| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Dauernd Popups und Warnungen im Windows Internet ExplorerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
09.03.2014, 17:14
| #1 |
 |  Dauernd Popups und Warnungen im Windows Internet Explorer Hallo liebes Board! Seit vorgestern habe ich laufend lästige Benachrichtigungen. "Ihr System ist zu langsam" und "Bedrohung erkannt", lauter solche Fenster. Normalerweise würde ich den Rechner komplett neu aufsetzen, aber das letzte mal als ich bei euch war hat mir der "Schrauber" aus eurem Team so Super geholfen vielleicht wäre noch mal jemand so nett.... und könnte sich das Übel auf meinem rechner an schauen und bekämpfen ,das wäre sehr nett. Gemacht habe ich bisher: Systemsteuerung: zuletzt installierte Programme entfernt, alle seit letzter Woche. Malwarebytes gestartet, er fand 22 infizierte Objekte. diese habe ich alle gelöscht dann hatte ich echt ruhe nur nachdem ich den rechner am nächsten tag neu startete und kamen die popups wieder..............leider !!!!! Wäre nett wenn jemand mal schauen könnte vielleicht..... MFG Klaus |
|
09.03.2014, 17:36
| #2 |
| /// TB-Ausbilder   | Dauernd Popups und Warnungen im Windows Internet Explorer Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Poste mir bitte die Logdatei von MBAM mit den Funden. Zudem noch: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
|
09.03.2014, 23:32
| #3 |
| | Dauernd Popups und Warnungen im Windows Internet Explorer Moin Matthias.....
__________________Danke.... das du mal gucken willst...... ok wie geht das jetzt die log´s posten..... # drücken.... FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-03-2014 01
Ran by Ted2000 (administrator) on TED2000-PC on 09-03-2014 23:08:44
Running from C:\Users\Ted2000\Downloads
TRIBAL WINDOWS 7 ULTIMATE Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Users\Ted2000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
() C:\Users\Ted2000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(HQ-Video) C:\program files\hq-video-pro-1.4\hq-video-pro-1.4-bg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ACPW06DE] - C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1135304 2012-12-17] (ACD Systems)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Smart File Advisor] - C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net)
HKU\S-1-5-21-388039254-1379459305-1084319246-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-08-27] (Google Inc.)
HKU\S-1-5-21-388039254-1379459305-1084319246-1000\...\Run: [SkyDrive] - C:\Users\Ted2000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-02-19] (Microsoft Corporation)
HKU\S-1-5-21-388039254-1379459305-1084319246-1000\...\Run: [Amazon Cloud Player] - C:\Users\Ted2000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-388039254-1379459305-1084319246-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18643560 2013-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-388039254-1379459305-1084319246-1003\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ghost-of-usenet.org/board.php?boardid=125
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x042A126BF7A2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: HQ-Video-Pro-1.4 - {11111111-1111-1111-1111-110511291120} - C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-bho.dll (HQ-Video)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 27 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default
FF user.js: detected! => C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\user.js
FF Homepage: user_pref("browser.startup.homepage", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 - C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HQ-Video-Pro-1.4 - C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\Extensions\f6b78e05-0819-4914-a9b1-53baf8fa3cd8@5f1a7616-ab87-4cb2-b56e-1218d848ce49.com [2014-03-08]
FF Extension: No Name - C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\Extensions\staged [2014-03-08]
FF Extension: EPUBReader - C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2014-01-17]
Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "sync" :
{
"app_settings" : true,
"apps" : true,
"autofill" : true,
"autofill_profile" : true,
"bookmarks" : true,
"dictionary" : true,
"encryption_bootstrap_token" : "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAGceSV0Rk2EqXR3P4AUUtiAAAAAACAAAAAAAQZgAAAAEAACAAAAC6Ox0HP7qWR93I19Ah9yGgLmjFzkHGz5Q0Om9lLxeQAQAAAAAOgAAAAAIAACAAAAApKYw0vu3/CcTc14JBPdVmCbmDVClgCe1+/zYRZQz8zEAAAAAllhICf3jPW5DfOxJFS4jao1vqwylDXqCDK1w7H0Hm/lNrmV2SDZpKF8M5ZMnwxxUUuMe7O40OhA90kvKMJbE9QAAAAAHBhuYNv7AqkEMEolbDLwnuHQ9ELCkaT2gGXyorjMb13zQZgSmhCxgTGRaqztzASaCnHoAaOXIZghiIy8ZELQQ=",
"extension_settings" : true,
"extensions" : true,
"favicon_images" : true,
"favicon_tracking" : true,
"has_setup_completed" : true,
"history_delete_directives" : true,
"keystore_encryption_bootstrap_token" : "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAGceSV0Rk2EqXR3P4AUUtiAAAAAACAAAAAAAQZgAAAAEAACAAAAD58WSoxGTungtZraNok/CLFDAd7GCmgteAM1M446TuNAAAAAAOgAAAAAIAACAAAABK4n+nWL+7/fSG+bcv4AM744cqdQOxqLrvvcPABddK/FAAAADpoBjDqBP1LkEfWHx6RuZH6lAzwHlPfDfEPAnZu9s//IM8Wy3x+Qr1ULq2zHRBi9UDga+6rx+Tr+3b1/5dk6v8CEhB/F7ipPlRPBeEnde1MUAAAAABPi2A3wysIxOSdwqnbaY1FsCLlEevIviusWhNKj1ej5L88HP2V/C8r+Vux4x9xZH59kdSzDFe3sObuUDaw68Q",
"last_synced_time" : "13038726544285127",
"managed_users" : true,
"passwords" : true,
"preferences" : true,
"priority_preferences" : true,
"search_engines" : true,
"session_sync_guid" : "session_sync2wGRSs9TB6K8lDCC1MsBwQ==",
"sessions" : true,
"suppress_start" : false,
"synced_notifications" : true,
"tabs" : true,
"themes" : true,
"typed_urls"
CHR Extension: (HQ-Video-Pro-1.4) - C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj [2014-03-08]
CHR Extension: (FVD Downloader) - C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2013-11-06]
CHR Extension: (Google Wallet) - C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-07]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
S4 vToolbarUpdater15.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [X]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-19] (Avira Operations GmbH & Co. KG)
S4 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-09-05] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-14] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-27] (Avira GmbH)
S3 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S3 catchme; \??\C:\Users\Ted2000\AppData\Local\Temp\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-09 23:08 - 2014-03-09 23:09 - 00014288 _____ () C:\Users\Ted2000\Downloads\FRST.txt
2014-03-09 23:08 - 2014-03-09 23:08 - 00000000 ____D () C:\FRST
2014-03-09 23:06 - 2014-03-09 23:07 - 01145856 _____ (Farbar) C:\Users\Ted2000\Downloads\FRST.exe
2014-03-09 23:06 - 2014-03-09 23:06 - 01145856 _____ (Farbar) C:\Users\Ted2000\Desktop\FRST.exe
2014-03-09 09:23 - 2014-03-09 09:23 - 02577701 _____ () C:\Users\Ted2000\Downloads\Die.Chroniken.von.Narnia.Die.Reise.auf.der.Morgenroete.Uncut.German.DL.1080p.BluRay.x264-RSG {{UsenetRevolution}}.nzb
2014-03-09 09:20 - 2014-03-09 09:20 - 00100796 _____ () C:\Users\Ted2000\Downloads\5637L_20140224_042 {{Kuschelrock}}.nzb
2014-03-09 09:20 - 2014-03-09 09:20 - 00078941 _____ () C:\Users\Ted2000\Downloads\5637L_20140224_043 {{Kuschelrock}}.nzb
2014-03-09 09:19 - 2014-03-09 09:19 - 00064670 _____ () C:\Users\Ted2000\Downloads\5637L_20140224_041 {{Kuschelrock}}.nzb
2014-03-09 09:18 - 2014-03-09 09:18 - 00242147 _____ () C:\Users\Ted2000\Downloads\5637L_20140224_040 {{Kuschelrock}}.nzb
2014-03-09 09:17 - 2014-03-09 09:17 - 00057213 _____ () C:\Users\Ted2000\Downloads\5637L_20140224_039 {{Kuschelrock}}.nzb
2014-03-09 09:16 - 2014-03-09 09:16 - 00299658 _____ () C:\Users\Ted2000\Downloads\55408962898a37b9795c9d7a68a86381.par2 {{c19764348bc951360634be972ede0f84480cc15c}}.nzb
2014-03-09 09:12 - 2014-03-09 09:12 - 00005985 _____ () C:\Users\Ted2000\Documents\TubeDigger Registation.....eml
2014-03-08 23:32 - 2014-03-08 23:32 - 00000989 _____ () C:\Users\Public\Desktop\TubeDigger.lnk
2014-03-08 23:32 - 2014-03-08 23:32 - 00000000 ____D () C:\Program Files\TubeDigger
2014-03-08 23:31 - 2014-03-08 23:31 - 10226163 _____ (TubeDigger ) C:\Users\Ted2000\Downloads\TubeDigger_Install.exe
2014-03-08 23:29 - 2014-03-08 23:29 - 18594680 _____ (Applian Technologies) C:\Users\Ted2000\Downloads\RCATSetup.exe
2014-03-08 23:27 - 2014-03-08 23:27 - 00855750 _____ () C:\Users\Ted2000\Downloads\rtmpdump-2.4-git-010913-windows.zip
2014-03-08 23:26 - 2014-03-08 23:26 - 00061818 _____ () C:\Users\Ted2000\Downloads\rtmpexplorer.zip
2014-03-08 23:24 - 2014-03-08 23:24 - 00906821 _____ () C:\Users\Ted2000\Downloads\rtmpdump-2.3-windows.zip
2014-03-08 23:20 - 2014-03-09 23:00 - 00003104 _____ () C:\Windows\Tasks\HQ-Video-Pro-1.4-chromeinstaller.job
2014-03-08 23:20 - 2014-03-09 23:00 - 00002572 _____ () C:\Windows\Tasks\HQ-Video-Pro-1.4-firefoxinstaller.job
2014-03-08 23:20 - 2014-03-09 23:00 - 00001530 _____ () C:\Windows\Tasks\HQ-Video-Pro-1.4-updater.job
2014-03-08 23:20 - 2014-03-09 23:00 - 00001486 _____ () C:\Windows\Tasks\HQ-Video-Pro-1.4-codedownloader.job
2014-03-08 23:20 - 2014-03-09 23:00 - 00001384 _____ () C:\Windows\Tasks\HQ-Video-Pro-1.4-enabler.job
2014-03-08 23:20 - 2014-03-08 23:20 - 00000000 ____D () C:\Program Files\StreamTransport
2014-03-08 23:20 - 2014-03-08 23:20 - 00000000 ____D () C:\Program Files\HQ-Video-Pro-1.4
2014-03-08 23:19 - 2014-03-08 23:19 - 01962689 _____ (hxxp://www.streamtransport.com/ ) C:\Users\Ted2000\Downloads\streamtransport_setup.exe
2014-03-08 22:28 - 2014-03-08 22:58 - 00000000 ____D () C:\Users\Ted2000\Documents\Any Video Recorder
2014-03-08 22:28 - 2014-03-08 22:28 - 00000000 ____D () C:\Users\Ted2000\AppData\Roaming\AnvSoft
2014-03-08 22:27 - 2014-03-08 22:58 - 00000000 ____D () C:\Program Files\Any Video Recorder
2014-03-08 22:22 - 2014-03-08 22:22 - 07598296 _____ (anvsoft, Inc. ) C:\Users\Ted2000\Downloads\any-video-recorder.exe
2014-03-08 22:20 - 2014-03-08 22:20 - 54041432 _____ () C:\Users\Ted2000\Downloads\Audials_Moviebox-Setup.exe
2014-03-08 21:41 - 2014-03-08 21:41 - 00280430 _____ () C:\Users\Ted2000\Downloads\zS4t893r0ZaYlkDpD5R.par2 {{RTh788mIs0rwo0x}}.nzb
2014-03-08 21:39 - 2014-03-08 21:39 - 00449204 _____ () C:\Users\Ted2000\Downloads\D0E37A7BF74D197835B56F162F5041C0.par2 {{237cNfNb4M7DNKAx}}.nzb
2014-03-08 01:14 - 2014-03-08 01:15 - 00000000 ____D () C:\Users\Ted2000\Downloads\samstag 08032014
2014-03-08 00:47 - 2014-03-08 00:47 - 07289062 _____ (XMedia Recode ) C:\Users\Ted2000\Downloads\XMediaRecode3179_setup.exe
2014-03-08 00:43 - 2014-03-08 00:43 - 00000000 ____D () C:\Users\Ted2000\Documents\StreamTransport
2014-03-08 00:42 - 2014-03-08 23:20 - 00001049 _____ () C:\Users\Public\Desktop\StreamTransport.lnk
2014-03-05 22:12 - 2014-03-07 22:43 - 00000000 ____D () C:\Users\Ted2000\Downloads\Mittwoch 05032014
2014-02-28 23:27 - 2014-03-02 23:27 - 00000000 ____D () C:\Users\Ted2000\Downloads\# Clubdom #
2014-02-25 22:16 - 2014-03-01 13:10 - 00000000 ____D () C:\Users\Ted2000\Downloads\Dienstag 25022014
2014-02-22 00:43 - 2014-03-09 23:00 - 00000000 ____D () C:\Users\Ted2000\AppData\Roaming\Skype
2014-02-22 00:42 - 2014-02-22 00:43 - 00000000 ____D () C:\ProgramData\Skype
2014-02-22 00:42 - 2014-02-22 00:42 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-22 00:42 - 2014-02-22 00:42 - 00000000 ___RD () C:\Program Files\Skype
2014-02-22 00:42 - 2014-02-22 00:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-22 00:41 - 2014-02-22 00:41 - 00000000 ____D () C:\Windows\de
2014-02-22 00:39 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-02-22 00:39 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-02-22 00:39 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-02-22 00:39 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-02-22 00:39 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-02-22 00:38 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-02-19 23:50 - 2014-02-19 23:50 - 00002184 _____ () C:\Users\Ted2000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-19 23:50 - 2014-02-19 23:50 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
==================== One Month Modified Files and Folders =======
2014-03-09 23:09 - 2014-03-09 23:08 - 00014288 _____ () C:\Users\Ted2000\Downloads\FRST.txt
2014-03-09 23:08 - 2014-03-09 23:08 - 00000000 ____D () C:\FRST
2014-03-09 23:07 - 2014-03-09 23:06 - 01145856 _____ (Farbar) C:\Users\Ted2000\Downloads\FRST.exe
2014-03-09 23:07 - 2009-07-14 05:34 - 00028976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-09 23:07 - 2009-07-14 05:34 - 00028976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-09 23:06 - 2014-03-09 23:06 - 01145856 _____ (Farbar) C:\Users\Ted2000\Desktop\FRST.exe
2014-03-09 23:04 - 2013-08-27 00:19 - 01361739 _____ () C:\Windows\WindowsUpdate.log
2014-03-09 23:00 - 2014-03-08 23:20 - 00003104 _____ () C:\Windows\Tasks\HQ-Video-Pro-1.4-chromeinstaller.job
2014-03-09 23:00 - 2014-03-08 23:20 - 00002572 _____ () C:\Windows\Tasks\HQ-Video-Pro-1.4-firefoxinstaller.job
2014-03-09 23:00 - 2014-03-08 23:20 - 00001530 _____ () C:\Windows\Tasks\HQ-Video-Pro-1.4-updater.job
2014-03-09 23:00 - 2014-03-08 23:20 - 00001486 _____ () C:\Windows\Tasks\HQ-Video-Pro-1.4-codedownloader.job
2014-03-09 23:00 - 2014-03-08 23:20 - 00001384 _____ () C:\Windows\Tasks\HQ-Video-Pro-1.4-enabler.job
2014-03-09 23:00 - 2014-02-22 00:43 - 00000000 ____D () C:\Users\Ted2000\AppData\Roaming\Skype
2014-03-09 23:00 - 2013-08-27 23:31 - 00000000 ___RD () C:\Users\Ted2000\SkyDrive
2014-03-09 23:00 - 2013-08-27 10:55 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-09 22:59 - 2013-08-27 08:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-09 22:59 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-09 22:59 - 2009-07-14 05:39 - 00050320 _____ () C:\Windows\setupact.log
2014-03-09 17:36 - 2013-11-14 12:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-09 16:48 - 2013-08-27 10:55 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-09 09:27 - 2013-08-27 22:44 - 00000000 ____D () C:\Users\Ted2000\Downloads\incomplete
2014-03-09 09:27 - 2013-08-27 22:44 - 00000000 ____D () C:\Users\Ted2000\Downloads\complete
2014-03-09 09:23 - 2014-03-09 09:23 - 02577701 _____ () C:\Users\Ted2000\Downloads\Die.Chroniken.von.Narnia.Die.Reise.auf.der.Morgenroete.Uncut.German.DL.1080p.BluRay.x264-RSG {{UsenetRevolution}}.nzb
2014-03-09 09:20 - 2014-03-09 09:20 - 00100796 _____ () C:\Users\Ted2000\Downloads\5637L_20140224_042 {{Kuschelrock}}.nzb
2014-03-09 09:20 - 2014-03-09 09:20 - 00078941 _____ () C:\Users\Ted2000\Downloads\5637L_20140224_043 {{Kuschelrock}}.nzb
2014-03-09 09:19 - 2014-03-09 09:19 - 00064670 _____ () C:\Users\Ted2000\Downloads\5637L_20140224_041 {{Kuschelrock}}.nzb
2014-03-09 09:18 - 2014-03-09 09:18 - 00242147 _____ () C:\Users\Ted2000\Downloads\5637L_20140224_040 {{Kuschelrock}}.nzb
2014-03-09 09:17 - 2014-03-09 09:17 - 00057213 _____ () C:\Users\Ted2000\Downloads\5637L_20140224_039 {{Kuschelrock}}.nzb
2014-03-09 09:16 - 2014-03-09 09:16 - 00299658 _____ () C:\Users\Ted2000\Downloads\55408962898a37b9795c9d7a68a86381.par2 {{c19764348bc951360634be972ede0f84480cc15c}}.nzb
2014-03-09 09:12 - 2014-03-09 09:12 - 00005985 _____ () C:\Users\Ted2000\Documents\TubeDigger Registation.....eml
2014-03-08 23:32 - 2014-03-08 23:32 - 00000989 _____ () C:\Users\Public\Desktop\TubeDigger.lnk
2014-03-08 23:32 - 2014-03-08 23:32 - 00000000 ____D () C:\Program Files\TubeDigger
2014-03-08 23:31 - 2014-03-08 23:31 - 10226163 _____ (TubeDigger ) C:\Users\Ted2000\Downloads\TubeDigger_Install.exe
2014-03-08 23:29 - 2014-03-08 23:29 - 18594680 _____ (Applian Technologies) C:\Users\Ted2000\Downloads\RCATSetup.exe
2014-03-08 23:27 - 2014-03-08 23:27 - 00855750 _____ () C:\Users\Ted2000\Downloads\rtmpdump-2.4-git-010913-windows.zip
2014-03-08 23:26 - 2014-03-08 23:26 - 00061818 _____ () C:\Users\Ted2000\Downloads\rtmpexplorer.zip
2014-03-08 23:24 - 2014-03-08 23:24 - 00906821 _____ () C:\Users\Ted2000\Downloads\rtmpdump-2.3-windows.zip
2014-03-08 23:20 - 2014-03-08 23:20 - 00000000 ____D () C:\Program Files\StreamTransport
2014-03-08 23:20 - 2014-03-08 23:20 - 00000000 ____D () C:\Program Files\HQ-Video-Pro-1.4
2014-03-08 23:20 - 2014-03-08 00:42 - 00001049 _____ () C:\Users\Public\Desktop\StreamTransport.lnk
2014-03-08 23:19 - 2014-03-08 23:19 - 01962689 _____ (hxxp://www.streamtransport.com/ ) C:\Users\Ted2000\Downloads\streamtransport_setup.exe
2014-03-08 22:58 - 2014-03-08 22:28 - 00000000 ____D () C:\Users\Ted2000\Documents\Any Video Recorder
2014-03-08 22:58 - 2014-03-08 22:27 - 00000000 ____D () C:\Program Files\Any Video Recorder
2014-03-08 22:28 - 2014-03-08 22:28 - 00000000 ____D () C:\Users\Ted2000\AppData\Roaming\AnvSoft
2014-03-08 22:22 - 2014-03-08 22:22 - 07598296 _____ (anvsoft, Inc. ) C:\Users\Ted2000\Downloads\any-video-recorder.exe
2014-03-08 22:20 - 2014-03-08 22:20 - 54041432 _____ () C:\Users\Ted2000\Downloads\Audials_Moviebox-Setup.exe
2014-03-08 22:05 - 2013-09-04 21:47 - 00000000 ____D () C:\Users\Ted2000\AppData\Local\Adobe
2014-03-08 22:05 - 2013-08-29 21:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-08 22:05 - 2013-08-29 21:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-08 21:56 - 2010-11-20 22:48 - 00080722 _____ () C:\Windows\PFRO.log
2014-03-08 21:56 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-03-08 21:41 - 2014-03-08 21:41 - 00280430 _____ () C:\Users\Ted2000\Downloads\zS4t893r0ZaYlkDpD5R.par2 {{RTh788mIs0rwo0x}}.nzb
2014-03-08 21:39 - 2014-03-08 21:39 - 00449204 _____ () C:\Users\Ted2000\Downloads\D0E37A7BF74D197835B56F162F5041C0.par2 {{237cNfNb4M7DNKAx}}.nzb
2014-03-08 01:15 - 2014-03-08 01:14 - 00000000 ____D () C:\Users\Ted2000\Downloads\samstag 08032014
2014-03-08 00:47 - 2014-03-08 00:47 - 07289062 _____ (XMedia Recode ) C:\Users\Ted2000\Downloads\XMediaRecode3179_setup.exe
2014-03-08 00:43 - 2014-03-08 00:43 - 00000000 ____D () C:\Users\Ted2000\Documents\StreamTransport
2014-03-07 22:43 - 2014-03-05 22:12 - 00000000 ____D () C:\Users\Ted2000\Downloads\Mittwoch 05032014
2014-03-07 22:31 - 2010-11-20 22:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-07 00:57 - 2013-08-27 08:54 - 00000000 ____D () C:\Users\Ted2000\AppData\Roaming\vlc
2014-03-07 00:57 - 2013-08-27 08:53 - 00001024 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-06 01:04 - 2013-10-03 22:53 - 00000000 ____D () C:\# NZB #
2014-03-05 23:07 - 2013-08-28 11:00 - 00000000 ____D () C:\Users\Ted2000\AppData\Local\QuickPar
2014-03-05 22:51 - 2013-09-21 19:15 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-02 23:27 - 2014-02-28 23:27 - 00000000 ____D () C:\Users\Ted2000\Downloads\# Clubdom #
2014-03-01 13:10 - 2014-02-25 22:16 - 00000000 ____D () C:\Users\Ted2000\Downloads\Dienstag 25022014
2014-02-22 23:07 - 2013-12-24 12:02 - 00830464 _____ () C:\Users\Ted2000\Documents\Movies from Ted2000 V7.9.xls
2014-02-22 13:02 - 2013-11-06 02:03 - 00000000 ____D () C:\Users\Ted2000\Downloads\# Lady Asmondena #
2014-02-22 03:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-22 00:51 - 2013-09-08 21:39 - 00000000 ____D () C:\Users\Ted2000\Downloads\# Installieren #
2014-02-22 00:43 - 2014-02-22 00:42 - 00000000 ____D () C:\ProgramData\Skype
2014-02-22 00:43 - 2013-08-27 23:33 - 00000000 ____D () C:\Program Files\Windows Live
2014-02-22 00:42 - 2014-02-22 00:42 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-22 00:42 - 2014-02-22 00:42 - 00000000 ___RD () C:\Program Files\Skype
2014-02-22 00:42 - 2014-02-22 00:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-22 00:42 - 2013-08-27 23:36 - 00000000 ____D () C:\Users\Ted2000\Tracing
2014-02-22 00:41 - 2014-02-22 00:41 - 00000000 ____D () C:\Windows\de
2014-02-19 23:50 - 2014-02-19 23:50 - 00002184 _____ () C:\Users\Ted2000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-19 23:50 - 2014-02-19 23:50 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-02-19 00:59 - 2013-08-27 21:37 - 00000000 ____D () C:\Users\Ted2000\AppData\Local\ACD Systems
2014-02-19 00:50 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-13 23:04 - 2013-11-25 21:08 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk
Some content of TEMP:
====================
C:\Users\Ted2000\AppData\Local\temp\apptorun.exe
C:\Users\Ted2000\AppData\Local\temp\avgnt.exe
C:\Users\Ted2000\AppData\Local\temp\fp_pl_pfs_installer-1.exe
C:\Users\Ted2000\AppData\Local\temp\fp_pl_pfs_installer.exe
C:\Users\Ted2000\AppData\Local\temp\hq-video-pro-1-4.exe
C:\Users\Ted2000\AppData\Local\temp\NOSEventMessages.dll
C:\Users\Ted2000\AppData\Local\temp\vlc-2.1.3-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-01 00:24
==================== End Of Log ============================
ok so ???? mmmmmHhhhhhh das war die......FRST.txt jetzt die Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-03-2014 01
Ran by Ted2000 at 2014-03-09 23:09:23
Running from C:\Users\Ted2000\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
ACDSee Pro 6 (HKLM\...\{D40B2C78-30CA-4A8F-A157-C86B491C73AF}) (Version: 6.3.221 - ACD Systems International Inc.)
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.2 (HKLM\...\{12A54F16-7F2E-4D42-BBCA-E0CC3CBF0457}) (Version: 5.2.1 - Adobe)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alt.Binz 0.39.4 (HKLM\...\Alt.Binz) (Version: 0.39.4 - Rdl)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AniceSoft EPUB Converter 6.0.9 (HKLM\...\{B93E585D-4A34-43F2-B0AC-33578DD28234}) (Version: 6.0.9 - AniceSoft)
AVG SafeGuard toolbar (HKLM\...\AVG SafeGuard toolbar) (Version: 15.5.0.2 - AVG Technologies)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
AzwSoft EBook DRM Removal 7.3.0 (HKLM\...\{B1A122E5-14FC-4040-A69C-B3180BA63724}) (Version: 7.3.0 - AzwSoft)
ComicRack v0.9.175 (HKLM\...\ComicRack) (Version: v0.9.175 - cYo Soft)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
GrabIt 1.7.2 Beta 6 (build 1008) (HKLM\...\GrabIt_is1) (Version: - Ilan Shemes)
HQ-Video-Pro-1.4 (HKLM\...\HQ-Video-Pro-1.4) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION
IsoBuster 3.2 (HKLM\...\IsoBuster_is1) (Version: 3.2 - Smart Projects)
Junk Mail filter update (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{9F612429-4A00-3D44-88CF-146DA2EE1F92}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50710 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Movie Maker (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 23.0.1 (x86 de) (HKLM\...\Mozilla Firefox 23.0.1 (x86 de)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
Nero Burning Core (Version: 15.0.19000 - Nero AG) Hidden
Nero Burning ROM (Version: 15.0.19000 - Nero AG) Hidden
Nero Burning ROM 2014 (HKLM\...\{326AD556-E540-4C3F-B197-4A9456DABCF3}) (Version: 15.0.01300 - Nero AG)
Nero Burning ROM Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero ControlCenter (Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (Version: 11.0.22500 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.15003 - Nero AG) Hidden
Nero Update (Version: 11.0.13300.42.0 - Nero AG) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.0 (HKLM\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Photo Gallery (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Prerequisite installer (Version: 15.0.0005 - Nero AG) Hidden
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
SABnzbd 0.7.16 (HKLM\...\SABnzbd) (Version: 0.7.16 - The SABnzbd Team)
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Smart File Advisor 1.1.1 (HKLM\...\Smart File Advisor_is1) (Version: 1.1.1 - Filefacts.net)
Streamripper (Remove only) (HKLM\...\Streamripper) (Version: - )
StreamTransport version: 1.1.2.0 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
TubeDigger 4.7.2 (HKLM\...\{1E3745C1-674D-4B2E-B8F7-3F4088950ED7}_is1) (Version: 4.7.2 - TubeDigger)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Phone app for desktop (HKLM\...\{9C4D79B6-238E-49D8-AEBC-26384EBDE6B3}) (Version: 1.0.1720.1 - Microsoft Corporation)
Windows Utils (HKLM\...\Windows Utils) (Version: - )
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
==================== Restore Points =========================
08-03-2014 21:27:11 Gerätetreiber-Paketinstallation: AnvSoft Audio-, Video- und Gamecontroller
09-03-2014 03:57:28 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:04 - 2013-10-13 23:19 - 00000057 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
==================== Scheduled Tasks (whitelisted) =============
Task: {06E4F2FF-2B1B-4181-AF24-F59E4DA653D6} - System32\Tasks\HQ-Video-Pro-1.4-updater => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-updater.exe [2014-03-08] (HQ-Video) <==== ATTENTION
Task: {3CA3397D-B770-420D-8BDE-C17E27191379} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-27] (Google Inc.)
Task: {3CDC6100-4D27-4E94-B3F5-A364B16A352A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {42A45BB3-595D-44F1-BC48-942BDCC925A2} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files\HomeTab\ProtectedSearch.exe <==== ATTENTION
Task: {685405D8-B83D-4C91-A361-A3EA48E0EA51} - System32\Tasks\HQ-Video-Pro-1.4-firefoxinstaller => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-firefoxinstaller.exe [2014-03-08] (HQ-Video) <==== ATTENTION
Task: {6DD473DF-5C18-4144-B4CF-1BFE39758774} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-08] (Adobe Systems Incorporated)
Task: {96E08125-7D03-4E5C-A28E-E576AA9C61B5} - System32\Tasks\HQ-Video-Pro-1.4-codedownloader => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-codedownloader.exe [2014-03-08] (HQ-Video) <==== ATTENTION
Task: {BB6DA505-804F-4491-8FB0-C0E2DFC17840} - System32\Tasks\HQ-Video-Pro-1.4-chromeinstaller => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-chromeinstaller.exe [2014-03-08] (HQ-Video) <==== ATTENTION
Task: {C4B98B23-5B62-4B8D-8DC4-3CA236D7F0C7} - \Browser Updater\Browser Updater No Task File
Task: {CDD21792-0BA4-4A15-AB2B-F7C8479529D3} - System32\Tasks\HQ-Video-Pro-1.4-enabler => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-enabler.exe [2014-03-08] (HQ-Video) <==== ATTENTION
Task: {D8B63D1F-E33D-44F1-A3EC-1E0A6FD84E97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-27] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HQ-Video-Pro-1.4-chromeinstaller.job => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Pro-1.4-codedownloader.job => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Pro-1.4-enabler.job => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Pro-1.4-firefoxinstaller.job => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Pro-1.4-updater.job => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-updater.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-08-27 08:28 - 2013-01-18 15:20 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-08-27 08:37 - 2013-08-27 08:36 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2013-11-24 23:11 - 2014-01-14 20:46 - 03140608 _____ () C:\Users\Ted2000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-01-10 13:33 - 2014-01-10 13:33 - 00282312 _____ () C:\Program Files\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Ted2000\Documents\Fwd_ Your requested unlock boot loader key.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ted2000\Documents\Ihr 1&1 Mobilfunk - Bestelleingangsbestätigung.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ted2000\Documents\Referenz-Nr_ 49953211_ Ihre Bestellung von Malwarebytes Anti-Malware PRO.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ted2000\Documents\TubeDigger Registation.....eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/09/2014 11:01:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/09/2014 04:44:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/09/2014 09:26:08 AM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 10.0.9200.16686 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 864
Startzeit: 01cf3b704ffd2c4d
Endzeit: 1466
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (03/09/2014 07:37:45 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5588. Meldungs-ID: [0x2509].
Error: (03/09/2014 07:35:11 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5752. Meldungs-ID: [0x2509].
Error: (03/09/2014 07:27:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2014 11:02:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2014 10:54:50 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5976. Meldungs-ID: [0x2509].
Error: (03/08/2014 10:35:19 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Any Video Recorder.exe, Version: 1.0.2.1, Zeitstempel: 0x50d95a79
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003224d
ID des fehlerhaften Prozesses: 0x448
Startzeit der fehlerhaften Anwendung: 0xAny Video Recorder.exe0
Pfad der fehlerhaften Anwendung: Any Video Recorder.exe1
Pfad des fehlerhaften Moduls: Any Video Recorder.exe2
Berichtskennung: Any Video Recorder.exe3
Error: (03/08/2014 10:33:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Any Video Recorder.exe, Version: 1.0.2.1, Zeitstempel: 0x50d95a79
Name des fehlerhaften Moduls: mfc100u.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2e0e6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00058994
ID des fehlerhaften Prozesses: 0xf50
Startzeit der fehlerhaften Anwendung: 0xAny Video Recorder.exe0
Pfad der fehlerhaften Anwendung: Any Video Recorder.exe1
Pfad des fehlerhaften Moduls: Any Video Recorder.exe2
Berichtskennung: Any Video Recorder.exe3
System errors:
=============
Error: (03/08/2014 05:21:32 AM) (Source: Service Control Manager) (User: )
Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2014 02:38:30 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (03/08/2014 00:43:17 AM) (Source: Service Control Manager) (User: )
Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2014 00:43:11 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinkHandler" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (03/08/2014 00:43:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (03/05/2014 11:35:30 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (03/02/2014 10:21:39 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "WDTVLIVE",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{45F3F32F-1CB6-44DF-8479-E275F70AD-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (03/02/2014 10:12:38 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.11
registriert werden. Der Computer mit IP-Adresse 192.168.0.16 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (02/27/2014 10:51:40 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (02/22/2014 04:03:46 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.
Microsoft Office Sessions:
=========================
Error: (03/09/2014 11:01:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/09/2014 04:44:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/09/2014 09:26:08 AM) (Source: Application Hang)(User: )
Description: iexplore.exe10.0.9200.1668686401cf3b704ffd2c4d1466C:\Program Files\Internet Explorer\iexplore.exe
Error: (03/09/2014 07:37:45 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5588. Meldungs-ID: [0x2509].
Error: (03/09/2014 07:35:11 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5752. Meldungs-ID: [0x2509].
Error: (03/09/2014 07:27:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2014 11:02:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2014 10:54:50 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5976. Meldungs-ID: [0x2509].
Error: (03/08/2014 10:35:19 PM) (Source: Application Error)(User: )
Description: Any Video Recorder.exe1.0.2.150d95a79ntdll.dll6.1.7601.1820551db96c5c00000050003224d44801cf3b160efdb8e8C:\Program Files\Any Video Recorder\Any Video Recorder.exeC:\Windows\SYSTEM32\ntdll.dll8b12e2fa-a709-11e3-8d8d-001d9280edb5
Error: (03/08/2014 10:33:27 PM) (Source: Application Error)(User: )
Description: Any Video Recorder.exe1.0.2.150d95a79mfc100u.dll10.0.40219.3254df2e0e6c000000500058994f5001cf3b1549218811C:\Program Files\Any Video Recorder\Any Video Recorder.exeC:\Program Files\Any Video Recorder\mfc100u.dll489976e3-a709-11e3-8d8d-001d9280edb5
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 3583.24 MB
Available physical RAM: 1527.77 MB
Total Pagefile: 7162.71 MB
Available Pagefile: 4461.16 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.69 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:312.5 GB) (Free:21.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:619.01 GB) (Free:315.97 GB) NTFS
Drive f: (TED-STUFF) (Fixed) (Total:931.51 GB) (Free:522.43 GB) NTFS
Drive g: (November 2013) (Fixed) (Total:3726.02 GB) (Free:1504.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 05A38857)
Partition 1: (Not Active) - (Size=619 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=312 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 57FC6454)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== End Of Log ============================
Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.03.09.08 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16686 Ted2000 :: TED2000-PC [limitiert] Schutz: Aktiviert 09.03.2014 23:13:03 MBAM-log-2014-03-09 (23-21-08).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 241306 Laufzeit: 7 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 1 C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-bg.exe (PUP.Optional.HQVideoPro.A) -> 3504 -> Keine Aktion durchgeführt. Infizierte Speichermodule: 1 C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-bho.dll (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. Infizierte Registrierungsschlüssel: 16 HKCR\CLSID\{11111111-1111-1111-1111-110511291120} (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. HKCR\TypeLib\{44444444-4444-4444-4444-440544294420} (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. HKCR\Interface\{55555555-5555-5555-5555-550555295520} (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0052920.BHO.1 (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291120} (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511291120} (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511291120} (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0052920.BHO (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0052920.Sandbox (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0052920.Sandbox.1 (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. HKCU\Software\AppDataLow\Software\HQ-Video-Pro-1.4 (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. HKCU\Software\InstalledBrowserExtensions\HQ-Video (PUP.Optional.HQVideoProfessional.A) -> Keine Aktion durchgeführt. HKLM\Software\HQ-Video-Pro-1.4 (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HQ-Video-Pro-1.4 (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 12 C:\Program Files\HQ-Video-Pro-1.4 (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0 (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\userCode (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\icons (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\icons\actions (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\api (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\popupResource (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 97 C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-bho.dll (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-bg.exe (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\HQ-Video-Pro-1.4-chromeinstaller.job (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\HQ-Video-Pro-1.4-codedownloader.job (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\HQ-Video-Pro-1.4-enabler.job (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\HQ-Video-Pro-1.4-firefoxinstaller.job (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\HQ-Video-Pro-1.4-updater.job (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\52920.crx (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\52920.xpi (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\background.html (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-chromeinstaller.exe (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-codedownloader.exe (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-enabler.exe (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-firefoxinstaller.exe (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-updater.exe (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4.ico (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\Installer.log (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\Uninstall.exe (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Program Files\HQ-Video-Pro-1.4\utils.exe (PUP.Optional.HQVideoPro.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\background.html (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\chromeCoreFilesIndex.txt (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\crossriderManifest.json (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\manifest.json (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\popup.html (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\manifest.xml (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins.json (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\17_jQuery.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\102_dealply_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\103_intext_5_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\104_jollywallet_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\123_intext_adv_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\13_CrossriderAppUtils.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\14_CrossriderUtils.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\155_ibario_pops_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\177_crossriderDashboard.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\179_revizer_p_dynamic_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\221_icm_downloads_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\223_imonomy_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\22_resources.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\231_revizer_ws_dynamic_2_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\28_initializer.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\47_resources_background.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\4_jquery_1_7_1.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\64_appApiMessage.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\72_appApiValidation.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\78_CrossriderInfo.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\7_hooks.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\80_CHPopupAppAPI.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\91_monetizationLoader.js.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\93_superfish_no_coupons_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\97_resourceApiWrapper.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\9_search_engine_hook.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\180_bpo_serp_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\182_openUrl.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\183_tabsWrapper.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\184_noproblemppc_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\190_pops_5_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\191_ciuvo_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\19_CHAppAPIWrapper.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\1_base.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\207_dbWrapper.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\21_debug.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\plugins\220_icm_base_m.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\userCode\background.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\extensionData\userCode\extension.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\icons\icon128.png (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\icons\icon16.png (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\icons\icon48.png (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\icons\actions\1.png (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\background.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\main.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\platformVersion.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\api\chrome.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\api\cookie.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\api\message.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\api\monitor.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\api\pageAction.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\api\pageActionBG.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\app_api.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\bg_app_api.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\consts.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\cookie_store.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\crossriderAPI.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\delegate.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\events.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\extensionDataStore.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\installer.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\logFile.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\logging.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\onBGDocumentLoad.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\reports.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\storageWrapper.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\updateManager.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\util.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\xhr.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\popupResource\newPopup.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj\1.26.19_0\js\lib\popupResource\popup.js (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. (Ende) Viele Grüße Klaus |
|
10.03.2014, 18:12
| #4 |
| /// TB-Ausbilder | Dauernd Popups und Warnungen im Windows Internet Explorer Servus, keine Sorge, ich weiß, was zu tun ist.  Wir beginnen erst mal so: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 4 Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/
Bitte poste mit deiner nächsten Antwort
|
|
11.03.2014, 20:47
| #5 |
| | Dauernd Popups und Warnungen im Windows Internet Explorer Hi Matthias.... hat ein wenig länger gedauert habe eben verdammt viel um die ohren.... und der AdwCleaner hat ewig gebraucht...hatte den rechner die nacht durchlaufen lassen.... ja,cool freut mich wenn du weißt wie wir den feind erlegen können !!! ;-)) ok... erst mal die AdwCleaner - log Datei : AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.003 - Bericht erstellt am 11/09/2013 um 23:19:09
# Updated 07/09/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzername : Ted2000 - TED2000-PC
# Gestartet von : C:\Users\Ted2000\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Users\Ted2000\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Ted2000\AppData\LocalLow\HomeTab
Ordner Gelöscht : C:\Users\Ted2000\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Ted2000\AppData\Roaming\HomeTab
Ordner Gelöscht : C:\Users\Ted2000\AppData\Roaming\SimplyTech
Ordner Gelöscht : C:\Users\Ted2000\AppData\Roaming\Windows Net Data
Datei Gelöscht : C:\Users\Ted2000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
Datei Gelöscht : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968\foxydeal.sqlite
Datei Gelöscht : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\Web Search.xml
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A25E7121-3DD8-41B3-855B-756C5BC45449}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Schlüssel Gelöscht : HKCU\Software\FoxyDeal
Schlüssel Gelöscht : HKCU\Software\HomeTab
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16660
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
-\\ Mozilla Firefox v23.0.1 (de)
[ Datei : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.backgroundjs", "\n\n/*****************************************************************************[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.value", "%22var%20cat_2a71b3b28494cf1854d3332[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.value", "%22var%20cat_3518e1eac042730aa127461[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20cat_d5baae4ef839769f8eb7e9f[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.js", "\n\n /************************************************************************************\[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_78.name", "CrossriderInfo");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jquery;if(appAPI.platform==\[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"\";function Q(ac){return [...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14101b492585f6a9ea95c52daa89ef51");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&st=chrome&q=");
[ Datei : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.backgroundjs", "\n\n/*****************************************************************************[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.value", "%22var%20cat_2a71b3b28494cf1854d3332[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.value", "%22var%20cat_3518e1eac042730aa127461[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20cat_d5baae4ef839769f8eb7e9f[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.js", "\n\n /************************************************************************************\[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_78.name", "CrossriderInfo");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jquery;if(appAPI.platform==\[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"\";function Q(ac){return [...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14101b492585f6a9ea95c52daa89ef51");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&st=chrome&q=");
*************************
AdwCleaner[R0].txt - [21339 octets] - [11/09/2013 22:38:29]
AdwCleaner[S0].txt - [20215 octets] - [11/09/2013 23:19:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20276 octets] ##########
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.021 - Bericht erstellt am 11/03/2014 um 06:20:08
# Aktualisiert 10/03/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzername : Ted2000 - TED2000-PC
# Gestartet von : C:\Users\Ted2000\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Program Files\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Program Files\HQ-Video-Pro-1.4
Ordner Gelöscht : C:\Users\Ted2000\AppData\Local\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\Ted2000\AppData\LocalLow\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\Ted2000\AppData\LocalLow\IminentToolbar
Ordner Gelöscht : C:\Users\Ted2000\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
Ordner Gelöscht : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Ordner Gelöscht : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\Extensions\f6b78e05-0819-4914-a9b1-53baf8fa3cd8@5f1a7616-ab87-4cb2-b56e-1218d848ce49.com
Ordner Gelöscht : C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj
Datei Gelöscht : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\searchplugins\iminent.xml
Datei Gelöscht : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\user.js
Datei Gelöscht : C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater
Datei Gelöscht : C:\Windows\System32\Tasks\ProtectedSearch
Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Pro-1.4-chromeinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-chromeinstaller
Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Pro-1.4-codedownloader.job
Datei Gelöscht : C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-codedownloader
Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Pro-1.4-enabler.job
Datei Gelöscht : C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-enabler
Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Pro-1.4-firefoxinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-firefoxinstaller
Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Pro-1.4-updater.job
Datei Gelöscht : C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4B98B23-5B62-4B8D-8DC4-3CA236D7F0C7}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42A45BB3-595D-44F1-BC48-942BDCC925A2}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BB6DA505-804F-4491-8FB0-C0E2DFC17840}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB6DA505-804F-4491-8FB0-C0E2DFC17840}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96E08125-7D03-4E5C-A28E-E576AA9C61B5}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96E08125-7D03-4E5C-A28E-E576AA9C61B5}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CDD21792-0BA4-4A15-AB2B-F7C8479529D3}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDD21792-0BA4-4A15-AB2B-F7C8479529D3}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{685405D8-B83D-4C91-A361-A3EA48E0EA51}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{685405D8-B83D-4C91-A361-A3EA48E0EA51}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{06E4F2FF-2B1B-4181-AF24-F59E4DA653D6}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06E4F2FF-2B1B-4181-AF24-F59E4DA653D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0052920.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0052920.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0052920.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0052920.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291120}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292220}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555295520}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566296620}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544294420}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291120}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511291120}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80d048a6-2d35-4120-8c7f-d2dd9d039aeb}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c873250-817a-4acb-82de-ad1608575c43}
Schlüssel Gelöscht : HKCU\Software\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\HQ-Video-Pro-1.4
Schlüssel Gelöscht : HKLM\Software\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\HQ-Video-Pro-1.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HQ-Video-Pro-1.4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Mozilla Firefox v23.0.1 (de)
[ Datei : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968\prefs.js ]
[ Datei : C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
-\\ Google Chrome v33.0.1750.146
[ Datei : C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [29130 octets] - [11/09/2013 21:38:29]
AdwCleaner[R1].txt - [7670 octets] - [10/03/2014 22:40:55]
AdwCleaner[R2].txt - [8597 octets] - [10/03/2014 22:57:24]
AdwCleaner[S0].txt - [28405 octets] - [11/09/2013 22:19:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28466 octets] ##########
so dann hier die JRT - log..... Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x86
Ran by Ted2000 on 11.03.2014 at 16:39:07,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Ted2000\AppData\Roaming\mozilla\firefox\profiles\xivmgag5.default\extensions\staged
Successfully deleted the following from C:\Users\Ted2000\AppData\Roaming\mozilla\firefox\profiles\xivmgag5.default\prefs.js
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
Emptied folder: C:\Users\Ted2000\AppData\Roaming\mozilla\firefox\profiles\xivmgag5.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.03.2014 at 16:42:30,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.03.11.07 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16686 Ted2000 :: TED2000-PC [Administrator] Schutz: Aktiviert 11.03.2014 16:46:30 MBAM-log-2014-03-11 (17-00-09).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 240391 Laufzeit: 6 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apehpgkcgpefnlpfindggfdecmgihlaj (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Ted2000 on 11.03.2014 at 17:02:34,22.
TRIBAL WINDOWS 7 ULTIMATE 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ted2000\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
11.03.2014 17:04:10 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311901130} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater15.5.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater15.5.0 deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:home");
user_pref("browser.search.useDBForOrder", false);
Added to C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968\prefs.js:
Deleted from C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\prefs.js:
user_pref("browser.startup.homepage", "");
user_pref("browser.search.selectedEngine", "");
user_pref("browser.search.useDBForOrder", false);
Added to C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\prefs.js:
ProfilePath: C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__1714_.backup
ProfilePath: C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__1714_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\{59B0C248-40A4-4FCF-A9A0-85AFDAE42623} deleted
C:\SoloApp deleted
C:\Windows\System32\Tasks\Browser Updater deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\system32\tasks\ProtectedSearch deleted
C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com deleted
C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968\extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D} deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968
- Undetermined - C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
- Undetermined - C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
- Undetermined - C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
ProfilePath: C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default
- EPUBReader - %ProfilePath%\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_773968
0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
C5322029C67AD8D38311FABEEAB4E595 - C:\Program Files\Winamp Detect\npwachk.dll - Winamp Application Detector
A0B8C52A92D14E9AF84540A5F39D3D18 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
Profilepath: C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
A9C86900D2A61728C8326FE7147617C5 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update
0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
A0B8C52A92D14E9AF84540A5F39D3D18 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
AC987EE8037531807C5D7E6217A23501 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
EB41064BC07017F5694CF16B4DEF6B10 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
C5322029C67AD8D38311FABEEAB4E595 - C:\Program Files\Winamp Detect\npwachk.dll - Winamp Application Detector
F045DF7AF127DC4BCC53421850114E15 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In
D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
7D28153B7D586330678AD522B71D89CB - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight
==== Chrome Look ======================
FVD Downloader - Ted2000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://ghost-of-usenet.org/board.php?boardid=125"
"Default_Search_URL"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&st=chrome&q="
"Search Bar"="hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&st=chrome&q="
"Search Page"="hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&st=chrome&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&st=chrome&q="
"Search Bar"="hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&st=chrome&q="
"Search Page"="hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1378670246325.000007&tguid=66920-6787-1378670246325-36C53A134C9FB746B91C8177A31FE975&st=chrome&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com/"
"Search Bar"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com/"
"Search Bar"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://ghost-of-usenet.org/board.php?boardid=125"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Empty IE Cache ======================
C:\Users\Ted2000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ted2000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Ted2000\AppData\Local\Mozilla\Firefox\Profiles\xivmgag5.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Ted2000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=140 folders=24 14601580 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Ted2000\AppData\Local\temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Ted2000\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 11.03.2014 at 20:26:21,85 ======================
viele Grüße klaus |
|
12.03.2014, 15:54
| #6 | |
| /// TB-Ausbilder | Dauernd Popups und Warnungen im Windows Internet Explorer Servus, Zitat:
Wir spüren die letzten Reste auf, damit wir sie später entfernen können: Schritt 1 Kontrollscan mit FRST Führe wie zuvor beschrieben einen Scan mit FRST aus. Setze dazu einen Haken bei Addition.txt rechts unten und klicke auf Scan. Es werden zwei Logdateien erzeugt. Poste mir diese. Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Gibt es noch Probleme mit Malware? Wenn ja, welche? Wie läuft der Rechner derzeit? Bitte poste mit deiner nächsten Antwort
|
|
12.03.2014, 22:08
| #7 |
| | Dauernd Popups und Warnungen im Windows Internet Explorer Hi Matthias...... Also ich bin eigentlich jetzt schon total begeistern..... der Rechner läuft jetzt schon wieder sensationell.............. bin gespannt ob du noch was findest..... ??? hier die 2 log s von FRST....... FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-03-2014 01
Ran by Ted2000 (administrator) on TED2000-PC on 12-03-2014 21:54:22
Running from C:\Users\Ted2000\Desktop
TRIBAL WINDOWS 7 ULTIMATE Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Users\Ted2000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
() C:\Users\Ted2000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files\SABnzbd\SABnzbd.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ACPW06DE] - C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1135304 2012-12-17] (ACD Systems)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Smart File Advisor] - C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net)
HKU\S-1-5-21-388039254-1379459305-1084319246-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-08-27] (Google Inc.)
HKU\S-1-5-21-388039254-1379459305-1084319246-1000\...\Run: [SkyDrive] - C:\Users\Ted2000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-02-19] (Microsoft Corporation)
HKU\S-1-5-21-388039254-1379459305-1084319246-1000\...\Run: [Amazon Cloud Player] - C:\Users\Ted2000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-388039254-1379459305-1084319246-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18643560 2013-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-388039254-1379459305-1084319246-1003\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ghost-of-usenet.org/board.php?boardid=125
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x042A126BF7A2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 27 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 - C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: EPUBReader - C:\Users\Ted2000\AppData\Roaming\Mozilla\Firefox\Profiles\xivmgag5.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2014-01-17]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-19] (Avira Operations GmbH & Co. KG)
S4 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-09-05] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-14] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-27] (Avira GmbH)
S3 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S3 catchme; \??\C:\Users\Ted2000\AppData\Local\Temp\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-11 20:36 - 2014-03-11 20:36 - 00014039 _____ () C:\Users\Ted2000\Desktop\zoek-results.txt
2014-03-11 17:19 - 2014-03-11 17:02 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-11 17:03 - 2014-03-11 20:26 - 00014039 _____ () C:\zoek-results.log
2014-03-11 17:02 - 2014-03-11 17:14 - 00000000 ____D () C:\zoek_backup
2014-03-11 16:49 - 2014-03-11 16:49 - 01285120 _____ () C:\Users\Ted2000\Desktop\zoek.exe
2014-03-11 16:42 - 2014-03-11 16:42 - 00001185 _____ () C:\Users\Ted2000\Desktop\JRT.txt
2014-03-11 16:38 - 2014-03-11 16:38 - 01037734 _____ (Thisisu) C:\Users\Ted2000\Desktop\JRT.exe
2014-03-11 16:36 - 2014-03-11 16:36 - 00028547 _____ () C:\Users\Ted2000\Desktop\AdwCleaner[S0].txt
2014-03-10 22:56 - 2014-03-10 22:57 - 01949184 _____ () C:\Users\Ted2000\Desktop\adwcleaner.exe
2014-03-10 22:18 - 2014-03-12 21:53 - 00000000 ____D () C:\Users\Ted2000\Downloads\montag 10032014
2014-03-09 23:24 - 2014-03-09 23:24 - 00024492 _____ () C:\Users\Ted2000\Desktop\Addition.txt
2014-03-09 23:09 - 2014-03-09 23:10 - 00024492 _____ () C:\Users\Ted2000\Downloads\Addition.txt
2014-03-09 23:08 - 2014-03-12 21:54 - 00011459 _____ () C:\Users\Ted2000\Desktop\FRST.txt
2014-03-09 23:08 - 2014-03-12 21:54 - 00000000 ____D () C:\FRST
2014-03-09 23:06 - 2014-03-09 23:07 - 01145856 _____ (Farbar) C:\Users\Ted2000\Downloads\FRST.exe
2014-03-09 23:06 - 2014-03-09 23:06 - 01145856 _____ (Farbar) C:\Users\Ted2000\Desktop\FRST.exe
2014-03-09 09:12 - 2014-03-09 09:12 - 00005985 _____ () C:\Users\Ted2000\Documents\TubeDigger Registation.....eml
2014-03-08 23:32 - 2014-03-08 23:32 - 00000989 _____ () C:\Users\Public\Desktop\TubeDigger.lnk
2014-03-08 23:32 - 2014-03-08 23:32 - 00000000 ____D () C:\Program Files\TubeDigger
2014-03-08 23:31 - 2014-03-08 23:31 - 10226163 _____ (TubeDigger ) C:\Users\Ted2000\Downloads\TubeDigger_Install.exe
2014-03-08 23:20 - 2014-03-08 23:20 - 00000000 ____D () C:\Program Files\StreamTransport
2014-03-08 23:19 - 2014-03-08 23:19 - 01962689 _____ (hxxp://www.streamtransport.com/ ) C:\Users\Ted2000\Downloads\streamtransport_setup.exe
2014-03-08 22:28 - 2014-03-08 22:58 - 00000000 ____D () C:\Users\Ted2000\Documents\Any Video Recorder
2014-03-08 22:28 - 2014-03-08 22:28 - 00000000 ____D () C:\Users\Ted2000\AppData\Roaming\AnvSoft
2014-03-08 22:27 - 2014-03-08 22:58 - 00000000 ____D () C:\Program Files\Any Video Recorder
2014-03-08 01:14 - 2014-03-09 23:54 - 00000000 ____D () C:\Users\Ted2000\Downloads\samstag 08032014
2014-03-08 00:47 - 2014-03-08 00:47 - 07289062 _____ (XMedia Recode ) C:\Users\Ted2000\Downloads\XMediaRecode3179_setup.exe
2014-03-08 00:43 - 2014-03-08 00:43 - 00000000 ____D () C:\Users\Ted2000\Documents\StreamTransport
2014-03-08 00:42 - 2014-03-08 23:20 - 00001049 _____ () C:\Users\Public\Desktop\StreamTransport.lnk
2014-03-05 22:12 - 2014-03-07 22:43 - 00000000 ____D () C:\Users\Ted2000\Downloads\Mittwoch 05032014
2014-02-28 23:27 - 2014-03-02 23:27 - 00000000 ____D () C:\Users\Ted2000\Downloads\# Clubdom #
2014-02-25 22:16 - 2014-03-01 13:10 - 00000000 ____D () C:\Users\Ted2000\Downloads\Dienstag 25022014
2014-02-22 00:43 - 2014-03-12 21:19 - 00000000 ____D () C:\Users\Ted2000\AppData\Roaming\Skype
2014-02-22 00:42 - 2014-02-22 00:43 - 00000000 ____D () C:\ProgramData\Skype
2014-02-22 00:42 - 2014-02-22 00:42 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-22 00:42 - 2014-02-22 00:42 - 00000000 ___RD () C:\Program Files\Skype
2014-02-22 00:42 - 2014-02-22 00:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-22 00:41 - 2014-02-22 00:41 - 00000000 ____D () C:\Windows\de
2014-02-22 00:39 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-02-22 00:39 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-02-22 00:39 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-02-22 00:39 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-02-22 00:39 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-02-22 00:38 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-02-19 23:50 - 2014-02-19 23:50 - 00002184 _____ () C:\Users\Ted2000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-19 23:50 - 2014-02-19 23:50 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
==================== One Month Modified Files and Folders =======
2014-03-12 21:54 - 2014-03-09 23:08 - 00011459 _____ () C:\Users\Ted2000\Desktop\FRST.txt
2014-03-12 21:54 - 2014-03-09 23:08 - 00000000 ____D () C:\FRST
2014-03-12 21:53 - 2014-03-10 22:18 - 00000000 ____D () C:\Users\Ted2000\Downloads\montag 10032014
2014-03-12 21:48 - 2013-08-27 10:55 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-12 21:47 - 2013-08-27 22:44 - 00000000 ____D () C:\Users\Ted2000\Downloads\incomplete
2014-03-12 21:36 - 2013-11-14 12:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-12 21:26 - 2009-07-14 05:34 - 00028976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-12 21:26 - 2009-07-14 05:34 - 00028976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-12 21:25 - 2013-08-27 22:44 - 00000000 ____D () C:\Users\Ted2000\Downloads\complete
2014-03-12 21:24 - 2013-08-27 00:19 - 01527279 _____ () C:\Windows\WindowsUpdate.log
2014-03-12 21:19 - 2014-02-22 00:43 - 00000000 ____D () C:\Users\Ted2000\AppData\Roaming\Skype
2014-03-12 21:19 - 2013-08-27 23:31 - 00000000 ___RD () C:\Users\Ted2000\SkyDrive
2014-03-12 21:19 - 2013-08-27 10:55 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-12 21:18 - 2013-08-27 08:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-12 21:18 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-12 21:18 - 2009-07-14 05:39 - 00050656 _____ () C:\Windows\setupact.log
2014-03-12 01:36 - 2013-08-29 21:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-12 01:36 - 2013-08-29 21:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 20:36 - 2014-03-11 20:36 - 00014039 _____ () C:\Users\Ted2000\Desktop\zoek-results.txt
2014-03-11 20:26 - 2014-03-11 17:03 - 00014039 _____ () C:\zoek-results.log
2014-03-11 20:22 - 2010-11-20 22:48 - 00081054 _____ () C:\Windows\PFRO.log
2014-03-11 17:14 - 2014-03-11 17:02 - 00000000 ____D () C:\zoek_backup
2014-03-11 17:02 - 2014-03-11 17:19 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-11 16:49 - 2014-03-11 16:49 - 01285120 _____ () C:\Users\Ted2000\Desktop\zoek.exe
2014-03-11 16:42 - 2014-03-11 16:42 - 00001185 _____ () C:\Users\Ted2000\Desktop\JRT.txt
2014-03-11 16:38 - 2014-03-11 16:38 - 01037734 _____ (Thisisu) C:\Users\Ted2000\Desktop\JRT.exe
2014-03-11 16:36 - 2014-03-11 16:36 - 00028547 _____ () C:\Users\Ted2000\Desktop\AdwCleaner[S0].txt
2014-03-11 09:14 - 2013-09-11 21:38 - 00000000 ____D () C:\AdwCleaner
2014-03-10 22:57 - 2014-03-10 22:56 - 01949184 _____ () C:\Users\Ted2000\Desktop\adwcleaner.exe
2014-03-09 23:54 - 2014-03-08 01:14 - 00000000 ____D () C:\Users\Ted2000\Downloads\samstag 08032014
2014-03-09 23:24 - 2014-03-09 23:24 - 00024492 _____ () C:\Users\Ted2000\Desktop\Addition.txt
2014-03-09 23:10 - 2014-03-09 23:09 - 00024492 _____ () C:\Users\Ted2000\Downloads\Addition.txt
2014-03-09 23:07 - 2014-03-09 23:06 - 01145856 _____ (Farbar) C:\Users\Ted2000\Downloads\FRST.exe
2014-03-09 23:06 - 2014-03-09 23:06 - 01145856 _____ (Farbar) C:\Users\Ted2000\Desktop\FRST.exe
2014-03-09 09:12 - 2014-03-09 09:12 - 00005985 _____ () C:\Users\Ted2000\Documents\TubeDigger Registation.....eml
2014-03-08 23:32 - 2014-03-08 23:32 - 00000989 _____ () C:\Users\Public\Desktop\TubeDigger.lnk
2014-03-08 23:32 - 2014-03-08 23:32 - 00000000 ____D () C:\Program Files\TubeDigger
2014-03-08 23:31 - 2014-03-08 23:31 - 10226163 _____ (TubeDigger ) C:\Users\Ted2000\Downloads\TubeDigger_Install.exe
2014-03-08 23:20 - 2014-03-08 23:20 - 00000000 ____D () C:\Program Files\StreamTransport
2014-03-08 23:20 - 2014-03-08 00:42 - 00001049 _____ () C:\Users\Public\Desktop\StreamTransport.lnk
2014-03-08 23:19 - 2014-03-08 23:19 - 01962689 _____ (hxxp://www.streamtransport.com/ ) C:\Users\Ted2000\Downloads\streamtransport_setup.exe
2014-03-08 22:58 - 2014-03-08 22:28 - 00000000 ____D () C:\Users\Ted2000\Documents\Any Video Recorder
2014-03-08 22:58 - 2014-03-08 22:27 - 00000000 ____D () C:\Program Files\Any Video Recorder
2014-03-08 22:28 - 2014-03-08 22:28 - 00000000 ____D () C:\Users\Ted2000\AppData\Roaming\AnvSoft
2014-03-08 22:05 - 2013-09-04 21:47 - 00000000 ____D () C:\Users\Ted2000\AppData\Local\Adobe
2014-03-08 21:56 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-03-08 00:47 - 2014-03-08 00:47 - 07289062 _____ (XMedia Recode ) C:\Users\Ted2000\Downloads\XMediaRecode3179_setup.exe
2014-03-08 00:43 - 2014-03-08 00:43 - 00000000 ____D () C:\Users\Ted2000\Documents\StreamTransport
2014-03-07 22:43 - 2014-03-05 22:12 - 00000000 ____D () C:\Users\Ted2000\Downloads\Mittwoch 05032014
2014-03-07 22:31 - 2010-11-20 22:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-07 00:57 - 2013-08-27 08:54 - 00000000 ____D () C:\Users\Ted2000\AppData\Roaming\vlc
2014-03-07 00:57 - 2013-08-27 08:53 - 00001024 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-06 01:04 - 2013-10-03 22:53 - 00000000 ____D () C:\# NZB #
2014-03-05 23:07 - 2013-08-28 11:00 - 00000000 ____D () C:\Users\Ted2000\AppData\Local\QuickPar
2014-03-05 22:51 - 2013-09-21 19:15 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-02 23:27 - 2014-02-28 23:27 - 00000000 ____D () C:\Users\Ted2000\Downloads\# Clubdom #
2014-03-01 13:10 - 2014-02-25 22:16 - 00000000 ____D () C:\Users\Ted2000\Downloads\Dienstag 25022014
2014-02-22 23:07 - 2013-12-24 12:02 - 00830464 _____ () C:\Users\Ted2000\Documents\Movies from Ted2000 V7.9.xls
2014-02-22 13:02 - 2013-11-06 02:03 - 00000000 ____D () C:\Users\Ted2000\Downloads\# Lady Asmondena #
2014-02-22 03:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-22 00:51 - 2013-09-08 21:39 - 00000000 ____D () C:\Users\Ted2000\Downloads\# Installieren #
2014-02-22 00:43 - 2014-02-22 00:42 - 00000000 ____D () C:\ProgramData\Skype
2014-02-22 00:43 - 2013-08-27 23:33 - 00000000 ____D () C:\Program Files\Windows Live
2014-02-22 00:42 - 2014-02-22 00:42 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-22 00:42 - 2014-02-22 00:42 - 00000000 ___RD () C:\Program Files\Skype
2014-02-22 00:42 - 2014-02-22 00:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-22 00:42 - 2013-08-27 23:36 - 00000000 ____D () C:\Users\Ted2000\Tracing
2014-02-22 00:41 - 2014-02-22 00:41 - 00000000 ____D () C:\Windows\de
2014-02-19 23:50 - 2014-02-19 23:50 - 00002184 _____ () C:\Users\Ted2000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-19 23:50 - 2014-02-19 23:50 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-02-19 00:59 - 2013-08-27 21:37 - 00000000 ____D () C:\Users\Ted2000\AppData\Local\ACD Systems
2014-02-19 00:50 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-13 23:04 - 2013-11-25 21:08 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk
Some content of TEMP:
====================
C:\Users\Ted2000\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-11 02:06
==================== End Of Log ============================
dann die Addition..... Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-03-2014 01
Ran by Ted2000 at 2014-03-12 21:54:54
Running from C:\Users\Ted2000\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
ACDSee Pro 6 (HKLM\...\{D40B2C78-30CA-4A8F-A157-C86B491C73AF}) (Version: 6.3.221 - ACD Systems International Inc.)
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.2 (HKLM\...\{12A54F16-7F2E-4D42-BBCA-E0CC3CBF0457}) (Version: 5.2.1 - Adobe)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alt.Binz 0.39.4 (HKLM\...\Alt.Binz) (Version: 0.39.4 - Rdl)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AniceSoft EPUB Converter 6.0.9 (HKLM\...\{B93E585D-4A34-43F2-B0AC-33578DD28234}) (Version: 6.0.9 - AniceSoft)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
AzwSoft EBook DRM Removal 7.3.0 (HKLM\...\{B1A122E5-14FC-4040-A69C-B3180BA63724}) (Version: 7.3.0 - AzwSoft)
ComicRack v0.9.175 (HKLM\...\ComicRack) (Version: v0.9.175 - cYo Soft)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
GrabIt 1.7.2 Beta 6 (build 1008) (HKLM\...\GrabIt_is1) (Version: - Ilan Shemes)
IsoBuster 3.2 (HKLM\...\IsoBuster_is1) (Version: 3.2 - Smart Projects)
Junk Mail filter update (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{9F612429-4A00-3D44-88CF-146DA2EE1F92}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50710 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Movie Maker (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 23.0.1 (x86 de) (HKLM\...\Mozilla Firefox 23.0.1 (x86 de)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
Nero Burning Core (Version: 15.0.19000 - Nero AG) Hidden
Nero Burning ROM (Version: 15.0.19000 - Nero AG) Hidden
Nero Burning ROM 2014 (HKLM\...\{326AD556-E540-4C3F-B197-4A9456DABCF3}) (Version: 15.0.01300 - Nero AG)
Nero Burning ROM Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero ControlCenter (Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (Version: 11.0.22500 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.15003 - Nero AG) Hidden
Nero Update (Version: 11.0.13300.42.0 - Nero AG) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.0 (HKLM\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Photo Gallery (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Prerequisite installer (Version: 15.0.0005 - Nero AG) Hidden
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
SABnzbd 0.7.16 (HKLM\...\SABnzbd) (Version: 0.7.16 - The SABnzbd Team)
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Smart File Advisor 1.1.1 (HKLM\...\Smart File Advisor_is1) (Version: 1.1.1 - Filefacts.net)
Streamripper (Remove only) (HKLM\...\Streamripper) (Version: - )
StreamTransport version: 1.1.2.0 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
TubeDigger 4.7.2 (HKLM\...\{1E3745C1-674D-4B2E-B8F7-3F4088950ED7}_is1) (Version: 4.7.2 - TubeDigger)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Phone app for desktop (HKLM\...\{9C4D79B6-238E-49D8-AEBC-26384EBDE6B3}) (Version: 1.0.1720.1 - Microsoft Corporation)
Windows Utils (HKLM\...\Windows Utils) (Version: - )
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 03:04 - 2013-10-13 23:19 - 00000057 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
==================== Scheduled Tasks (whitelisted) =============
Task: {3CA3397D-B770-420D-8BDE-C17E27191379} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-27] (Google Inc.)
Task: {3CDC6100-4D27-4E94-B3F5-A364B16A352A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6DD473DF-5C18-4144-B4CF-1BFE39758774} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {D8B63D1F-E33D-44F1-A3EC-1E0A6FD84E97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-27] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-08-27 08:28 - 2013-01-18 15:20 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-08-27 08:37 - 2013-08-27 08:36 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2013-11-24 23:11 - 2014-01-14 20:46 - 03140608 _____ () C:\Users\Ted2000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-01-10 13:33 - 2014-01-10 13:33 - 00282312 _____ () C:\Program Files\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2013-08-27 09:23 - 2013-09-08 21:38 - 00103424 _____ () C:\Program Files\SABnzbd\SABnzbd.exe
2013-08-27 09:23 - 2013-09-08 21:38 - 00053248 _____ () C:\Program Files\SABnzbd\lib\_socket.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00671744 _____ () C:\Program Files\SABnzbd\lib\_ssl.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00294912 _____ () C:\Program Files\SABnzbd\lib\_hashlib.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00102400 _____ () C:\Program Files\SABnzbd\lib\win32api.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00118784 _____ () C:\Program Files\SABnzbd\lib\pywintypes25.dll
2013-08-27 09:23 - 2013-09-08 21:38 - 00013824 _____ () C:\Program Files\SABnzbd\lib\win32event.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00036864 _____ () C:\Program Files\SABnzbd\lib\win32service.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00057344 _____ () C:\Program Files\SABnzbd\lib\OpenSSL.crypto.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00007168 _____ () C:\Program Files\SABnzbd\lib\OpenSSL.rand.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00037888 _____ () C:\Program Files\SABnzbd\lib\OpenSSL.SSL.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00086016 _____ () C:\Program Files\SABnzbd\lib\_ctypes.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00049152 _____ () C:\Program Files\SABnzbd\lib\_sqlite3.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00546205 _____ () C:\Program Files\SABnzbd\lib\sqlite3.dll
2013-08-27 09:23 - 2013-09-08 21:38 - 00008192 _____ () C:\Program Files\SABnzbd\lib\select.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00009728 _____ () C:\Program Files\SABnzbd\lib\_yenc.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00012288 _____ () C:\Program Files\SABnzbd\lib\Cheetah._namemapper.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00135168 _____ () C:\Program Files\SABnzbd\lib\pyexpat.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00040960 _____ () C:\Program Files\SABnzbd\lib\win32process.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00110592 _____ () C:\Program Files\SABnzbd\lib\win32file.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00014848 _____ () C:\Program Files\SABnzbd\lib\win32evtlog.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00024576 _____ () C:\Program Files\SABnzbd\lib\servicemanager.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00019968 _____ () C:\Program Files\SABnzbd\lib\win32pipe.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00155648 _____ () C:\Program Files\SABnzbd\lib\win32gui.pyd
2013-08-27 09:23 - 2013-09-08 21:38 - 00176128 _____ () C:\Program Files\SABnzbd\lib\winxpgui.pyd
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Ted2000\Documents\Fwd_ Your requested unlock boot loader key.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ted2000\Documents\Ihr 1&1 Mobilfunk - Bestelleingangsbestätigung.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ted2000\Documents\Referenz-Nr_ 49953211_ Ihre Bestellung von Malwarebytes Anti-Malware PRO.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ted2000\Documents\TubeDigger Registation.....eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/12/2014 09:20:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/12/2014 07:48:36 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 4208. Meldungs-ID: [0x2509].
Error: (03/12/2014 07:46:31 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7944. Meldungs-ID: [0x2509].
Error: (03/12/2014 06:24:13 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5828. Meldungs-ID: [0x2509].
Error: (03/12/2014 06:20:22 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7720. Meldungs-ID: [0x2509].
Error: (03/11/2014 10:56:35 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 6924. Meldungs-ID: [0x2509].
Error: (03/11/2014 10:52:57 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7928. Meldungs-ID: [0x2509].
Error: (03/11/2014 10:45:44 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 2976. Meldungs-ID: [0x2509].
Error: (03/11/2014 10:43:52 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7536. Meldungs-ID: [0x2509].
Error: (03/11/2014 10:42:52 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7448. Meldungs-ID: [0x2509].
System errors:
=============
Error: (03/12/2014 03:25:16 AM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.11
registriert werden. Der Computer mit IP-Adresse 192.168.0.16 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (03/12/2014 02:27:23 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (03/11/2014 10:35:42 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.11
registriert werden. Der Computer mit IP-Adresse 192.168.0.16 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (03/11/2014 10:04:48 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "WDTVLIVE",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{45F3F32F-1CB6-44DF-8479-E275F70AD-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (03/11/2014 09:35:40 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.
Error: (03/11/2014 09:34:46 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "WDTVLIVE",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{45F3F32F-1CB6-44DF-8479-E275F70AD-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (03/11/2014 08:59:18 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.11
registriert werden. Der Computer mit IP-Adresse 192.168.0.16 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (03/11/2014 05:14:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (03/11/2014 05:14:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (03/11/2014 05:14:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
Error: (03/12/2014 09:20:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/12/2014 07:48:36 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 4208. Meldungs-ID: [0x2509].
Error: (03/12/2014 07:46:31 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7944. Meldungs-ID: [0x2509].
Error: (03/12/2014 06:24:13 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5828. Meldungs-ID: [0x2509].
Error: (03/12/2014 06:20:22 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7720. Meldungs-ID: [0x2509].
Error: (03/11/2014 10:56:35 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 6924. Meldungs-ID: [0x2509].
Error: (03/11/2014 10:52:57 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7928. Meldungs-ID: [0x2509].
Error: (03/11/2014 10:45:44 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 2976. Meldungs-ID: [0x2509].
Error: (03/11/2014 10:43:52 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7536. Meldungs-ID: [0x2509].
Error: (03/11/2014 10:42:52 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.19080 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7448. Meldungs-ID: [0x2509].
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 3583.24 MB
Available physical RAM: 1879.87 MB
Total Pagefile: 7162.71 MB
Available Pagefile: 4788.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.65 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:312.5 GB) (Free:125.82 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:619.01 GB) (Free:309.6 GB) NTFS
Drive f: (TED-STUFF) (Fixed) (Total:931.51 GB) (Free:358.39 GB) NTFS
Drive g: (November 2013) (Fixed) (Total:3726.02 GB) (Free:1501.19 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 05A38857)
Partition 1: (Not Active) - (Size=619 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=312 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 57FC6454)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== End Of Log ============================
Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 21:57 on 12/03/2014 by Ted2000
Administrator - Elevation successful
========== regfind ==========
Searching for "AVG Secure Search"
No data found.
Searching for "HomeTab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c98be86-cf79-4484-a2b2-dfe1ee126592}\InprocServer32]
@="C:\Users\Ted2000\AppData\Roaming\HomeTab\HomeTab.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f7e26d7-c6ad-49be-b48e-a5fcee221c82}\InprocServer32]
@="C:\Users\Ted2000\AppData\Roaming\HomeTab\HomeTab.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b21e5b2d-2af6-4182-9e8e-1ff00ee3efd0}\InprocServer32]
@="C:\Users\Ted2000\AppData\Roaming\HomeTab\HomeTab.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{88C7A41D-C8B4-4217-A541-5283AB2477ED}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{083C032B-DBD5-453A-85AA-D2C2A65CA01F}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{FEA0AA17-1A29-47E7-B50D-84F92FFA11B9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21C516C1-5A9A-41E2-98BC-C591BC71DF5D}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{36240CCF-F82B-44EB-8ECC-440A29C7C536}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B2D7C3C-CD1E-4076-B27E-27A9737CCE0C}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D3DD6A0-D633-4379-AA69-D30A5273242A}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C3943733-723A-47AA-AB33-FDAF8C61D470}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{88C7A41D-C8B4-4217-A541-5283AB2477ED}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{083C032B-DBD5-453A-85AA-D2C2A65CA01F}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{FEA0AA17-1A29-47E7-B50D-84F92FFA11B9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21C516C1-5A9A-41E2-98BC-C591BC71DF5D}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{36240CCF-F82B-44EB-8ECC-440A29C7C536}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B2D7C3C-CD1E-4076-B27E-27A9737CCE0C}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D3DD6A0-D633-4379-AA69-D30A5273242A}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C3943733-723A-47AA-AB33-FDAF8C61D470}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{88C7A41D-C8B4-4217-A541-5283AB2477ED}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{083C032B-DBD5-453A-85AA-D2C2A65CA01F}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{FEA0AA17-1A29-47E7-B50D-84F92FFA11B9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21C516C1-5A9A-41E2-98BC-C591BC71DF5D}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{36240CCF-F82B-44EB-8ECC-440A29C7C536}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B2D7C3C-CD1E-4076-B27E-27A9737CCE0C}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\ProtectedSearch.exe|Name=Protected Search|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D3DD6A0-D633-4379-AA69-D30A5273242A}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C3943733-723A-47AA-AB33-FDAF8C61D470}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
Searching for "SimplyTech"
No data found.
Searching for "Browser Updater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater\Browser Updater]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{FEA0AA17-1A29-47E7-B50D-84F92FFA11B9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21C516C1-5A9A-41E2-98BC-C591BC71DF5D}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D3DD6A0-D633-4379-AA69-D30A5273242A}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C3943733-723A-47AA-AB33-FDAF8C61D470}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{FEA0AA17-1A29-47E7-B50D-84F92FFA11B9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21C516C1-5A9A-41E2-98BC-C591BC71DF5D}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D3DD6A0-D633-4379-AA69-D30A5273242A}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C3943733-723A-47AA-AB33-FDAF8C61D470}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{FEA0AA17-1A29-47E7-B50D-84F92FFA11B9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21C516C1-5A9A-41E2-98BC-C591BC71DF5D}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D3DD6A0-D633-4379-AA69-D30A5273242A}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C3943733-723A-47AA-AB33-FDAF8C61D470}"="v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\HomeTab\TBUpdater.dll|Name=Browser Updater|"
Searching for "HQ-Video-Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11E2C97A-52F4-42A2-A79B-BD8DF710FE77}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11E2C97A-52F4-42A2-A79B-BD8DF710FE77}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14317C8F-8F0A-4A41-A319-3DFCD44C95FC}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14317C8F-8F0A-4A41-A319-3DFCD44C95FC}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15343969-CC1B-4D00-9814-80A64A3D4BAD}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15343969-CC1B-4D00-9814-80A64A3D4BAD}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1715DC6D-114B-4A27-8B47-768098C2D520}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1715DC6D-114B-4A27-8B47-768098C2D520}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{199A5464-B759-48C8-88AD-3D534ACB6DA2}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{199A5464-B759-48C8-88AD-3D534ACB6DA2}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DEDE8D2-8D57-487F-994A-7C7C93B5390}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DEDE8D2-8D57-487F-994A-7C7C93B5390}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25C73A73-FA49-43F9-B5FC-75C5179BB57D}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25C73A73-FA49-43F9-B5FC-75C5179BB57D}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{294DDD72-304F-4EED-982-AC973BE729E}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{294DDD72-304F-4EED-982-AC973BE729E}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AA74FF2-8752-48E6-9D24-655E47972A71}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AA74FF2-8752-48E6-9D24-655E47972A71}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E111A62-8190-4515-B7B7-59E596FD47B}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E111A62-8190-4515-B7B7-59E596FD47B}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FAAD181-6A68-4B83-BAB0-BF80F8AB6AA}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FAAD181-6A68-4B83-BAB0-BF80F8AB6AA}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{329BE1B2-648A-4EB6-BA39-944D648799DD}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{329BE1B2-648A-4EB6-BA39-944D648799DD}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36780533-B516-4A5A-98C-F45E44DED07C}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36780533-B516-4A5A-98C-F45E44DED07C}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39DC85A5-89FD-4529-ADC1-42A55C9466F1}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39DC85A5-89FD-4529-ADC1-42A55C9466F1}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{465CC5DC-304B-43B3-AD9F-8F4B74C6CC72}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{465CC5DC-304B-43B3-AD9F-8F4B74C6CC72}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{487B21BD-9D32-4381-B0CA-36699FC134B}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{487B21BD-9D32-4381-B0CA-36699FC134B}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DF0F5FB-8825-41E9-BFB8-F58326E016}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DF0F5FB-8825-41E9-BFB8-F58326E016}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{502F4D5E-A57F-4F46-8B15-F36DD0578AB1}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{502F4D5E-A57F-4F46-8B15-F36DD0578AB1}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5334A585-6C6F-497D-B035-843527E825EB}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5334A585-6C6F-497D-B035-843527E825EB}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60468D7A-A02D-4AF6-B31B-4D0CC22DC1}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60468D7A-A02D-4AF6-B31B-4D0CC22DC1}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60484079-9799-49C4-9D21-44E731569993}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60484079-9799-49C4-9D21-44E731569993}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{614F4691-2FD5-488B-9341-3091495125F2}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{614F4691-2FD5-488B-9341-3091495125F2}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61C17BE8-4DE9-4157-98BA-5CFBF57EBA45}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61C17BE8-4DE9-4157-98BA-5CFBF57EBA45}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67954168-B294-4AEC-B893-5FF37623BC2}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67954168-B294-4AEC-B893-5FF37623BC2}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67ACFCC3-BF93-4FB0-ACF8-A18CCE367847}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67ACFCC3-BF93-4FB0-ACF8-A18CCE367847}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BE720A7-8190-440F-9F3C-16793E29F5A2}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BE720A7-8190-440F-9F3C-16793E29F5A2}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71D3FE9E-D24C-4C0D-951F-6792C75018CD}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71D3FE9E-D24C-4C0D-951F-6792C75018CD}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72DAD4FF-5B44-4BDB-A633-91B036F1E4CC}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72DAD4FF-5B44-4BDB-A633-91B036F1E4CC}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80d048a6-2d35-4120-8c7f-d2dd9d039aeb}]
"AppName"="HQ-Video-Pro-1.4-bg.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80d048a6-2d35-4120-8c7f-d2dd9d039aeb}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89384946-253-48D1-BA2-C18AD4462B9A}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89384946-253-48D1-BA2-C18AD4462B9A}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BD535DE-6279-43CB-B079-BA5762E1E410}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BD535DE-6279-43CB-B079-BA5762E1E410}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C9D7861-7249-4F1F-9C5C-3FB165312773}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C9D7861-7249-4F1F-9C5C-3FB165312773}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{936CD216-7184-458A-9E21-EED1416B617}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{936CD216-7184-458A-9E21-EED1416B617}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9840DB5D-C0A2-4892-BBD7-949EF4EDDEF9}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9840DB5D-C0A2-4892-BBD7-949EF4EDDEF9}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c873250-817a-4acb-82de-ad1608575c43}]
"AppName"="HQ-Video-Pro-1.4-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c873250-817a-4acb-82de-ad1608575c43}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A267F91D-C579-4208-916C-CF1BED8689E1}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A267F91D-C579-4208-916C-CF1BED8689E1}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC1163EF-9ACC-4D25-B86B-D85C6FA6C5F5}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC1163EF-9ACC-4D25-B86B-D85C6FA6C5F5}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8FBD383-4F4B-4773-A91D-955251F2236}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8FBD383-4F4B-4773-A91D-955251F2236}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD30BC3-C39E-432A-B933-1EB21F976A}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD30BC3-C39E-432A-B933-1EB21F976A}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1E71369-864-4614-A7E4-C459BD35A0B1}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1E71369-864-4614-A7E4-C459BD35A0B1}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1ED6C7A-E456-46A9-8FBF-D61276FC3230}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1ED6C7A-E456-46A9-8FBF-D61276FC3230}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C26287-734A-4890-A22B-44ED1E8B236}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C26287-734A-4890-A22B-44ED1E8B236}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C79F6B45-C184-40BC-B7F1-701BB6FBDB5F}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C79F6B45-C184-40BC-B7F1-701BB6FBDB5F}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8008460-4E69-4D89-995-2D27D40DF8}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8008460-4E69-4D89-995-2D27D40DF8}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C97463CF-4B18-409A-AFCA-461A2EE64AEE}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C97463CF-4B18-409A-AFCA-461A2EE64AEE}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAA69F84-CAF7-46DD-806F-4E26FEFC83F0}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAA69F84-CAF7-46DD-806F-4E26FEFC83F0}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC0E8C4F-E85C-48AB-B1D2-55381CBE756D}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC0E8C4F-E85C-48AB-B1D2-55381CBE756D}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D095DA7-D5D3-465B-98A8-5DF44714D843}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D095DA7-D5D3-465B-98A8-5DF44714D843}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2959928-A776-4703-8A96-6CD245C458ED}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2959928-A776-4703-8A96-6CD245C458ED}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D53122AD-D825-4ACC-9096-EEE2F1DF80E9}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D53122AD-D825-4ACC-9096-EEE2F1DF80E9}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D94BE9FC-950-430B-8EE4-677F91C0BCC}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D94BE9FC-950-430B-8EE4-677F91C0BCC}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA56F97E-8E30-4221-B37B-1E9460FA4CC2}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA56F97E-8E30-4221-B37B-1E9460FA4CC2}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCA21C95-AA7A-47F5-8F2F-142BA0142B16}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCA21C95-AA7A-47F5-8F2F-142BA0142B16}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3FE7A36-60F5-42F0-A220-D6E6AEE2F1D3}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3FE7A36-60F5-42F0-A220-D6E6AEE2F1D3}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB04B925-C381-4865-BD26-335165A615A}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB04B925-C381-4865-BD26-335165A615A}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F98C9458-E645-4702-903F-B17F98709B}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F98C9458-E645-4702-903F-B17F98709B}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA85BDC3-3858-4F02-8A2C-4F16A1813D24}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA85BDC3-3858-4F02-8A2C-4F16A1813D24}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF395EBB-E944-4F36-BF49-5F355E6687A}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF395EBB-E944-4F36-BF49-5F355E6687A}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\HQ-Video-Pro-1.4]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HQ-Video-Pro-1.4-chromeinstaller]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HQ-Video-Pro-1.4-codedownloader]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HQ-Video-Pro-1.4-enabler]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HQ-Video-Pro-1.4-firefoxinstaller]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HQ-Video-Pro-1.4-updater]
[HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\HQ-Video-Pro-1.4]
[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\HQ-Video-Pro-1.4]
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11E2C97A-52F4-42A2-A79B-BD8DF710FE77}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11E2C97A-52F4-42A2-A79B-BD8DF710FE77}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14317C8F-8F0A-4A41-A319-3DFCD44C95FC}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14317C8F-8F0A-4A41-A319-3DFCD44C95FC}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15343969-CC1B-4D00-9814-80A64A3D4BAD}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15343969-CC1B-4D00-9814-80A64A3D4BAD}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1715DC6D-114B-4A27-8B47-768098C2D520}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1715DC6D-114B-4A27-8B47-768098C2D520}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{199A5464-B759-48C8-88AD-3D534ACB6DA2}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{199A5464-B759-48C8-88AD-3D534ACB6DA2}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DEDE8D2-8D57-487F-994A-7C7C93B5390}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DEDE8D2-8D57-487F-994A-7C7C93B5390}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25C73A73-FA49-43F9-B5FC-75C5179BB57D}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25C73A73-FA49-43F9-B5FC-75C5179BB57D}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{294DDD72-304F-4EED-982-AC973BE729E}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{294DDD72-304F-4EED-982-AC973BE729E}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AA74FF2-8752-48E6-9D24-655E47972A71}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AA74FF2-8752-48E6-9D24-655E47972A71}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E111A62-8190-4515-B7B7-59E596FD47B}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E111A62-8190-4515-B7B7-59E596FD47B}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FAAD181-6A68-4B83-BAB0-BF80F8AB6AA}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FAAD181-6A68-4B83-BAB0-BF80F8AB6AA}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{329BE1B2-648A-4EB6-BA39-944D648799DD}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{329BE1B2-648A-4EB6-BA39-944D648799DD}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36780533-B516-4A5A-98C-F45E44DED07C}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36780533-B516-4A5A-98C-F45E44DED07C}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39DC85A5-89FD-4529-ADC1-42A55C9466F1}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39DC85A5-89FD-4529-ADC1-42A55C9466F1}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{465CC5DC-304B-43B3-AD9F-8F4B74C6CC72}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{465CC5DC-304B-43B3-AD9F-8F4B74C6CC72}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{487B21BD-9D32-4381-B0CA-36699FC134B}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{487B21BD-9D32-4381-B0CA-36699FC134B}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DF0F5FB-8825-41E9-BFB8-F58326E016}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DF0F5FB-8825-41E9-BFB8-F58326E016}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{502F4D5E-A57F-4F46-8B15-F36DD0578AB1}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{502F4D5E-A57F-4F46-8B15-F36DD0578AB1}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5334A585-6C6F-497D-B035-843527E825EB}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5334A585-6C6F-497D-B035-843527E825EB}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60468D7A-A02D-4AF6-B31B-4D0CC22DC1}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60468D7A-A02D-4AF6-B31B-4D0CC22DC1}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60484079-9799-49C4-9D21-44E731569993}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60484079-9799-49C4-9D21-44E731569993}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{614F4691-2FD5-488B-9341-3091495125F2}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{614F4691-2FD5-488B-9341-3091495125F2}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61C17BE8-4DE9-4157-98BA-5CFBF57EBA45}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61C17BE8-4DE9-4157-98BA-5CFBF57EBA45}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67954168-B294-4AEC-B893-5FF37623BC2}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67954168-B294-4AEC-B893-5FF37623BC2}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67ACFCC3-BF93-4FB0-ACF8-A18CCE367847}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67ACFCC3-BF93-4FB0-ACF8-A18CCE367847}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BE720A7-8190-440F-9F3C-16793E29F5A2}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BE720A7-8190-440F-9F3C-16793E29F5A2}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71D3FE9E-D24C-4C0D-951F-6792C75018CD}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71D3FE9E-D24C-4C0D-951F-6792C75018CD}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72DAD4FF-5B44-4BDB-A633-91B036F1E4CC}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72DAD4FF-5B44-4BDB-A633-91B036F1E4CC}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80d048a6-2d35-4120-8c7f-d2dd9d039aeb}]
"AppName"="HQ-Video-Pro-1.4-bg.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80d048a6-2d35-4120-8c7f-d2dd9d039aeb}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89384946-253-48D1-BA2-C18AD4462B9A}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89384946-253-48D1-BA2-C18AD4462B9A}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BD535DE-6279-43CB-B079-BA5762E1E410}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BD535DE-6279-43CB-B079-BA5762E1E410}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C9D7861-7249-4F1F-9C5C-3FB165312773}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C9D7861-7249-4F1F-9C5C-3FB165312773}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{936CD216-7184-458A-9E21-EED1416B617}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{936CD216-7184-458A-9E21-EED1416B617}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9840DB5D-C0A2-4892-BBD7-949EF4EDDEF9}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9840DB5D-C0A2-4892-BBD7-949EF4EDDEF9}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c873250-817a-4acb-82de-ad1608575c43}]
"AppName"="HQ-Video-Pro-1.4-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c873250-817a-4acb-82de-ad1608575c43}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A267F91D-C579-4208-916C-CF1BED8689E1}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A267F91D-C579-4208-916C-CF1BED8689E1}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC1163EF-9ACC-4D25-B86B-D85C6FA6C5F5}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC1163EF-9ACC-4D25-B86B-D85C6FA6C5F5}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8FBD383-4F4B-4773-A91D-955251F2236}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8FBD383-4F4B-4773-A91D-955251F2236}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD30BC3-C39E-432A-B933-1EB21F976A}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD30BC3-C39E-432A-B933-1EB21F976A}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1E71369-864-4614-A7E4-C459BD35A0B1}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1E71369-864-4614-A7E4-C459BD35A0B1}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1ED6C7A-E456-46A9-8FBF-D61276FC3230}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1ED6C7A-E456-46A9-8FBF-D61276FC3230}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C26287-734A-4890-A22B-44ED1E8B236}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C26287-734A-4890-A22B-44ED1E8B236}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C79F6B45-C184-40BC-B7F1-701BB6FBDB5F}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C79F6B45-C184-40BC-B7F1-701BB6FBDB5F}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8008460-4E69-4D89-995-2D27D40DF8}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8008460-4E69-4D89-995-2D27D40DF8}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C97463CF-4B18-409A-AFCA-461A2EE64AEE}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C97463CF-4B18-409A-AFCA-461A2EE64AEE}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAA69F84-CAF7-46DD-806F-4E26FEFC83F0}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAA69F84-CAF7-46DD-806F-4E26FEFC83F0}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC0E8C4F-E85C-48AB-B1D2-55381CBE756D}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC0E8C4F-E85C-48AB-B1D2-55381CBE756D}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D095DA7-D5D3-465B-98A8-5DF44714D843}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D095DA7-D5D3-465B-98A8-5DF44714D843}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2959928-A776-4703-8A96-6CD245C458ED}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2959928-A776-4703-8A96-6CD245C458ED}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D53122AD-D825-4ACC-9096-EEE2F1DF80E9}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D53122AD-D825-4ACC-9096-EEE2F1DF80E9}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D94BE9FC-950-430B-8EE4-677F91C0BCC}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D94BE9FC-950-430B-8EE4-677F91C0BCC}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA56F97E-8E30-4221-B37B-1E9460FA4CC2}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA56F97E-8E30-4221-B37B-1E9460FA4CC2}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCA21C95-AA7A-47F5-8F2F-142BA0142B16}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCA21C95-AA7A-47F5-8F2F-142BA0142B16}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3FE7A36-60F5-42F0-A220-D6E6AEE2F1D3}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3FE7A36-60F5-42F0-A220-D6E6AEE2F1D3}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB04B925-C381-4865-BD26-335165A615A}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB04B925-C381-4865-BD26-335165A615A}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F98C9458-E645-4702-903F-B17F98709B}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F98C9458-E645-4702-903F-B17F98709B}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA85BDC3-3858-4F02-8A2C-4F16A1813D24}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA85BDC3-3858-4F02-8A2C-4F16A1813D24}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF395EBB-E944-4F36-BF49-5F355E6687A}]
"AppName"="HQ-Video-Pro-1.4-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF395EBB-E944-4F36-BF49-5F355E6687A}]
"AppPath"="C:\Program Files\HQ-Video-Pro-1.4"
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\HQ-Video-Pro-1.4]
[HKEY_USERS\S-1-5-21-388039254-1379459305-1084319246-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\HQ-Video-Pro-1.4]
[HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\HQ-Video-Pro-1.4]
[HKEY_USERS\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\HQ-Video-Pro-1.4]
-= EOF =-
aber eigentlich läuft die kiste wieder supergeil !!!!!!! Danke jetzt schon mal !!!!!! echt super von dir !!! bin total begeistert !!!!! Ganz viele Grüße Klaus |
|
13.03.2014, 20:43
| #8 | |
| /// TB-Ausbilder | Dauernd Popups und Warnungen im Windows Internet Explorer Servus, Zitat:
 Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Im Anschluss daran räumen wir auf und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c98be86-cf79-4484-a2b2-dfe1ee126592}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f7e26d7-c6ad-49be-b48e-a5fcee221c82}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b21e5b2d-2af6-4182-9e8e-1ff00ee3efd0}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v {C3943733-723A-47AA-AB33-FDAF8C61D470} /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v {1D3DD6A0-D633-4379-AA69-D30A5273242A} /f
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
15.03.2014, 23:16
| #9 |
| | Dauernd Popups und Warnungen im Windows Internet Explorer Hi Matthias..... ups echt immer noch was....... ok............!!!! jo, bitte schön FRST log : Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-03-2014 01
Ran by Ted2000 at 2014-03-13 21:58:05 Run:1
Running from C:\Users\Ted2000\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c98be86-cf79-4484-a2b2-dfe1ee126592}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f7e26d7-c6ad-49be-b48e-a5fcee221c82}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b21e5b2d-2af6-4182-9e8e-1ff00ee3efd0}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v {C3943733-723A-47AA-AB33-FDAF8C61D470} /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v {1D3DD6A0-D633-4379-AA69-D30A5273242A} /f
end
*****************
========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c98be86-cf79-4484-a2b2-dfe1ee126592}" /f =========
Der Vorgang wurde erfolgreich beendet.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f7e26d7-c6ad-49be-b48e-a5fcee221c82}" /f =========
Der Vorgang wurde erfolgreich beendet.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b21e5b2d-2af6-4182-9e8e-1ff00ee3efd0}" /f =========
Der Vorgang wurde erfolgreich beendet.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v {C3943733-723A-47AA-AB33-FDAF8C61D470} /f =========
Der Vorgang wurde erfolgreich beendet.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v {1D3DD6A0-D633-4379-AA69-D30A5273242A} /f =========
Der Vorgang wurde erfolgreich beendet.
========= End of Reg: =========
==== End of Fixlog ====
Code:
ATTFilter
jetzt ja hier ..... Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=000a67a94e6990499a4892e6e7ae385a
# engine=17455
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-15 12:18:15
# local_time=2014-03-15 01:18:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 95 12724 17253807 5465 0
# compatibility_mode=5893 16776573 100 94 98747 146473886 0 0
# scanned=165797
# found=0
# cleaned=0
# scan_time=8002
und jetzt noch SecurityCheck : Code:
ATTFilter Results of screen317's Security Check version 0.99.80 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 12.0.0.77 Adobe Reader XI Mozilla Firefox 23.0.1 Firefox out of Date! Google Chrome 33.0.1750.117 Google Chrome 33.0.1750.146 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Danke erst...oder nochmal weil du dir echt so viel mühe gibst..... echt hammer.... würde das ja auch verdammt gern lernen habe aber eben kaum zeit... und bin vielleicht doch zu alt...... lieben Gruß klaus jetzt ist aber nix mehr oder ????? |
|
16.03.2014, 13:59
| #10 | |
| /// TB-Ausbilder | Dauernd Popups und Warnungen im Windows Internet Explorer Servus, Zitat:
Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Schritt 1
Prüfe bitte auch (regelmässig) ob folgende Links fehlende Updates bei deinen Plugins zeigen: Schritt 2 Die Reihenfolge ist hier entscheidend.
Schritt 3 Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems. Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti-Viren-Programm und zusätzlicher Schutz
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden. Mozilla Firefox
Performance
Was du vermeiden solltest:
Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
18.03.2014, 20:47
| #11 |
| /// TB-Ausbilder | Dauernd Popups und Warnungen im Windows Internet Explorer Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
20.03.2014, 22:36
| #12 |
| | Dauernd Popups und Warnungen im Windows Internet Explorer Hi Matthias....... Alles Perfekt !!!! wollte mich noch mal ganz Herzlich bedanken.... bei Dir....!!! ECHT SUPER VON DIR !!!!! und Danke Für die tipps ich meine ja,ich hatte ein Programm bei Chip oder sonst was untergeladen und dann war dieser Dreck mit der werbeflut popup mit dabei..................... Frechheit sowas !!!!! DANKE DIR NOCHMAL !!! ECHT COOL !!!! UND SUPER DAS ES SOLCHE FOREN GIBT WIE EURES...ich kenne nur Eures..... !!!!! ja, werde wieder Spenden....... KLAR !!!!! Mit ganz fruendlichen Grüßen Klaus Hildenbrand |
|
| Themen zu Dauernd Popups und Warnungen im Windows Internet Explorer |
| aufsetzen, entfernt, erkannt, gelöscht, gen, infizierte, installierte, internet, internet explorer, langsam, laufend, popups, programme, pup.optional.crossrider.a, pup.optional.hqvideopro.a, pup.optional.iminent.a, super, system, warnungen, würde, zuletzt |
und 
und speichere die Logdatei auf Deinem Desktop.
Hybrid-Darstellung
