| |
| |||||||
Log-Analyse und Auswertung: Probleme mit der Menüanzeige der rechten Maustaste im Browser nach MalewarebefallWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
31.10.2014, 10:16
| #1 |
| |  Probleme mit der Menüanzeige der rechten Maustaste im Browser nach Malewarebefall Hallo, nachdem ich selbst keine Lösung finde möchte ich hier mein Glück versuchen. Hab es gestern schonmal versucht und dabei ist mein Rechner abgestürzt. Nach dem Download einer stark Viren und Malware befallenen Datei, haben (fast) alle Programme etwas gefunden. Seitdem habe ich Probleme in Firefox. Wenn ich z.B. versuche die obige Internetadresse mit rechter Maustaste anzuklicken um z.B. zu kopieren, bekomme ich nur einen leeren Kasten angezeigt, ohne das ich ein Menü sehen kann oder was auswählen kann. Auf einigen Seiten habe ich das Problem auch woanders mit der rechten Maustaste. Im Internetexplorer geht es und auf dem Desktop oder in anderen Dateien auch. Wenn ich mit der Maustaste über einige Links im Net gehe erscheint auch der graue Kasten ohne Text, desweiteren auch oben in der Taskleiste des Browsers, wenn ich z.B. über das Symbol "Lesezeichen" gehe oder auch bei anderen Symbolen. auch hier beim Text schreiben bekomme ich keine Info wenn ich mit der Maus oben über die Symbole gehe. Bei einigen Seiten wo es eine Menüauswahl gibt so wie hier bei Schriftart und Größe kann ich das Menü nicht aufklappen. Hier geht es. Ich hoffe ihr versteht das Problem. Was ich bereits versucht habe. Ich habe Scans mit folgenden Programmen durchgeführt. -Comodovirenscan -Ad-Aware Antivirus -Malewarebytes Anti-Malware -Spybot -CCleaner die logs führe ich gerne bei. Einige Programme haben dabei Viren und Maleware gefunden. Ich hatte auch Probleme eine Suchmaschine aus der Startseite loszuwerden, wessen Name mir gerade nicht einfällt. Habe dazu ein paar Internet tipps ausprobiert und Firefox deinstalliert und neuinstalliert. Die Suchmaschine bin ich los aber mein Problem beim rechtsklicken und ähnliches hat sich nicht gelöst. Dann habe ich die genannten Schritte aus dem Forum ausgeführt und werde die Ergebnisse von defogger_disable.txt, FRST.txt mit Additions.txt, Gmer.txt auch beifügen. Ich würde mich freuen wenn jemand mir helfen kann, da ich selbst gerade keine Lösung finde und im Net keine gefunden habe. Als ich gestern versucht habe diesen Text zu posten, hatte ich teilweise keine Adminrechte auf meinen PC mehr, konnte nicht auf Comodo zugreifen und nicht auf Textdateien. Als meine Dateien als zu groß angezeigt wurden, wollte ich diese mit 7zip anzeigen. Auch dabei fehlten mir die Adminrechte. Wollte dann in den Adminmodus(eigentlich kann ich auch als anderer Nutzer alles wichtige machen) doch dabei bekam ich eine Fehlermeldung und dann ließ sich der PC nur noch ausschalten. Nach dem Neustart bekam ich bluescreen und eine frühere Version musste wieder hergestllt werden. Nun versuche ich nochmal mein Glück hier. Vielen Dank Leider finde ich bei Comodo die logs nicht Code:
ATTFilter # AdwCleaner v3.311 - Bericht erstellt am 08/10/2014 um 00:22:22
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : tester - COMPOSTER
# Gestartet von : C:\Users\tester\Downloads\adwcleaner_3.311.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : CltMngSvc
Dienst Gefunden : SPPD
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\END
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\RadioTotal4
Ordner Gefunden : C:\Program Files (x86)\SearchProtect
Ordner Gefunden : C:\ProgramData\Conduit
Ordner Gefunden : C:\SoftwareUpdater
Ordner Gefunden : C:\Users\tester\AppData\Local\Conduit
Ordner Gefunden : C:\Users\tester\AppData\Local\DownloadGuide
Ordner Gefunden : C:\Users\tester\AppData\Local\SearchProtect
Ordner Gefunden : C:\Users\tester\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\tester\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\tester\AppData\LocalLow\RadioTotal4
Ordner Gefunden : C:\Users\tester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gefunden : C:\Windows\SysWOW64\SearchProtect
***** [ Tasks ] *****
Task Gefunden : BackgroundContainer Startup Task
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\BackgroundContainer
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\RadioTotal4
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F498FE2B-6CB2-4EE5-A384-D93B11091457}
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F498FE2B-6CB2-4EE5-A384-D93B11091457}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3317893
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{898C6F9E-E672-450E-BA8B-EB2BD1860C76}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{977B751C-6E9E-4822-9564-B94FEC4C4838}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F498FE2B-6CB2-4EE5-A384-D93B11091457}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3317893
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gefunden : HKLM\SOFTWARE\RadioTotal4
Schlüssel Gefunden : HKLM\SOFTWARE\SearchProtect
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17280
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3317893&octid=CT3317893&SearchSource=61&CUI=UN40818337833256331&UM=2&UP=SPD01BB771-ACBE-41DA-9D60-012B6BA05709&SSPV=
-\\ Mozilla Firefox v32.0.3 (x86 de)
[ Datei : C:\Users\tester\AppData\Roaming\Mozilla\Firefox\Profiles\yvn6b3ym.default\prefs.js ]
Zeile gefunden : user_pref("extensions.GjhgjhgCXhjj.shoplist", "{\"shop\":{\"quelle.de\":[\"10003\",\"Quelle\",8,\"75\\u20ac Rabatt\"],\"schwab.de\":[\"10004\",\"Schwab\",4,\"15\\u20ac Rabatt\"],\"valentins.de\":[\"10[...]
-\\ Google Chrome v
[ Datei : C:\Users\tester\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gefunden [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Gefunden [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gefunden [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gefunden [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gefunden [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gefunden [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
*************************
AdwCleaner[R0].txt - [6948 octets] - [08/10/2014 00:22:22]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7008 octets] ##########
# AdwCleaner v3.311 - Bericht erstellt am 08/10/2014 um 00:26:07
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : tester - COMPOSTER
# Gestartet von : C:\Users\tester\Downloads\adwcleaner_3.311.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : CltMngSvc
Dienst Gefunden : SPPD
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\END
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\RadioTotal4
Ordner Gefunden : C:\Program Files (x86)\SearchProtect
Ordner Gefunden : C:\ProgramData\Conduit
Ordner Gefunden : C:\SoftwareUpdater
Ordner Gefunden : C:\Users\tester\AppData\Local\Conduit
Ordner Gefunden : C:\Users\tester\AppData\Local\DownloadGuide
Ordner Gefunden : C:\Users\tester\AppData\Local\SearchProtect
Ordner Gefunden : C:\Users\tester\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\tester\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\tester\AppData\LocalLow\RadioTotal4
Ordner Gefunden : C:\Users\tester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gefunden : C:\Windows\SysWOW64\SearchProtect
***** [ Tasks ] *****
Task Gefunden : BackgroundContainer Startup Task
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\BackgroundContainer
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\RadioTotal4
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F498FE2B-6CB2-4EE5-A384-D93B11091457}
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F498FE2B-6CB2-4EE5-A384-D93B11091457}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3317893
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{898C6F9E-E672-450E-BA8B-EB2BD1860C76}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{977B751C-6E9E-4822-9564-B94FEC4C4838}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F498FE2B-6CB2-4EE5-A384-D93B11091457}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3317893
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gefunden : HKLM\SOFTWARE\RadioTotal4
Schlüssel Gefunden : HKLM\SOFTWARE\SearchProtect
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17280
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3317893&octid=CT3317893&SearchSource=61&CUI=UN40818337833256331&UM=2&UP=SPD01BB771-ACBE-41DA-9D60-012B6BA05709&SSPV=
-\\ Mozilla Firefox v32.0.3 (x86 de)
[ Datei : C:\Users\tester\AppData\Roaming\Mozilla\Firefox\Profiles\yvn6b3ym.default\prefs.js ]
Zeile gefunden : user_pref("extensions.GjhgjhgCXhjj.shoplist", "{\"shop\":{\"quelle.de\":[\"10003\",\"Quelle\",8,\"75\\u20ac Rabatt\"],\"schwab.de\":[\"10004\",\"Schwab\",4,\"15\\u20ac Rabatt\"],\"valentins.de\":[\"10[...]
-\\ Google Chrome v
[ Datei : C:\Users\tester\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gefunden [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gefunden [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Gefunden [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gefunden [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gefunden [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gefunden [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gefunden [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
*************************
AdwCleaner[R0].txt - [7104 octets] - [08/10/2014 00:22:22]
AdwCleaner[R1].txt - [7008 octets] - [08/10/2014 00:26:07]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [7068 octets] ##########
# AdwCleaner v4.002 - Bericht erstellt am 30/10/2014 um 12:58:41
# Aktualisiert 27/10/2014 von Xplode
# Datenbank : 2014-10-26.6
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : tester - COMPOSTER
# Gestartet von : C:\Users\tester\Downloads\AdwCleaner_4.002.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\Program Files (x86)\globalUpdate
Ordner Gefunden : C:\SmootherWeb
Ordner Gefunden : C:\Users\tester\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\tester\AppData\Local\Temp\clicup
Ordner Gefunden : C:\Users\tester\AppData\LocalLow\GutscheinCodes
Ordner Gefunden : C:\Users\tester\AppData\Roaming\DigitalSites
Ordner Gefunden : C:\Users\tester\AppData\Roaming\InetStat
Ordner Gefunden : C:\Users\tester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
Ordner Gefunden : C:\Users\tester\AppData\Roaming\SmootherWeb
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1414094586&from=ild&uid=ST380815AS_9RW6JCF5
Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gefunden : HKCU\Software\clicup
Schlüssel Gefunden : HKCU\Software\dsiteproducts
Schlüssel Gefunden : HKCU\Software\GlobalUpdate
Schlüssel Gefunden : HKCU\Software\InetStat
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SmootherWeb
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\clicup
Schlüssel Gefunden : [x64] HKCU\Software\dsiteproducts
Schlüssel Gefunden : [x64] HKCU\Software\GlobalUpdate
Schlüssel Gefunden : [x64] HKCU\Software\InetStat
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [smoother]
Wert Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe]
Wert Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe]
Wert Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe]
Wert Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.2 (x86 de)
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [7104 octets] - [07/10/2014 23:22:22]
AdwCleaner[R1].txt - [7164 octets] - [07/10/2014 23:26:07]
AdwCleaner[R2].txt - [8191 octets] - [30/10/2014 12:58:41]
AdwCleaner[S0].txt - [6909 octets] - [07/10/2014 23:32:02]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [8311 octets] ##########
# AdwCleaner v3.311 - Bericht erstellt am 08/10/2014 um 00:32:02
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : tester - COMPOSTER
# Gestartet von : C:\Users\tester\Downloads\adwcleaner_3.311.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : CltMngSvc
Dienst Gelöscht : SPPD
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\SoftwareUpdater
Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\RadioTotal4
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\tester\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\tester\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\tester\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\tester\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\tester\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\tester\AppData\LocalLow\RadioTotal4
Ordner Gelöscht : C:\Users\tester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Datei Gelöscht : C:\END
***** [ Tasks ] *****
Task Gelöscht : BackgroundContainer Startup Task
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3317893
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3317893
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F498FE2B-6CB2-4EE5-A384-D93B11091457}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F498FE2B-6CB2-4EE5-A384-D93B11091457}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61F0D019-B016-4D56-9DAE-7B7706CD6755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F498FE2B-6CB2-4EE5-A384-D93B11091457}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{898C6F9E-E672-450E-BA8B-EB2BD1860C76}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{977B751C-6E9E-4822-9564-B94FEC4C4838}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{61F0D019-B016-4D56-9DAE-7B7706CD6755}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\BackgroundContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\RadioTotal4
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\RadioTotal4
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17280
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v32.0.3 (x86 de)
[ Datei : C:\Users\tester\AppData\Roaming\Mozilla\Firefox\Profiles\yvn6b3ym.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.GjhgjhgCXhjj.shoplist", "{\"shop\":{\"quelle.de\":[\"10003\",\"Quelle\",8,\"75\\u20ac Rabatt\"],\"schwab.de\":[\"10004\",\"Schwab\",4,\"15\\u20ac Rabatt\"],\"valentins.de\":[\"10[...]
-\\ Google Chrome v
[ Datei : C:\Users\tester\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gelöscht [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
*************************
AdwCleaner[R0].txt - [7104 octets] - [08/10/2014 00:22:22]
AdwCleaner[R1].txt - [7164 octets] - [08/10/2014 00:26:07]
AdwCleaner[S0].txt - [6761 octets] - [08/10/2014 00:32:02]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6821 octets] ##########
# AdwCleaner v4.002 - Bericht erstellt am 30/10/2014 um 13:01:38
# DB v2014-10-26.6
# Aktualisiert 27/10/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : tester - COMPOSTER
# Gestartet von : C:\Users\tester\Downloads\AdwCleaner_4.002.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\tester\AppData\Local\Temp\clicup
Ordner Gelöscht : C:\Users\tester\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Users\tester\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\tester\AppData\LocalLow\GutscheinCodes
Ordner Gelöscht : C:\Users\tester\AppData\Roaming\InetStat
Ordner Gelöscht : C:\SmootherWeb
Ordner Gelöscht : C:\Users\tester\AppData\Roaming\SmootherWeb
Ordner Gelöscht : C:\Users\tester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\tester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\tester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\tester\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [smoother]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe]
Schlüssel Gelöscht : HKCU\Software\clicup
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SmootherWeb
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.2 (x86 de)
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [7104 octets] - [07/10/2014 23:22:22]
AdwCleaner[R1].txt - [7164 octets] - [07/10/2014 23:26:07]
AdwCleaner[R2].txt - [8447 octets] - [30/10/2014 12:58:41]
AdwCleaner[S0].txt - [6909 octets] - [07/10/2014 23:32:02]
AdwCleaner[S1].txt - [8345 octets] - [30/10/2014 13:01:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8405 octets] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 09.10.2014 Suchlauf-Zeit: 22:12:27 Logdatei: maleware.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.10.09.10 Rootkit Datenbank: v2014.10.08.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: tester Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 348666 Verstrichene Zeit: 27 Min, 17 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 9 PUP.Optional.WinGuard.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{e4bf64e4-237e-48e7-b43b-da6e1b60d81a}, In Quarantäne, [a509848e473584b273537c1cde240ef2], PUP.Optional.WinGuard.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E4BF64E4-237E-48E7-B43B-DA6E1B60D81A}, In Quarantäne, [a509848e473584b273537c1cde240ef2], PUP.Optional.WinGuard.A, HKU\S-1-5-21-3301257352-363032961-1859707185-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E4BF64E4-237E-48E7-B43B-DA6E1B60D81A}, In Quarantäne, [a509848e473584b273537c1cde240ef2], PUP.Optional.WinGuard.A, HKU\S-1-5-21-3301257352-363032961-1859707185-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E4BF64E4-237E-48E7-B43B-DA6E1B60D81A}, In Quarantäne, [a509848e473584b273537c1cde240ef2], PUP.Optional.WinGuard.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WinGuard, In Quarantäne, [406ea56d601ca2943d1751d21ae9e917], PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [efbfd939186437ff5768d7ac689c956b], PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [971735dd314bda5cd9e5c2c1cc38c739], Rogue.WinGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WinGuard, In Quarantäne, [4569dd358bf17db9b04acd0d778c9070], PUP.Optional.BestMarkIt.A, HKU\S-1-5-21-3301257352-363032961-1859707185-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\best_markit, In Quarantäne, [c0ee13ffbebe6ccab2a233099e6532ce], Registrierungswerte: 1 PUP.Optional.ConduitSearchProtect, HKU\S-1-5-21-3301257352-363032961-1859707185-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SearchProtect, C:\Users\Gast\AppData\Roaming\SearchProtect\bin\cltmng.exe, In Quarantäne, [911d44ce3f3dce68b9d6c09c4eb66a96] Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 1 PUP.Optional.WinGuard.A, C:\Program Files (x86)\WinGuard, In Quarantäne, [406ea56d601ca2943d1751d21ae9e917], Dateien: 9 PUP.Optional.WinGuard.A, C:\Program Files (x86)\WinGuard\winguard.dll, In Quarantäne, [a509848e473584b273537c1cde240ef2], PUP.Optional.Breitschopp, C:\Users\tester\Downloads\free+pdf+perfect_1.0.exe, In Quarantäne, [b4fa0a0881fb8aaca076707c9c68f60a], PUP.Optional.BundleInstaller.A, C:\Users\tester\Downloads\Apache-OpenOffice_Setup_Download.exe, In Quarantäne, [e9c5789a126ae1553047f8312dd3ee12], PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, In Quarantäne, [614d19f92c5077bfd40f5e418a7728d8], PUP.Optional.WinGuard.A, C:\Program Files (x86)\WinGuard\winguard.crx, In Quarantäne, [406ea56d601ca2943d1751d21ae9e917], PUP.Optional.WinGuard.A, C:\Program Files (x86)\WinGuard\icon.ico, In Quarantäne, [406ea56d601ca2943d1751d21ae9e917], PUP.Optional.WinGuard.A, C:\Program Files (x86)\WinGuard\Uninst.exe, In Quarantäne, [406ea56d601ca2943d1751d21ae9e917], PUP.Optional.WinGuard.A, C:\Program Files (x86)\WinGuard\winguard.xpi, In Quarantäne, [406ea56d601ca2943d1751d21ae9e917], PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, In Quarantäne, [b0fe70a2b7c585b16d55cfb409fbb64a], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 29.10.2014 Suchlauf-Zeit: 23:29:00 Logdatei: Maleware2.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.10.29.08 Rootkit Datenbank: v2014.10.22.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: tester Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 355644 Verstrichene Zeit: 21 Min, 39 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [6e0e9c7ee09c45f17b2bcb5821e2c838], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 2 PUP.Optional.Amonetize, C:\$Recycle.Bin\S-1-5-21-3301257352-363032961-1859707185-1001\$R5GYPW0.exe, In Quarantäne, [b7c54bcfe5971e18acb4aa2e9869d42c], PUP.Optional.Amonetize, C:\$Recycle.Bin\S-1-5-21-3301257352-363032961-1859707185-1001\$R5WFCNI.exe, In Quarantäne, [97e547d3611bbd791c44518722dfab55], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter Search results from Spybot - Search & Destroy
24.10.2014 09:49:42
Scan took 00:28:16.
115 items found.
YourFileDownloader: [SBI $406D3162] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\YourFileDownloader
Barowwsoe2Save: [SBI $72F95947] User settings (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Optimizer Pro
PCUtilities.OptimizerPro: [SBI $7AF08CCA] Program directory (Directory, nothing done)
C:\Users\tester\Documents\Optimizer Pro\
Directory.subfile=C:\Users\tester\Documents\Optimizer Pro\CookiesException.txt
Directory.subfile.size=91
Directory.subfile.md5=19C728153EF70C31E021D3F7E3CBE20C
Directory.subfile.filedate=1414094696
Directory.subfile.filedatetext=2014-10-23 22:04:55
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\account.goodgamestudios.com\GGSAccount.sol
Properties.size=64
Properties.md5=776E4E43DB2AC41FE95FB18C4BF834C5
Properties.filedate=1414088231
Properties.filedatetext=2014-10-23 20:17:11
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\cachebreaker.goodgamestudios.com\analytics.sol
Properties.size=419
Properties.md5=E0876F3986B6A78C3DB05AA4FE6C1BF7
Properties.filedate=1414089349
Properties.filedatetext=2014-10-23 20:35:48
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\casino.skillonnet.com\Data.sol
Properties.size=230
Properties.md5=6DCDCC42E6F853717E3386A14662A46B
Properties.filedate=1413319858
Properties.filedatetext=2014-10-14 22:50:58
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\cdn.flashtalking.com\FT_cookie.sol
Properties.size=43
Properties.md5=5BD98BB813EEDA3C606E3671EE84AA76
Properties.filedate=1413199002
Properties.filedatetext=2014-10-13 13:16:42
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\clicktoview.org\com.jeroenwijering.sol
Properties.size=54
Properties.md5=1FE690ECBBEE603C3B749968EA366783
Properties.filedate=1413583410
Properties.filedatetext=2014-10-18 00:03:30
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\fbstatic-a.akamaihd.net\play.spotify.com.sol
Properties.size=87
Properties.md5=77FA0E87348AFAC0621707A8E6CB1A1D
Properties.filedate=1414134546
Properties.filedatetext=2014-10-24 09:09:05
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\games.mafa.com\analytics.sol
Properties.size=351
Properties.md5=6597C1C68C08447D19D63B43F6B336CB
Properties.filedate=1414085134
Properties.filedatetext=2014-10-23 19:25:34
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\h2r5i8s8.map2.ssl.hwcdn.net\analytics.sol
Properties.size=458
Properties.md5=86172FD121E8D59F622C2AA3751B6989
Properties.filedate=1413385395
Properties.filedatetext=2014-10-15 17:03:14
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\hub.freshmilk.tv\analytics.sol
Properties.size=257
Properties.md5=1F7FC8E501348842603A1CC166F4A1A4
Properties.filedate=1414068163
Properties.filedatetext=2014-10-23 14:42:42
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\images-na.ssl-images-amazon.com\mercury.sol
Properties.size=69
Properties.md5=47B903EEFF15067C232EDE8A361BE303
Properties.filedate=1413799408
Properties.filedatetext=2014-10-20 12:03:27
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\ncookie.ranch.goodgamestudios.com\GoodgameRanch_1.sol
Properties.size=205
Properties.md5=EFF2A55288C3D0513A247F0A44235C8A
Properties.filedate=1414089266
Properties.filedatetext=2014-10-23 20:34:26
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\s-assets.tp-cdn.com\dealspot.sol
Properties.size=84
Properties.md5=DD1C47FE6D7DC88E25817C74545D85AD
Properties.filedate=1413385346
Properties.filedatetext=2014-10-15 17:02:26
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\s.yimg.com\com.yahoo.yep.sol
Properties.size=54
Properties.md5=DD1B9267261B724A5805D9401E5ADAE0
Properties.filedate=1413905097
Properties.filedatetext=2014-10-21 17:24:57
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\s.ytimg.com\soundData.sol
Properties.size=58
Properties.md5=0C496C36B0B95C03CC63EFEF28768456
Properties.filedate=1413961523
Properties.filedatetext=2014-10-22 09:05:23
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\secureinclude.ebaystatic.com\ebayLSO.sol
Properties.size=131
Properties.md5=9B9EB2D014217DBC41BAE17D53CCD1FB
Properties.filedate=1413925145
Properties.filedatetext=2014-10-21 22:59:04
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\secureinclude.ebaystatic.com\ebayT.sol
Properties.size=39
Properties.md5=B43F43445AA3414DDC22EC80FBB22871
Properties.filedate=1413925145
Properties.filedatetext=2014-10-21 22:59:04
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\static.wix.com\WixComputerID.sol
Properties.size=153
Properties.md5=899176F3B8FED98C4780C9FA0672BBC9
Properties.filedate=1414089342
Properties.filedatetext=2014-10-23 20:35:41
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\video.fashiondaily.tv\analytics.sol
Properties.size=257
Properties.md5=2278F5E07E9B98729A3576A4295ADF59
Properties.filedate=1414068151
Properties.filedatetext=2014-10-23 14:42:31
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.paypalobjects.com\PayPalLSO.sol
Properties.size=49
Properties.md5=D97223D19DA3D396651426AB5B2559CB
Properties.filedate=1413925133
Properties.filedatetext=2014-10-21 22:58:52
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.paypalobjects.com\ppLsoTest.sol
Properties.size=48
Properties.md5=74EE4375686A2069414EEF13E7B62789
Properties.filedate=1414087954
Properties.filedatetext=2014-10-23 20:12:33
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www1.belboon.de\000020029.sol
Properties.size=169
Properties.md5=207C5FD0820AD42DEC7424FC400B4B8D
Properties.filedate=1412973662
Properties.filedatetext=2014-10-10 22:41:01
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\aa.online-metrix.net\fpc.swf\session.sol
Properties.size=76
Properties.md5=2A0A0E59B463B4B8BADD0B247B1EDC9E
Properties.filedate=1413925135
Properties.filedatetext=2014-10-21 22:58:54
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\ndirect.ppro.de\vft\clickIDs.sol
Properties.size=66
Properties.md5=D63323619FD93CE50D8A585EFFB6522D
Properties.filedate=1414077887
Properties.filedatetext=2014-10-23 17:24:46
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\skype.com\#ui\preferences.sol
Properties.size=234
Properties.md5=59B759209E3DD94EA715491F968098F6
Properties.filedate=1414095330
Properties.filedatetext=2014-10-23 22:15:30
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\games.mafa.com\3\Rapunzel-Playground-Accident.swf\flashgamesubmitter.sol
Properties.size=126
Properties.md5=BA0BD2FD974C058B5950A594C9F26509
Properties.filedate=1414083125
Properties.filedatetext=2014-10-23 18:52:04
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
Properties.size=103
Properties.md5=69B2BE37960FA69919CAA14E33CCBE94
Properties.filedate=1414078208
Properties.filedatetext=2014-10-23 17:30:07
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.filmon.com\#com.junkbyte\Console\UserData.sol
Properties.size=105
Properties.md5=6C97375D550C57FF13E902BC7EF7E57C
Properties.filedate=1413578069
Properties.filedatetext=2014-10-17 22:34:29
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.kinderspelletjes.nl\spelswf\snoepfabriek.swf\ts_fabricsaga_1403221.sol
Properties.size=64
Properties.md5=D2E80928C2627791BE76124E8790D40F
Properties.filedate=1413478276
Properties.filedatetext=2014-10-16 18:51:15
BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): tester) (Browser: Cookie, nothing done)
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): tester) (Browser: Cookie, nothing done)
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
FastClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
WebTrends live: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Zedo: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
FastClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: tester (default-1414105285531)) (Browser: Cookie, nothing done)
Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Internet Explorer\TypedURLs
Internet Explorer: [SBI $FF589D0C] Download directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Internet Explorer\Download Directory
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Microsoft Management Console\Recent File List
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\WinRAR\ArcHistory
WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\WinRAR\General\LastFolder
Cookie: [SBI $49804B54] Browser: Cookie (122) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (1271) (Browser: Cache, nothing done)
Verlauf: [SBI $49804B54] Browser: History (122) (Browser: History, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (3096) (Browser: Cookie, nothing done)
--- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) ---
2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDHookInst64.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-10-24 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDECon64.dll (2.3.39.113)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDHook64.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-10-22 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-09-24 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-10-07 Includes\Malware-000.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-04-15 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-10-14 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-10-22 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-07-09 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2014-10-22 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
[i] 14-10-24 09:53:15
[i] 14-10-24 09:53:15 Product YourFileDownloader
[+] 14-10-24 09:53:15 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\YourFileDownloader
[+] 14-10-24 09:53:15 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\YourFileDownloader
[i] 14-10-24 09:53:15
[i] 14-10-24 09:53:15 Product Barowwsoe2Save
[+] 14-10-24 09:53:15 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Optimizer Pro
[+] 14-10-24 09:53:15 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Optimizer Pro
[i] 14-10-24 09:53:15
[i] 14-10-24 09:53:15 Product PCUtilities.OptimizerPro
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\Documents\Optimizer Pro\
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\Documents\Optimizer Pro\
[i] 14-10-24 09:53:15
[i] 14-10-24 09:53:15 Product Macromedia.FlashPlayer.Cookies
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\account.goodgamestudios.com\GGSAccount.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\cachebreaker.goodgamestudios.com\analytics.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\casino.skillonnet.com\Data.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\cdn.flashtalking.com\FT_cookie.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\clicktoview.org\com.jeroenwijering.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\fbstatic-a.akamaihd.net\play.spotify.com.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\games.mafa.com\analytics.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\h2r5i8s8.map2.ssl.hwcdn.net\analytics.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\hub.freshmilk.tv\analytics.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\images-na.ssl-images-amazon.com\mercury.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\ncookie.ranch.goodgamestudios.com\GoodgameRanch_1.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\s-assets.tp-cdn.com\dealspot.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\s.yimg.com\com.yahoo.yep.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\s.ytimg.com\soundData.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\secureinclude.ebaystatic.com\ebayLSO.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\secureinclude.ebaystatic.com\ebayT.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\static.wix.com\WixComputerID.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\video.fashiondaily.tv\analytics.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.paypalobjects.com\PayPalLSO.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.paypalobjects.com\ppLsoTest.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www1.belboon.de\000020029.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\aa.online-metrix.net\fpc.swf\session.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\ndirect.ppro.de\vft\clickIDs.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\skype.com\#ui\preferences.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\games.mafa.com\3\Rapunzel-Playground-Accident.swf\flashgamesubmitter.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.filmon.com\#com.junkbyte\Console\UserData.sol
[+] 14-10-24 09:53:15 Moving into quarantine C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.kinderspelletjes.nl\spelswf\snoepfabriek.swf\ts_fabricsaga_1403221.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\account.goodgamestudios.com\GGSAccount.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\cachebreaker.goodgamestudios.com\analytics.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\casino.skillonnet.com\Data.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\cdn.flashtalking.com\FT_cookie.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\clicktoview.org\com.jeroenwijering.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\fbstatic-a.akamaihd.net\play.spotify.com.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\games.mafa.com\analytics.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\h2r5i8s8.map2.ssl.hwcdn.net\analytics.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\hub.freshmilk.tv\analytics.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\images-na.ssl-images-amazon.com\mercury.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\ncookie.ranch.goodgamestudios.com\GoodgameRanch_1.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\s-assets.tp-cdn.com\dealspot.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\s.yimg.com\com.yahoo.yep.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\s.ytimg.com\soundData.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\secureinclude.ebaystatic.com\ebayLSO.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\secureinclude.ebaystatic.com\ebayT.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\static.wix.com\WixComputerID.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\video.fashiondaily.tv\analytics.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.paypalobjects.com\PayPalLSO.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.paypalobjects.com\ppLsoTest.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www1.belboon.de\000020029.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\aa.online-metrix.net\fpc.swf\session.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\ndirect.ppro.de\vft\clickIDs.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\skype.com\#ui\preferences.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\games.mafa.com\3\Rapunzel-Playground-Accident.swf\flashgamesubmitter.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.filmon.com\#com.junkbyte\Console\UserData.sol
[+] 14-10-24 09:53:15 Successfully cleaned C:\Users\tester\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PPTV3GG9\www.kinderspelletjes.nl\spelswf\snoepfabriek.swf\ts_fabricsaga_1403221.sol
[i] 14-10-24 09:53:15
[i] 14-10-24 09:53:15 Product BurstMedia
[+] 14-10-24 09:53:15 Moving into quarantine Cookie (Internet Explorer (Benutzer): tester)Cookie:tester@burstnet.com/ ()
[+] 14-10-24 09:53:15 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).burstnet.com/ (BI81304)
[+] 14-10-24 09:53:15 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).burstnet.com/ (TID)
[+] 14-10-24 09:53:15 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).burstnet.com/ (BI77335)
[+] 14-10-24 09:53:15 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).burstnet.com/ (BI77161)
[+] 14-10-24 09:53:15 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).burstnet.com/ (BI76200)
[+] 14-10-24 09:53:15 Successfully cleaned Cookie (Internet Explorer (Benutzer): tester)Cookie:tester@burstnet.com/ ()
[+] 14-10-24 09:53:15 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).burstnet.com/ (BI81304)
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).burstnet.com/ (TID)
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).burstnet.com/ (BI77335)
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).burstnet.com/ (BI77161)
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).burstnet.com/ (BI76200)
[i] 14-10-24 09:53:16
[i] 14-10-24 09:53:16 Product DoubleClick
[+] 14-10-24 09:53:16 Moving into quarantine Cookie (Internet Explorer (Benutzer): tester)Cookie:tester@doubleclick.net/ ()
[+] 14-10-24 09:53:16 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).doubleclick.net/ (id)
[+] 14-10-24 09:53:16 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).survey.g.doubleclick.net/ (PAIDCONTENT)
[+] 14-10-24 09:53:16 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).ad-emea.doubleclick.net/ (ebNewBandWidth_.ad-emea.doubleclick.net)
[+] 14-10-24 09:53:16 Moving into quarantine Cookie (Firefox: tester (default-1414105285531))ad-emea.doubleclick.net/ (axd)
[+] 14-10-24 09:53:16 Moving into quarantine Cookie (Firefox: tester (default-1414105285531))ad.doubleclick.net/ (axd)
[+] 14-10-24 09:53:16 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).doubleclick.net/ (_drt_)
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Internet Explorer (Benutzer): tester)Cookie:tester@doubleclick.net/ ()
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).doubleclick.net/ (id)
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).survey.g.doubleclick.net/ (PAIDCONTENT)
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).ad-emea.doubleclick.net/ (ebNewBandWidth_.ad-emea.doubleclick.net)
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Firefox: tester (default-1414105285531))ad-emea.doubleclick.net/ (axd)
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Firefox: tester (default-1414105285531))ad.doubleclick.net/ (axd)
[+] 14-10-24 09:53:16 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).doubleclick.net/ (_drt_)
[i] 14-10-24 09:53:16
[i] 14-10-24 09:53:16 Product FastClick
[+] 14-10-24 09:53:16 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).fastclick.net/ (cttutcid)
[+] 14-10-24 09:53:16 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).fastclick.net/ (pluto)
[+] 14-10-24 09:53:17 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).fastclick.net/ (cttutcid)
[+] 14-10-24 09:53:17 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).fastclick.net/ (pluto)
[i] 14-10-24 09:53:17
[i] 14-10-24 09:53:17 Product MediaPlex
[+] 14-10-24 09:53:17 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).mediaplex.com/ (svid)
[+] 14-10-24 09:53:17 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).mediaplex.com/ (mojo2)
[+] 14-10-24 09:53:17 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).emjcd.com/ (S)
[+] 14-10-24 09:53:17 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).emjcd.com/ (LCLK)
[+] 14-10-24 09:53:17 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).mediaplex.com/ (rts)
[+] 14-10-24 09:53:17 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).mediaplex.com/ (mojo1)
[+] 14-10-24 09:53:17 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).mediaplex.com/ (mojo3)
[+] 14-10-24 09:53:17 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).mediaplex.com/ (svid)
[+] 14-10-24 09:53:17 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).mediaplex.com/ (mojo2)
[+] 14-10-24 09:53:17 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).emjcd.com/ (S)
[+] 14-10-24 09:53:17 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).emjcd.com/ (LCLK)
[+] 14-10-24 09:53:18 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).mediaplex.com/ (rts)
[+] 14-10-24 09:53:18 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).mediaplex.com/ (mojo1)
[+] 14-10-24 09:53:18 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).mediaplex.com/ (mojo3)
[i] 14-10-24 09:53:18
[i] 14-10-24 09:53:18 Product Tradedoubler
[+] 14-10-24 09:53:18 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (GUID)
[+] 14-10-24 09:53:18 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (TradeDoublerGUID)
[+] 14-10-24 09:53:18 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (EH_0)
[+] 14-10-24 09:53:18 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (EH_1)
[+] 14-10-24 09:53:18 Moving into quarantine Cookie (Firefox: tester (default-1414105285531))solutions.tradedoubler.com/ (TD_SOFT)
[+] 14-10-24 09:53:18 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (BT)
[+] 14-10-24 09:53:18 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (PI)
[+] 14-10-24 09:53:18 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (UI)
[+] 14-10-24 09:53:18 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (GUID)
[+] 14-10-24 09:53:18 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (TradeDoublerGUID)
[+] 14-10-24 09:53:18 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (EH_0)
[+] 14-10-24 09:53:18 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (EH_1)
[+] 14-10-24 09:53:18 Successfully cleaned Cookie (Firefox: tester (default-1414105285531))solutions.tradedoubler.com/ (TD_SOFT)
[+] 14-10-24 09:53:18 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (BT)
[+] 14-10-24 09:53:18 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (PI)
[+] 14-10-24 09:53:19 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).tradedoubler.com/ (UI)
[i] 14-10-24 09:53:19
[i] 14-10-24 09:53:19 Product Statcounter
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).statcounter.com/ (is_unique_1)
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).statcounter.com/ (is_visitor_unique)
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).statcounter.com/ (is_unique_2)
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).statcounter.com/ (is_unique)
[+] 14-10-24 09:53:19 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).statcounter.com/ (is_unique_1)
[+] 14-10-24 09:53:19 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).statcounter.com/ (is_visitor_unique)
[+] 14-10-24 09:53:19 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).statcounter.com/ (is_unique_2)
[+] 14-10-24 09:53:19 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).statcounter.com/ (is_unique)
[i] 14-10-24 09:53:19
[i] 14-10-24 09:53:19 Product WebTrends live
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531))statse.webtrendslive.com/ (ACOOKIE)
[+] 14-10-24 09:53:19 Successfully cleaned Cookie (Firefox: tester (default-1414105285531))statse.webtrendslive.com/ (ACOOKIE)
[i] 14-10-24 09:53:19
[i] 14-10-24 09:53:19 Product CasaleMedia
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMPS)
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMRUM2)
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMST)
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMDD)
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMID)
[+] 14-10-24 09:53:19 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMTS)
[+] 14-10-24 09:53:19 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMPS)
[+] 14-10-24 09:53:19 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMRUM2)
[+] 14-10-24 09:53:19 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMST)
[+] 14-10-24 09:53:20 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMDD)
[+] 14-10-24 09:53:20 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMID)
[+] 14-10-24 09:53:20 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).casalemedia.com/ (CMTS)
[i] 14-10-24 09:53:20
[i] 14-10-24 09:53:20 Product Zedo
[+] 14-10-24 09:53:20 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).zedo.com/ (ZEDOIDA)
[+] 14-10-24 09:53:20 Moving into quarantine Cookie (Firefox: tester (default-1414105285531)).zedo.com/ (FFIDA)
[+] 14-10-24 09:53:20 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).zedo.com/ (ZEDOIDA)
[+] 14-10-24 09:53:20 Successfully cleaned Cookie (Firefox: tester (default-1414105285531)).zedo.com/ (FFIDA)
[i] 14-10-24 09:53:20
[i] 14-10-24 09:53:20 Product Internet Explorer
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Internet Explorer\TypedURLs
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Internet Explorer\Download Directory
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Internet Explorer\TypedURLs
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Internet Explorer\Download Directory
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i] 14-10-24 09:53:20
[i] 14-10-24 09:53:20 Product MS Management Console
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Microsoft Management Console\Recent File List
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Microsoft Management Console\Recent File List
[i] 14-10-24 09:53:20
[i] 14-10-24 09:53:20 Product MS Media Player
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
[i] 14-10-24 09:53:20
[i] 14-10-24 09:53:20 Product MS Direct3D
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i] 14-10-24 09:53:20
[i] 14-10-24 09:53:20 Product MS DirectDraw
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[i] 14-10-24 09:53:20
[i] 14-10-24 09:53:20 Product MS DirectInput
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+] 14-10-24 09:53:20 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
[i] 14-10-24 09:53:21
[i] 14-10-24 09:53:21 Product MS Paint
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
[i] 14-10-24 09:53:21
[i] 14-10-24 09:53:21 Product MS Regedit
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[i] 14-10-24 09:53:21
[i] 14-10-24 09:53:21 Product Windows.OpenWith
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[i] 14-10-24 09:53:21
[i] 14-10-24 09:53:21 Product Windows Explorer
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i] 14-10-24 09:53:21
[i] 14-10-24 09:53:21 Product Windows Media SDK
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-501\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i] 14-10-24 09:53:21
[i] 14-10-24 09:53:21 Product WinRAR
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\WinRAR\ArcHistory
[+] 14-10-24 09:53:21 Moving into quarantine HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\WinRAR\General\LastFolder
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\WinRAR\ArcHistory
[+] 14-10-24 09:53:21 Successfully cleaned HKEY_USERS\S-1-5-21-3301257352-363032961-1859707185-1001\Software\WinRAR\General\LastFolder
[i] 14-10-24 09:53:21
[i] 14-10-24 09:53:21 Product Cookie
[+] 14-10-24 09:53:21 Moving into quarantine Internet Explorer (Benutzer) (tester)Cookies
[+] 14-10-24 09:53:21 Moving into quarantine Firefox (tester (default-1414105285531))Cookies
[+] 14-10-24 09:53:21 Successfully cleaned Internet Explorer (Benutzer) (tester)Cookies
[+] 14-10-24 09:53:21 Successfully cleaned Firefox (tester (default-1414105285531))Cookies
[i] 14-10-24 09:53:21
[i] 14-10-24 09:53:21 Product Cache
[+] 14-10-24 09:53:21 Moving into quarantine Internet Explorer (Benutzer) (tester)Cache
[+] 14-10-24 09:53:23 Successfully cleaned Internet Explorer (Benutzer) (tester)Cache
[i] 14-10-24 09:53:23
[i] 14-10-24 09:53:23 Product Verlauf
[+] 14-10-24 09:53:23 Moving into quarantine Internet Explorer (Benutzer) (tester)History
[+] 14-10-24 09:53:23 Successfully cleaned Internet Explorer (Benutzer) (tester)History
[i] 14-10-24 09:53:23
[i] 14-10-24 09:53:23 Summary
[i] 14-10-24 09:53:23 Errors while cleaning 0
[i] 14-10-24 09:53:23 Files moved into quarantine 115
[i] 14-10-24 09:53:23 Files successfully cleaned 115
nun die erwünschten textdateien Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:03 on 30/10/2014 (tester)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Hoffe das ist in Ordnung Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-30 21:21:09
Windows 6.1.7601 Service Pack 1 x64
Running: Gmer-19357.exe
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\CmdAgent\Mode\Configurations@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\CmdAgent\Mode\Data@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\CmdAgent\Mode\Options@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Teredo\PreviousState\00-26-5b-ee-2d-b2@TeredoAddress 2001:0:5ef5:79fd:38d1:b4d3:a0a4:290f
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch 11931
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 5734
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{9B33729C-D774-44E8-933B-72A52F52CDBC}@DhcpIPAddress 192.168.0.12
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{9B33729C-D774-44E8-933B-72A52F52CDBC}@LeaseObtainedTime 1414694578
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{9B33729C-D774-44E8-933B-72A52F52CDBC}@T1 1414996978
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{9B33729C-D774-44E8-933B-72A52F52CDBC}@T2 1415223778
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{9B33729C-D774-44E8-933B-72A52F52CDBC}@LeaseTerminatesTime 1415299378
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{9b33729c-d774-44e8-933b-72a52f52cdbc}@Dhcpv6MaxLeaseExpireTime 1414701331
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{9b33729c-d774-44e8-933b-72a52f52cdbc}@Dhcpv6LeaseObtainedTime 1414695931
Reg HKLM\SYSTEM\ControlSet002\services\CmdAgent\Mode\Configurations@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\CmdAgent\Mode\Data@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\CmdAgent\Mode\Options@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ...
Reg HKLM\SYSTEM\Software\COMODO\Cam@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ...
Reg HKLM\SYSTEM\Software\COMODO\Firewall Pro@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ...
---- EOF - GMER 2.1 ----
Vielen Dank für eure Hilfe Freue mich über Antwort und Rat |
| Themen zu Probleme mit der Menüanzeige der rechten Maustaste im Browser nach Malewarebefall |
| bluescreen, conduitsearch, conduitsearch entfernen, diner dash, diner dash entfernen, fehlermeldung, helper.exe, pup.optional.amonetize, pup.optional.bestmarkit.a, pup.optional.breitschopp, pup.optional.bundleinstaller.a, pup.optional.conduitsearchprotect, pup.optional.searchprotect, pup.optional.searchprotect.a, pup.optional.windowsmangerprotect.a, pup.optional.winguard.a, registry key, rogue.winguard, suchmaschine, teredo |
Baum-Darstellung