die Logdatei von AdwCleaner, Code:
# AdwCleaner v3.023 - Bericht erstellt am 01/04/2014 um 19:04:52
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : angel - ANGEL-PC
# Gestartet von : C:\Users\angel\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\rvlkl
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Users\angel\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\angel\AppData\Roaming\Systweak
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater
Datei Gelöscht : C:\Windows\System32\Tasks\ProtectedSearch
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16521
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\angel\AppData\Roaming\Mozilla\Firefox\Profiles\4qua5mwg.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [980 octets] - [04/01/2014 11:09:01]
AdwCleaner[R1].txt - [1100 octets] - [05/01/2014 16:28:47]
AdwCleaner[R2].txt - [4205 octets] - [01/04/2014 19:04:09]
AdwCleaner[S0].txt - [1040 octets] - [04/01/2014 11:09:55]
AdwCleaner[S1].txt - [3008 octets] - [01/04/2014 19:04:52]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3068 octets] ########## die Logdatei von JRT, Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by angel on 01.04.2014 at 19:10:38,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\angel\AppData\Roaming\mozilla\firefox\profiles\4qua5mwg.default\minidumps [88 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.04.2014 at 19:15:38,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ die Logdatei von MBAM, Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 01.04.2014
Suchlauf-Zeit: 19:40:01
Logdatei: Mbam.txt
Administrator: Ja
Version: 2.00.0.1000
Malware Datenbank: v2014.04.01.06
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: angel
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 281437
Verstrichene Zeit: 12 Min, 5 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 0
(No malicious items detected)
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 12
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[d82870902dd3c13fb6ff4cc3fb096f91]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=hp&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=hp&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[bb450cf4f80852aeece73acbd0346e92]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=hp&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=hp&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[52ae6b959967966ae5dad639ac5814ec]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[7c847b85ca36ad5300d13dc80004f40c]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[39c70ff13ec2b14f4b729877cb39f709]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[9868748cfe02de22e3ef6f96f80cb24e]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[5ca49f61ef11669afdc15fb0bf45dc24]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[808025db936d5ba59440b4514eb67090]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[3cc4bd430af642be318f000f46bec13f]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[7e8208f8f709a759f3e251b4c73d50b0]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[ef117d83dd237090724f9e71f311b54b]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-979047111-3019266187-3407045396-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8327f32b-c329-014a-3be5-295887cd8784&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000),Ersetzt,[ad53d03047b95ea2a22ec5406c98e51b]
Ordner: 0
(No malicious items detected)
Dateien: 13
Keylogger.Logixoft, C:\Users\Public\Desktop\rkfree_setup.exe, In Quarantäne, [8f71f30d6898f40ceb0d53c2dc28e020],
PUP.Optional.RegCleanerPro, C:\$Recycle.Bin\S-1-5-21-979047111-3019266187-3407045396-1000\$R2C34L8.exe, In Quarantäne, [39c7a957b44c15eb31ae33cf90713bc5],
PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-979047111-3019266187-3407045396-1000\$RP6NU9A.exe, In Quarantäne, [7c84dc24dd2315eb8bc673ae35cccb35],
PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-979047111-3019266187-3407045396-1000\$RJ3O7E1.exe, In Quarantäne, [f40c936d0bf5df21d37e7fa20cf5bc44],
PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-979047111-3019266187-3407045396-1000\$RQPDRAE.exe, In Quarantäne, [4fb1699752ae6d93aca541e0d130649c],
PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-979047111-3019266187-3407045396-1000\$RHPQCWU.exe, In Quarantäne, [ee1233cd67992ad62d24cf52fb0622de],
PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-979047111-3019266187-3407045396-1000\$RL3EJ5N.exe, In Quarantäne, [916f7c84c8387d83440d2ff2e81940c0],
PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-979047111-3019266187-3407045396-1000\$RK0C2DU\sp-downloader.exe, In Quarantäne, [10f0bc44bc4440c0413c1400d42dd52b],
PUP.Optional.RegCleanerPro, C:\$Recycle.Bin\S-1-5-21-979047111-3019266187-3407045396-1000\$RU2KAOP\RegCleanSetup9.exe, In Quarantäne, [25db748c38c88b7509d64cb65da422de],
PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-979047111-3019266187-3407045396-1000\$RDQIIT4\SpSetup.exe, In Quarantäne, [06fa0ef2f10f37c98fb2b85e659c50b0],
Trojan.Agent, C:\Windows\SysWOW64\svchosptd.exe, In Quarantäne, [6a96a957af51c43c0e200612bd4739c7],
PUP.Optional.BundleInstaller.A, C:\Users\angel\Downloads\revealer-keylogger-windows-downloader_de.exe, In Quarantäne, [748cbb456b951ce41e2851140100da26],
PUP.Optional.Simplytech, C:\Windows\Launcher.exe, In Quarantäne, [db25d52b4bb501ffeb77763353b0c13f],
Physische Sektoren: 0
(No malicious items detected)
(end) die Logdatei von Zoek. Code:
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by angel on 01.04.2014 at 19:46:50,27.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\angel\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
01.04.2014 19:48:46 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\angel\AppData\Roaming\Mozilla\Firefox\Profiles\4qua5mwg.default\prefs.js:
user_pref("browser.startup.homepage", "www.google.de");
Added to C:\Users\angel\AppData\Roaming\Mozilla\Firefox\Profiles\4qua5mwg.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\angel\AppData\Roaming\Mozilla\Firefox\Profiles\4qua5mwg.default
user.js not found
---- Lines ask.com removed from prefs.js ----
user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
---- FireFox user.js and prefs.js backups ----
prefs__1956_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Yahoo! deleted
C:\User Data\Default\Extensions deleted
C:\Users\angel\AppData\Roaming\Yahoo! deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\Tasks\Browser Updater deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\tasks\ProtectedSearch deleted
"C:\Users\angel\AppData\Local\LumaEmu" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [07.08.2013 22:37]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [07.08.2013 10:28]
==== Firefox Extensions ======================
ProfilePath: C:\Users\angel\AppData\Roaming\Mozilla\Firefox\Profiles\4qua5mwg.default
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\angel\AppData\Roaming\Mozilla\Firefox\Profiles\4qua5mwg.default
95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash
65C1D9F74004E775F9A8598476ABE5EE - C:\Users\angel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
5174E3BE46B2CCCDAF9CEB5B622CEA9B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll - Shockwave for Director / Shockwave for Director
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
FC5866F7793AF2CBCD425CC4B8D32A9E - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bddpogknpjlgfpbboediomaiiaecfajn - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"=""
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"=""
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="hxxp://www.bing.com/search?q={searchTerms}"
"SearchAssistant"="hxxp://www.bing.com/search?q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="hxxp://www.bing.com/search?q={searchTerms}"
"SearchAssistant"="hxxp://www.bing.com/search?q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bddpogknpjlgfpbboediomaiiaecfajn deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\angel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\angel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8UAWELL6 will be deleted at reboot
C:\Users\angel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AUPCC2RR will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\angel\AppData\Local\Mozilla\Firefox\Profiles\4qua5mwg.default\Cache will be emptied at reboot
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=136 folders=40 28803321 bytes)
==== Empty Temp Folders ======================
C:\Users\angel\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\angel\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\angel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8UAWELL6" not found
"C:\Users\angel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AUPCC2RR" not found
"C:\Users\angel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\T3F7WLDF\cdn.kaisergames.de" not found
"C:\Users\angel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\T3F7WLDF\moviebox.kinoundco.de" not found
"C:\Users\angel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\T3F7WLDF\www.miniclip.com" not found
"C:\Users\angel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\T3F7WLDF\www.rossmann.de" not found
==== EOF on 01.04.2014 at 20:02:12,24 ======================
1. frage weiß ja nicht ob noch zu früh ist.
aber nachdem die bereingung zu ende. gibt kostenlose progamme die gut sind und zusammen funktionieren ??? die ich benutzen kann ?? und welche progamme sollte ich löschen?? z.b. glary ulities,spybot. usw.
ich weiß nicht welche progamme ja gut miteinander funktionieren und den kompletten pc absichern und sicher halten, und dazu den pc nicht lahm macht.
UND VIELEN dank für die HILFE :) :). aber das werde ich am ende gerne nochmal sagen ihr seit jetzt schon ein super team |