTask{BE6F064E-4286-4F7C-B43C-4142FD110023}.job
2014-01-03 04:19 - 2011-10-16 20:39 - 00000000 ____D C:\Users\TeckForce\AppData\Local\LogMeIn Hamachi
2014-01-03 04:19 - 2010-10-19 16:19 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-03 04:19 - 2010-04-03 17:16 - 00000000 ____D C:\Users\TeckForce\Tracing
2014-01-03 04:19 - 2010-02-02 19:08 - 00000000 ____D C:\ProgramData\ICQ
2014-01-03 04:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-03 04:19 - 2009-07-14 05:51 - 00161049 _____ C:\Windows\setupact.log
2014-01-03 04:17 - 2014-01-03 04:15 - 00000000 ____D C:\AdwCleaner
2014-01-03 04:13 - 2014-01-03 04:13 - 01036305 _____ (Thisisu) C:\Users\TeckForce\Downloads\JRT.exe
2014-01-03 01:32 - 2013-09-25 23:01 - 00000000 ____D C:\Users\TeckForce\Documents\FIFA 14
2014-01-03 00:46 - 2012-09-28 19:56 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-02 21:56 - 2014-01-02 00:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-02 21:56 - 2010-01-23 17:47 - 02705030 _____ C:\Windows\PFRO.log
2014-01-02 04:23 - 2014-01-02 04:23 - 00000085 _____ C:\Windows\wininit.ini
2014-01-02 04:23 - 2014-01-02 00:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-02 03:33 - 2009-07-14 18:58 - 05457710 _____ C:\Windows\system32\perfh007.dat
2014-01-02 03:33 - 2009-07-14 18:58 - 01670942 _____ C:\Windows\system32\perfc007.dat
2014-01-02 03:33 - 2009-07-14 06:13 - 00006208 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 02:02 - 2013-04-08 22:20 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-02 00:28 - 2014-01-02 00:28 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-01 23:35 - 2013-12-31 02:16 - 00000000 ____D C:\ProgramData\SaaveNewaAppz
2014-01-01 23:35 - 2013-12-31 02:16 - 00000000 ____D C:\ProgramData\ReguluarDeealls
2013-12-31 02:16 - 2013-12-31 02:16 - 00000000 ____D C:\ProgramData\glabdaacdcpgfhaijchagfpccpompelb
2013-12-31 02:16 - 2013-12-31 02:16 - 00000000 ____D C:\ProgramData\84c21818bc06a818
2013-12-30 01:19 - 2013-04-02 23:31 - 00000000 ____D C:\Program Files (x86)\Red Alert 2
2013-12-28 01:05 - 2013-10-23 03:50 - 00000000 ____D C:\Users\TeckForce\Desktop\fraps
2013-12-27 17:44 - 2013-12-27 17:44 - 00000000 ____D C:\ProgramData\Performancer
2013-12-19 21:01 - 2011-06-19 14:44 - 00000000 ____D C:\Users\TeckForce\AppData\Local\CrashDumps
2013-12-14 14:52 - 2012-05-05 13:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-14 02:20 - 2013-12-14 02:20 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-14 02:20 - 2013-11-17 15:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-13 17:19 - 2013-10-17 18:15 - 00000000 ____D C:\Users\TeckForce\Desktop\mathe
2013-12-13 17:19 - 2011-10-11 22:01 - 00000000 ____D C:\Users\TeckForce\Desktop\minecraft
2013-12-13 17:18 - 2013-10-08 17:30 - 00000000 ____D C:\Users\TeckForce\Desktop\Santiano - Bis Ans Ende Der Welt (2012)
2013-12-13 17:18 - 2010-03-13 16:31 - 00000000 ____D C:\Users\TeckForce\Desktop\Metin2
2013-12-12 12:55 - 2013-05-07 16:31 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-12 12:55 - 2013-04-26 18:36 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-12 12:55 - 2013-04-26 18:36 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-11 17:28 - 2013-01-01 17:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 17:28 - 2012-10-17 07:55 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 17:28 - 2011-07-05 18:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-06 23:00 - 2013-09-12 15:33 - 00000000 ____D C:\Users\TeckForce\Desktop\eclipse
2013-12-06 02:00 - 2010-04-06 17:22 - 00000000 ____D C:\Users\TeckForce\AppData\Roaming\ICQ
Files to move or delete:
====================
C:\ProgramData\l_u0_0.pad
Some content of TEMP:
====================
C:\Users\TeckForce\AppData\Local\Temp\avgnt.exe
C:\Users\TeckForce\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 19:31
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Additional: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-01-2014
Ran by TeckForce at 2014-01-03 04:40:28
Running from C:\Users\TeckForce\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader 9.4.6 - Deutsch (x32 Version: 9.4.6 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.1.629 - Adobe Systems, Inc.)
Atheros Client Installation Program (x32 Version: 1.0.1.0805 - Atheros)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
BatteryLifeExtender (x32 Version: 1.0.0 - Samsung)
C&C Red Alert 2 (x32 Version: 1.006 & 1.001 - Westwood)
CyberLink YouCam (x32 Version: 2.0.2907 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.2907 - CyberLink Corp.) Hidden
DAEMON Tools Lite (x32 Version: 4.46.1.0327 - DT Soft Ltd)
DivX Codec (x32 Version: 6.9.1 - DivX, Inc.)
DivX Converter (x32 Version: 7.1.0 - DivX, Inc.)
DivX Player (x32 Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (x32 Version: - DivX, Inc.)
DivX Web Player (x32 Version: 1.5.0 - DivX,Inc.)
EA Download Manager (x32 Version: 4.0.0.462 - Electronic Arts) Hidden
FIFA 11 Demo (x32 Version: 1.0.0.0 - Electronic Arts)
FIFA 13 (x32 Version: 1.7.0.0 - Electronic Arts)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
Fraps (remove only) (x32 Version: - )
Free YouTube to MP3 Converter version 3.11.36.1201 (x32 Version: 3.11.36.1201 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (x32 Version: 1.9.0 - Gameforge)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
ICQ Sparberater (x32 Version: 1.2.662 - solute gmbh)
ICQ7.6 (x32 Version: 7.6 - ICQ)
Intel® Matrix Storage Manager (Version: - Intel Corporation)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 31 (x32 Version: 6.0.310 - Oracle)
JavaFX 2.1.0 (x32 Version: 2.1.0 - Oracle Corporation)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
MagniPic (Version: 1.0 - ) <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML4 Parser (x32 Version: 1.0.0 - Microsoft Game Studios)
NVIDIA Grafiktreiber 306.23 (Version: 306.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 306.23 (Version: 306.23 - NVIDIA Corporation) Hidden
OpenAL (x32 Version: - )
OpenOffice.org 3.2 (x32 Version: 3.2.9502 - OpenOffice.org)
Origin (x32 Version: 9.0.10.69 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (Version: 3.60.0 - dotPDN LLC)
Performancer (x32 Version: - 24soft)
Python 3.2.2 (64-bit) (Version: 3.2.2150 - Python Software Foundation)
QuickTime (x32 Version: 7.68.75.0 - Apple Inc.)
Realtek Ethernet Controller Driver (x32 Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
SAMSUNG Mobile Modem Driver Set (Version: - )
Samsung Mobile phone USB driver Drive Software (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (Version: - )
SAMSUNG Mobile USB Modem Software (Version: - )
Skype™ 6.9 (x32 Version: 6.9.106 - Skype Technologies S.A.)
Snagit 10 (x32 Version: 10.0.0 - TechSmith Corporation)
SPEEDLINK Strike 2 Gamepad (x32 Version: 2007.08.17 - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 13.2.4.12 - Synaptics Incorporated)
System Explorer 4.2.0 (x32 Version: - Mister Group)
TrueCrypt (x32 Version: 7.1a - TrueCrypt Foundation)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (x32 Version: - )
==================== Restore Points =========================
02-01-2014 23:00:01 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 03:34 - 2010-04-17 17:41 - 00000996 ____A C:\Windows\system32\Drivers\etc\hosts
hxxp://legendmt2.eu l2testauthd.lineage2.com
hxxp://legendmt2.eu l2authd.lineage2.com
==================== Scheduled Tasks (whitelisted) =============
Task: {0B7C26E6-F026-418D-B4A2-2EFC9436F6A2} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {0D4C30AA-7672-4133-9EA3-96F8FA149306} - System32\Tasks\{490364F2-9218-4129-8D56-D83BCC86298F} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.120/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {2EBBBC28-425B-49B6-A282-EE485410EBF3} - System32\Tasks\{871D3A79-6BAA-435D-9226-7617C86F3D1A} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02] (Skype Technologies S.A.)
Task: {34AF3751-21B0-45C2-9AB4-62CE2A8CAD91} - System32\Tasks\{35CB8C92-0CB6-4CCB-87A5-9B8D37409850} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.111/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {44D19DE4-2652-401A-9452-F3B425B28C3C} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe
Task: {54D231B5-52D0-4C21-B19C-F93C479F7236} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {56F81B24-5C26-49ED-AF26-ACFFB681FA51} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {8CA882A9-D53C-4EB5-A763-AF85FA0E4ED2} - System32\Tasks\{83EE9674-59D2-4E73-9FED-472D1E3892E1} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto San Andreas\GTA San Andreas.exe
Task: {B0C72A53-893E-4F7D-B0D5-FD9005FC177D} - System32\Tasks\MagniPicUpdaterTask{BE6F064E-4286-4F7C-B43C-4142FD110023} => C:\ProgramData\Premium\MagniPic\MagniPic.exe <==== ATTENTION
Task: {B41FE991-6356-4D97-BFDD-26B3C763180C} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {B4CF05FF-91C6-415D-B144-8B94B583EE9B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19] (Google Inc.)
Task: {B541288D-C974-4D39-B7BB-B4B9F1097E79} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {BAEC2B7D-0B29-4286-A7B2-0C37805456F3} - System32\Tasks\{17D3819D-E9B2-4C47-8983-6CF621736FA5} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {BBB8F094-DB07-4262-99C9-B9C009B06600} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19] (Google Inc.)
Task: {CFE93261-A299-4DEB-9C40-FE12CA35AB3E} - System32\Tasks\{096FCD2A-B244-4388-9F6C-2F5AF2C79ABA} => Firefox.exe hxxp://ui.skype.com/ui/0/4.1.0.179/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MagniPicUpdaterTask{BE6F064E-4286-4F7C-B43C-4142FD110023}.job => C:\ProgramData\Premium\MagniPic\MagniPic.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-04-26 18:36 - 2013-04-26 18:35 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-12-27 17:44 - 2013-12-27 17:44 - 04115456 _____ () C:\ProgramData\Performancer\Performancer.dll
2013-11-17 15:05 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-01-02 04:10:54.044
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows.old\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-02 04:10:54.033
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows.old\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-02 04:10:54.022
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows.old\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-02 04:10:46.264
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows.old\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-02 04:10:46.254
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows.old\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-02 04:10:46.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows.old\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-02 04:10:42.582
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows.old\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-02 04:10:42.571
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows.old\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-02 04:10:42.560
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows.old\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-02 04:05:15.797
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows.old\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.16385_none_5722666f137ae177\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 34%
Total physical RAM: 4060.61 MB
Available physical RAM: 2661.16 MB
Total Pagefile: 8119.38 MB
Available Pagefile: 6382.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:144.21 GB) (Free:60.42 GB) NTFS
Drive d: () (Fixed) (Total:306.45 GB) (Free:306.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 07A54FFB)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=306 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Danke für deine Hilfe !  MalwarebyteS: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.01.05 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 TeckForce :: MALTENOTEBOOK [Administrator] 03.01.2014 09:39:53 mbam-log-2014-01-03 (09-39-53).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 257999 Laufzeit: 3 Minute(n), 52 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
04.01.2014, 09:19
| #4 | |
| /// the machine /// TB-Ausbilder | Werbung ohne Ende.. hi, Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.01.2014, 09:55
| #5 |
| | Werbung ohne Ende..Code:
ATTFilter ComboFix 14-01-04.03 - TeckForce 04.01.2014 9:37.1.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1252.49.1031.18.4061.2548 [GMT 1:00]
ausgeführt von:: c:\users\TeckForce\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\l_u0_0.pad
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DCService.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-04 bis 2014-01-04 ))))))))))))))))))))))))))))))
.
.
2014-01-04 08:43 . 2014-01-04 08:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-04 08:43 . 2014-01-04 08:43 -------- d-----w- c:\users\UpdatusUser.Malte-Notebook\AppData\Local\temp
2014-01-03 03:39 . 2014-01-03 03:39 -------- d-----w- C:\FRST
2014-01-03 03:23 . 2014-01-03 03:23 -------- d-----w- c:\windows\ERUNT
2014-01-03 03:15 . 2014-01-03 03:17 -------- d-----w- C:\AdwCleaner
2014-01-01 23:28 . 2014-01-02 03:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-01-01 23:28 . 2014-01-02 20:56 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-12-31 01:16 . 2014-01-01 22:35 -------- d-----w- c:\programdata\ReguluarDeealls
2013-12-31 01:16 . 2013-12-31 01:16 -------- d-----w- c:\programdata\glabdaacdcpgfhaijchagfpccpompelb
2013-12-31 01:16 . 2013-12-31 01:16 -------- d-----w- c:\programdata\84c21818bc06a818
2013-12-31 01:16 . 2014-01-01 22:35 -------- d-----w- c:\programdata\SaaveNewaAppz
2013-12-27 16:44 . 2013-12-27 16:44 -------- d-----w- c:\programdata\Performancer
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-12 11:55 . 2013-05-07 15:31 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-12 11:55 . 2013-04-26 17:36 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-12 11:55 . 2013-04-26 17:36 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-11 16:28 . 2012-10-17 06:55 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 16:28 . 2011-07-05 17:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-18 02:51 . 2013-10-18 02:51 312744 ----a-w- c:\windows\system32\javaws.exe
2013-10-18 02:51 . 2013-10-18 02:51 189352 ----a-w- c:\windows\system32\javaw.exe
2013-10-18 02:51 . 2013-10-18 02:51 189352 ----a-w- c:\windows\system32\java.exe
2013-10-18 02:51 . 2013-10-18 02:51 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-10-18 02:47 . 2013-10-18 02:47 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-07 14:24 . 2013-04-26 17:36 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-12 684600]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-11-29 3806544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
S0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys;c:\windows\SYSNATIVE\drivers\BMLoad.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 dfc86759;Performancer;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-17 16:28]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 15:19]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 15:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-23 8067616]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube to MP3 Converter - c:\users\TeckForce\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\TeckForce\AppData\Roaming\Mozilla\Firefox\Profiles\b7q0tiwk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://facebook.de/
FF - prefs.js: keyword.URL -
FF - ExtSQL: !HIDDEN! 2012-12-08 06:23; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\program files (x86)\Common Files\DVDVideoSoft\plugins\ff
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{065B7D9A-4AD5-1B34-D5C0-E4BCAA3B3210} - c:\programdata\ReguluarDeealls\YGpfp.x64.dll
BHO-{EEF0F387-CEB7-8C95-3393-650E7DC838AC} - c:\programdata\SaaveNewaAppz\dmP.x64.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4082847748-2108349381-1701915676-1000\Software\SecuROM\License information*]
"datasecu"=hex:be,15,04,d8,ad,b3,97,ba,26,cb,93,26,21,f9,c5,cb,3e,ba,0c,2a,33,
a9,2f,fa,d5,c3,28,fb,9b,71,e1,83,77,30,d3,c5,88,fa,33,f0,24,f1,d1,97,1e,4f,\
"rkeysecu"=hex:5d,26,3e,51,f3,a7,2f,5d,71,8e,9a,02,12,38,31,b8
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-01-04 09:50:14 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-01-04 08:50
.
Vor Suchlauf: 13 Verzeichnis(se), 64.202.399.744 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 63.769.739.264 Bytes frei
.
- - End Of File - - B3F8AC5BFBBD782863988312DBF54391
A36C5E4F47E84449FF07ED3517B43A31
 |
|
04.01.2014, 20:20
| #6 |
| /// the machine /// TB-Ausbilder | Werbung ohne Ende.. Noch nit  Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Werbung ohne Ende.. |
|
05.01.2014, 03:10
| #7 |
| | Werbung ohne Ende.. die 3 Programme habe ich doch schon durchlaufen lassen? siehe logs Oder nochmal? |
|
06.01.2014, 01:23
| #8 |
| /// the machine /// TB-Ausbilder | Werbung ohne Ende.. Jetzt nochmal
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Werbung ohne Ende.. |
| anhang, durchlauf, ergebnisse, fakeporn.winlock, firefox, geholfen, guten, heute, infizierte, malewarebytes, nicht sicher, objekte, spybot, trotz, werbung |
Hybrid-Darstellung
