so habe alles ausgeführt,allerdings hat JRT ALLE MEINE PROGRAMME GELÖSCHT!!!!!!!!!!!! was zum teufel soll das oO
alles was in meinem software ordner war ist weg!
Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software
Protection, 16.04.2014 13:49:02, SYSTEM, DAVESHAVE, Protection, Malware Protection, Starting,
Protection, 16.04.2014 13:49:02, SYSTEM, DAVESHAVE, Protection, Malware Protection, Started,
Protection, 16.04.2014 13:49:02, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Starting,
Protection, 16.04.2014 13:50:02, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Started,
Update, 16.04.2014 13:50:41, SYSTEM, DAVESHAVE, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 16.04.2014 13:50:42, SYSTEM, DAVESHAVE, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 16.04.2014 13:50:49, SYSTEM, DAVESHAVE, Manual, Malware Database, 2014.3.4.9, 2014.4.10.7,
Update, 16.04.2014 13:50:49, SYSTEM, DAVESHAVE, Manual, Malware Database, 2014.3.4.9, 2014.4.10.7,
Protection, 16.04.2014 13:50:50, SYSTEM, DAVESHAVE, Protection, Refresh, Starting,
Protection, 16.04.2014 13:50:50, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Stopping,
Protection, 16.04.2014 13:50:51, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Stopped,
Protection, 16.04.2014 13:50:57, SYSTEM, DAVESHAVE, Protection, Refresh, Success,
Protection, 16.04.2014 13:50:57, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Starting,
Protection, 16.04.2014 13:50:57, SYSTEM, DAVESHAVE, Protection, Refresh, Starting,
Protection, 16.04.2014 13:50:58, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Started,
Protection, 16.04.2014 13:50:58, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Stopping,
Protection, 16.04.2014 13:50:58, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Stopped,
Protection, 16.04.2014 13:51:06, SYSTEM, DAVESHAVE, Protection, Refresh, Success,
Protection, 16.04.2014 13:51:06, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Starting,
Protection, 16.04.2014 13:51:06, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Started,
Update, 16.04.2014 13:51:10, SYSTEM, DAVESHAVE, Manual, Malware Database, 2014.4.10.7, 2014.4.16.5,
Protection, 16.04.2014 13:51:11, SYSTEM, DAVESHAVE, Protection, Refresh, Starting,
Protection, 16.04.2014 13:51:11, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Stopping,
Protection, 16.04.2014 13:51:12, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Stopped,
Protection, 16.04.2014 13:51:18, SYSTEM, DAVESHAVE, Protection, Refresh, Success,
Protection, 16.04.2014 13:51:18, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Starting,
Protection, 16.04.2014 13:51:19, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Started,
Protection, 16.04.2014 21:10:10, SYSTEM, DAVESHAVE, Protection, Malware Protection, Starting,
Protection, 16.04.2014 21:10:10, SYSTEM, DAVESHAVE, Protection, Malware Protection, Started,
Protection, 16.04.2014 21:10:10, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Starting,
Protection, 16.04.2014 21:13:24, SYSTEM, DAVESHAVE, Protection, Malicious Website Protection, Started,
(end)
AdwCleaner Logfile: Code:
# AdwCleaner v3.023 - Bericht erstellt am 16/04/2014 um 21:17:41
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : David - DAVESHAVE
# Gestartet von : C:\Users\David_2\Downloads\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\.autoreg
Datei Gefunden : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gefunden : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\Extensions\freehdsport@freehdsport.tv.xpi
Datei Gefunden : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\searchplugins\MyStart Search.xml
Datei Gefunden : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\searchplugins\SweetIm.xml
Datei Gefunden : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\user.js
Datei Gefunden : C:\Users\David\Desktop\Search The Web.url
Datei Gefunden : C:\Users\David\Desktop\sweetpcfix.url
Datei Gefunden : C:\Users\David_2\AppData\Roaming\Mozilla\Firefox\Profiles\sqijtagj.default\user.js
Ordner Gefunden : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\Extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
Ordner Gefunden : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\Extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
Ordner Gefunden : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\Extensions\engine@conduit.com
Ordner Gefunden : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\Extensions\ffxtlbr@incredibar.com
Ordner Gefunden C:\Program Files (x86)\FirstRowSportApp.com
Ordner Gefunden C:\ProgramData\boost_interprocess
Ordner Gefunden C:\ProgramData\Premium
Ordner Gefunden C:\ProgramData\Tarma Installer
Ordner Gefunden C:\Users\David\AppData\Local\PackageAware
Ordner Gefunden C:\Users\David\AppData\LocalLow\incredibar.com
Ordner Gefunden C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FirstRowSportApp.com
Ordner Gefunden C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\SweetPacksToolbarData
Ordner Gefunden C:\Users\David\AppData\Roaming\OpenCandy
Ordner Gefunden C:\Users\David_2\AppData\Local\Ilivid Player
Ordner Gefunden C:\Users\David_2\AppData\LocalLow\incredibar.com
Ordner Gefunden C:\Users\David_2\AppData\LocalLow\softonic-de3
Ordner Gefunden C:\Windows\SysWOW64\AI_RecycleBin
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\1ClickDownload
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : [x64] HKCU\Software\1ClickDownload
Schlüssel Gefunden : [x64] HKCU\Software\IM
Schlüssel Gefunden : [x64] HKCU\Software\ImInstaller
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\FirstRowSportApp_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\FirstRowSportApp_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_coreavc_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_coreavc_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_easy-video-downloader_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_easy-video-downloader_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gefunden : HKLM\Software\Web Assistant
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Web Assistant
Wert Gefunden : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://mystart.incredibar.com/mb165?a=6PQCyhpUlC&i=26
-\\ Mozilla Firefox v17.0 (de)
[ Datei : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\aivyvp0o.default\prefs.js ]
Zeile gefunden : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={D852E4BD-1ECE-11E2-B4D6-001C25321542}");
Zeile gefunden : user_pref("extensions.incredibar_i.aflt", "orgnl");
Zeile gefunden : user_pref("extensions.incredibar_i.dfltLng", "");
Zeile gefunden : user_pref("extensions.incredibar_i.did", "10665");
Zeile gefunden : user_pref("extensions.incredibar_i.excTlbr", false);
Zeile gefunden : user_pref("extensions.incredibar_i.id", "742db8f4000000000000001b2f32e49f");
Zeile gefunden : user_pref("extensions.incredibar_i.installerproductid", "26");
Zeile gefunden : user_pref("extensions.incredibar_i.instlDay", "15526");
Zeile gefunden : user_pref("extensions.incredibar_i.instlRef", "");
Zeile gefunden : user_pref("extensions.incredibar_i.ms_url_id", "");
Zeile gefunden : user_pref("extensions.incredibar_i.newTab", false);
Zeile gefunden : user_pref("extensions.incredibar_i.ppd", "");
Zeile gefunden : user_pref("extensions.incredibar_i.prdct", "incredibar");
Zeile gefunden : user_pref("extensions.incredibar_i.productid", "26");
Zeile gefunden : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Zeile gefunden : user_pref("extensions.incredibar_i.smplGrp", "none");
Zeile gefunden : user_pref("extensions.incredibar_i.tlbrId", "base");
Zeile gefunden : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQCyhpUlC&loc=IB_TB&i=26&search=");
Zeile gefunden : user_pref("extensions.incredibar_i.upn2", "6PQCyhpUlC");
Zeile gefunden : user_pref("extensions.incredibar_i.upn2n", "92543178436774820");
Zeile gefunden : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Zeile gefunden : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1417:00:14");
Zeile gefunden : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Zeile gefunden : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={D852E4BD-1ECE-11E2-B4D6-001C25321542}&src=2&crg=3.1010000.10011&q=");
Zeile gefunden : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Zeile gefunden : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Zeile gefunden : user_pref("sweetim.toolbar.Visibility.enable", "true");
Zeile gefunden : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Zeile gefunden : user_pref("sweetim.toolbar.cargo", "3.1010000.10011");
Zeile gefunden : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Zeile gefunden : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Zeile gefunden : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Zeile gefunden : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Zeile gefunden : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Zeile gefunden : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Zeile gefunden : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Zeile gefunden : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Zeile gefunden : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Zeile gefunden : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Zeile gefunden : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Zeile gefunden : user_pref("sweetim.toolbar.mode.debug", "false");
Zeile gefunden : user_pref("sweetim.toolbar.newtab.created", "true");
Zeile gefunden : user_pref("sweetim.toolbar.newtab.enable", "true");
Zeile gefunden : user_pref("sweetim.toolbar.previous.browser.newtab.url", "hxxp://mystart.incredibar.com/mb165?a=6PQCyhpUlC&loc=FF_NT");
Zeile gefunden : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://mystart.incredibar.com/mb165?a=6PQCyhpUlC&i=26");
Zeile gefunden : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gefunden : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.2.callback", "");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Zeile gefunden : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Zeile gefunden : user_pref("sweetim.toolbar.search.history.capacity", "10");
Zeile gefunden : user_pref("sweetim.toolbar.searchguard.enable", "false");
Zeile gefunden : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Zeile gefunden : user_pref("sweetim.toolbar.simapp_id", "{D852E4BD-1ECE-11E2-B4D6-001C25321542}");
Zeile gefunden : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10011");
Zeile gefunden : user_pref("sweetim.toolbar.version", "1.7.0.3");
[ Datei : C:\Users\David_2\AppData\Roaming\Mozilla\Firefox\Profiles\sqijtagj.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [16601 octets] - [16/04/2014 21:17:41]
########## EOF - \AdwCleaner\AdwCleaner[R0].txt - [16662 octets] ########## --- --- ---JRT Logfile: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by David on 16.04.2014 at 21:20:50,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4199886456-4071215553-3698710090-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitengine
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4199886456-4071215553-3698710090-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4199886456-4071215553-3698710090-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\firstrowsportapp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\firstrowsportapp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\new_correct_incredibar_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\new_correct_incredibar_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_coreavc_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_coreavc_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_easy-video-downloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_easy-video-downloader_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_coreavc_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_coreavc_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_easy-video-downloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_easy-video-downloader_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\David\AppData\Roaming\opencandy"
Failed to delete: [Folder] "\software"
Successfully deleted: [Folder] "C:\Users\David\appdata\locallow\incredibar.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\firstrowsportapp.com"
Successfully deleted: [Folder] "C:\Users\David\AppData\Roaming\microsoft\windows\start menu\programs\firstrowsportapp.com"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.04.2014 at 21:35:58,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- --- --- |