Rontu_Aru | 01.05.2014 23:08 | Hallo. Ich hab die Schritte ausgeführt, allerdings gab es an einer Stelle ein Problem (werd ich an betreffender Stelle vermerken).
Das Deinstallieren hatte ich zuerst überlesen und den Scan so ausgeführt. Danach hab ich die Programme deinstalliert und nochmal gescannt. Die letzten zwei/drei Programme aus der Addition konnte ich aber nicht entfernen, weil sie nicht im Uninstaller aufgelistet waren.
MBAB 1 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 01.05.2014
Suchlauf-Zeit: 21:38:10
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.05.01.11
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admiral Plushie
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 328377
Verstrichene Zeit: 1 Std, 25 Min, 51 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 76
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [7e829e62c53b88782618b49f42c0f50b],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, In Quarantäne, [7e829e62c53b88782618b49f42c0f50b],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [7e829e62c53b88782618b49f42c0f50b],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [7e829e62c53b88782618b49f42c0f50b],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESmartBar.BHO, In Quarantäne, [7e829e62c53b88782618b49f42c0f50b],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [7e829e62c53b88782618b49f42c0f50b],
PUP.Optional.QuickShare.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [7e829e62c53b88782618b49f42c0f50b],
PUP.Optional.QuickShare.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [7e829e62c53b88782618b49f42c0f50b],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\CLSID\{DEDAF650-12B8-48f5-A843-BBA100716106}, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\Extension.ExtensionHelperObject.1, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\Extension.ExtensionHelperObject, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.ExtensionHelperObject, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{DEDAF650-12B8-48F5-A843-BBA100716106}, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{DEDAF650-12B8-48F5-A843-BBA100716106}, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.ExtensionHelperObject.1, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DEDAF650-12B8-48F5-A843-BBA100716106}, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DEDAF650-12B8-48F5-A843-BBA100716106}, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DEDAF650-12B8-48F5-A843-BBA100716106}, In Quarantäne, [c33d7d83a15f2ad603373be66f933dc3],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [936d916fec1439c79abf16079969bb45],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd.1, In Quarantäne, [936d916fec1439c79abf16079969bb45],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd, In Quarantäne, [936d916fec1439c79abf16079969bb45],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.dskBnd, In Quarantäne, [936d916fec1439c79abf16079969bb45],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.dskBnd.1, In Quarantäne, [936d916fec1439c79abf16079969bb45],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [936d916fec1439c79abf16079969bb45],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [936d916fec1439c79abf16079969bb45],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [936d916fec1439c79abf16079969bb45],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [58a89d63ed1329d7fb5f1d00946ed030],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr.1, In Quarantäne, [58a89d63ed1329d7fb5f1d00946ed030],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr, In Quarantäne, [58a89d63ed1329d7fb5f1d00946ed030],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.SoftonicHlpr, In Quarantäne, [58a89d63ed1329d7fb5f1d00946ed030],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [58a89d63ed1329d7fb5f1d00946ed030],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.SoftonicHlpr.1, In Quarantäne, [58a89d63ed1329d7fb5f1d00946ed030],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [58a89d63ed1329d7fb5f1d00946ed030],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [58a89d63ed1329d7fb5f1d00946ed030],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\TYPELIB\{EEE6C35E-6118-11DC-9C72-001320C79847}, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\INTERFACE\{EEE6C358-6118-11DC-9C72-001320C79847}, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\INTERFACE\{EEE6C359-6118-11DC-9C72-001320C79847}, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EEE6C358-6118-11DC-9C72-001320C79847}, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EEE6C359-6118-11DC-9C72-001320C79847}, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{EEE6C35E-6118-11DC-9C72-001320C79847}, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\Toolbar3.SWEETIE.1, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\Toolbar3.SWEETIE, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.SWEETIE, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{EEE6C35C-6118-11DC-9C72-001320C79847}, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.SWEETIE.1, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35C-6118-11DC-9C72-001320C79847}, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35C-6118-11DC-9C72-001320C79847}, In Quarantäne, [5aa6629e629e5ca430e7120fe51d639d],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\Updater By Sweetpacks, In Quarantäne, [7d83d729e21ecb350576cdd9778c38c8],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc, In Quarantäne, [36cafe025ea2d729d369ceae1de5857b],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc.1, In Quarantäne, [40c01ce4c73917e97bc18af2b64ce61a],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook, In Quarantäne, [fe024bb59967649c39403373cb38ca36],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, In Quarantäne, [20e0e51b34cc4eb2b4c5713524dfcc34],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WNLT, In Quarantäne, [2ad6e31d9c6451af9076eabee41f6a96],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\WOW6432NODE\Updater By Sweetpacks, In Quarantäne, [d62a0df334cc1be53348e2c457ac966a],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\srv.SoftonicSrvc, In Quarantäne, [18e86799d828a25e3dffc4b8758d34cc],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\srv.SoftonicSrvc.1, In Quarantäne, [08f8738d44bc1ce4b9832458d1316799],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook, In Quarantäne, [5ea244bc738dc739afcaf7afd82b837d],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, In Quarantäne, [fe02a759d32dc43c2b4eadf9689b3cc4],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\elchiiiejkobdbblfejjkbphbddgmljf, In Quarantäne, [9c64d22ea06007f9d06ffd7fe121f709],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\SOFTONIC\Softonic, In Quarantäne, [b848966a4eb2e020e957621af0126a96],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, In Quarantäne, [5aa635cb659b0ef24296633e2ed58c74],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, In Quarantäne, [a15f43bdf50bad5306ff9f095da6d030],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [fe0248b89b653ac608ee3048fb0754ac],
PUP.Optional.SmartBar, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarBackup, In Quarantäne, [1be50cf409f7738d67164e6b49baa060],
PUP.Optional.SmartBar, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarLog, In Quarantäne, [8a7623dd33cd1ae64a320bae2ed52ad6],
PUP.Optional.ValueApps.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\ValueApps, In Quarantäne, [a25e926e60a002fef93f8704b64cbf41],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Softonic, In Quarantäne, [748c33cd35cbb8486ad3c0bc659d8e72],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [25dbd828a25e699730c6d8a03fc36b95],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, In Quarantäne, [8d7337c98779768a1cbb950c4cb7ce32],
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, In Quarantäne, [97693cc448b80cf456af2484cf34f60a],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WNLT, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
Registrierungswerte: 8
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, Softonic Toolbar, In Quarantäne, [936d916fec1439c79abf16079969bb45]
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [c040fc0450b0847c69f05cc1a75ba858],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WNLT|PDV, [UPGRADEONIDLE] [BLACKLIST=1] [TAILUPGRADECAPTURE], In Quarantäne, [2ad6e31d9c6451af9076eabee41f6a96]
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, {8F199D00-1033-11E3-A2B6-78ACC09F075F}, In Quarantäne, [5aa635cb659b0ef24296633e2ed58c74]
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, In Quarantäne, [a15f43bdf50bad5306ff9f095da6d030]
PUP.Optional.SmartBar.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Infrastructure Helper, C:\Users\Admiral Plushie\AppData\Local\Smartbar\Application\QuickShare.exe startup, In Quarantäne, [be4227d9639dd9276432ddc228dbcf31]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {8F199D00-1033-11E3-A2B6-78ACC09F075F}, In Quarantäne, [8d7337c98779768a1cbb950c4cb7ce32]
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSEARCH_SWEETPACKS, In Quarantäne, [97693cc448b80cf456af2484cf34f60a]
Registrierungsdaten: 2
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10061&barid={8F199D00-1033-11E3-A2B6-78ACC09F075F}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10061&barid={8F199D00-1033-11E3-A2B6-78ACC09F075F}),Ersetzt,[57a9b64a3ac620e0ae1e191d1ce88977]
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-1341164320-801784960-3961693224-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10061&barid={8F199D00-1033-11E3-A2B6-78ACC09F075F}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10061&barid={8F199D00-1033-11E3-A2B6-78ACC09F075F}),Ersetzt,[49b7639d48b848b88a413ff7778d8a76]
Ordner: 27
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\libraries, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\resources, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\locale, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\locale\en-US, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\skin, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\defaults, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\defaults\preferences, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\libraries, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\resources, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\flavours, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
PUP.Optional.Softonic.A, C:\Program Files (x86)\Softonic\Softonic, In Quarantäne, [0cf4e21ec937c43cc2be4925ba4804fc],
PUP.Optional.Softonic.A, C:\Program Files (x86)\Softonic\Softonic\1.8.19.3, In Quarantäne, [0cf4e21ec937c43cc2be4925ba4804fc],
PUP.Optional.Softonic.A, C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\bh, In Quarantäne, [0cf4e21ec937c43cc2be4925ba4804fc],
Dateien: 105
PUP.Optional.SoftonicTB.A, C:\Users\Admiral Plushie\AppData\Local\Temp\Softonic_chr_1-8-19-3.exe, In Quarantäne, [22de916f23dd3ac62ffc85ef38c99f61],
PUP.Optional.SmartBar.A, C:\Users\Admiral Plushie\AppData\Local\Temp\Smartbar\LinkuryInstaller.msi, In Quarantäne, [857bf10fcd33a45c6374c76058a8b64a],
PUP.Optional.SweetIM, C:\Windows\Installer\29bd5.msi, In Quarantäne, [bb45738dce32e51b62a686d43ec6eb15],
PUP.Optional.SmartBar.A, C:\Windows\Installer\29cf63.msi, In Quarantäne, [8e72bf4135cb41bfcb0cda4d41bf4bb5],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\unins000.dat, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome.manifest, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\install.rdf, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\main.js.bak, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\main.xul, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\resources\localscript.js, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\locale\en-US\overlay.dtd, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\chrome\skin\overlay.css, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\Firefox\defaults\preferences\defaults.js, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\libraries\DataExchangeScript.js, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetPacks.A, C:\Program Files\Updater By Sweetpacks\resources\localscript.js, In Quarantäne, [be424ab6808021df4d2c85e103ff57a9],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\default.xml, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf\logger.xml, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\about.html, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\affid.dat, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\basis.xml, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\bing.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dating.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\find.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\games.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\glitter.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\google.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\help.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\highlight.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\locales.xml, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\music.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\news.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\onstart.js, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\options.html, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\photos.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\shopping.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\video.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-search.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_blank.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\flavours\toolbar_bng.xml, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\flavours\toolbar_ggl.xml, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\flavours\toolbar_yho.xml, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png, In Quarantäne, [cd33e020768acf315bc90760d032e41c],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Config.bin, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\HSChromeRegSetup.exe, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\NTSetup.exe, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\uninstaller.exe, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\msvcp100.dll, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\msvcr100.dll, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\uninstaller.exe, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\UninstallerLauncher.exe, In Quarantäne, [e21e1be5847ce31daab1fe698a781fe1],
PUP.Optional.Softonic.A, C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\softonic.crx, In Quarantäne, [0cf4e21ec937c43cc2be4925ba4804fc],
Physische Sektoren: 0
(No malicious items detected)
(end) MBAB2 (nach der Deinstallation) Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 01.05.2014
Suchlauf-Zeit: 23:17:49
Logdatei: mbam2.txt
Administrator: Nein
Version: 2.00.1.1004
Malware Datenbank: v2014.05.01.12
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: User
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 254087
Verstrichene Zeit: 24 Min, 54 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 0
(No malicious items detected)
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 0
(No malicious items detected)
Dateien: 0
(No malicious items detected)
Physische Sektoren: 0
(No malicious items detected)
(end)
ADWCleaner Code:
# AdwCleaner v3.205 - Bericht erstellt am 01/05/2014 um 23:27:44
# Aktualisiert 28/04/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Admiral Plushie - USER-PC
# Gestartet von : C:\Users\User\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\Softonic
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Windows\SysWOW64\ARFC
Ordner Gelöscht : C:\Windows\SysWOW64\jmdp
Ordner Gelöscht : C:\Windows\SysWOW64\WNLT
Ordner Gelöscht : C:\Windows\System32\ljkb
Ordner Gelöscht : C:\Users\Admiral Plushie\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\ADMIRA~1\AppData\Local\Temp\mt_ffx
[#] Ordner Gelöscht : C:\Users\ADMIRA~1\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\User\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\User\AppData\Roaming\pdfforge
Datei Gelöscht : \END
Datei Gelöscht : C:\Windows\System32\dmwu.exe
Datei Gelöscht : C:\Windows\System32\ImhxxpComm.dll
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D80C7D6E-EFFD-47E6-8CE1-BB3D5577B4FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\wnlt
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DEDAF650-12B8-48f5-A843-BBA100716106}_is1
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Admiral Plushie\AppData\Roaming\Mozilla\Firefox\Profiles\dctqr78k.default-1395401781361\prefs.js ]
[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xsrnyjxc.default-1393789408134\prefs.js ]
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/?a=6OzmPrnUwl&i=26&loc=skw");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/?a=6OzmPrnUwl&i=26&loc=skw&search=");
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [11554 octets] - [01/05/2014 23:26:52]
AdwCleaner[S0].txt - [10582 octets] - [01/05/2014 23:27:44]
########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [10643 octets] ##########
JRT
Hier gab es ein Problem: Das Programm an sich hat funktioniert und das Log ist auch erschienen, aber es wurde nicht gespeichert. Da ich vor dem Schließen kein Log auf dem Desktop gefunden habe, habe ich versucht eine Kopie auf dem Desktop zu speichern. In meinem Explorer -> Desktop sind dann beide aufgetaucht, aber auf dem Desktop an sich nicht. Ich bin kein PC-Experte, aber da sie im Explorer waren, hab ich gedacht, sie wären letztendlich doch gespeichert. Jetzt sind die Logs allerdings nicht mehr auffindbar (auch nicht mit der Suche).
Es wurden, soweit ich mich erinnere, zwei Dinge gelöscht. Eine Datei und ein Ordner, aber was das für welche waren, kann ich nicht mehr genau sagen......
FRST
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014 02
Ran by Admiral Plushie (administrator) on USER-PC on 01-05-2014 23:57:05
Running from C:\Users\User\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(COMODO) C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
() C:\Program Files (x86)\UltraVNC Addons\uvnc_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Join Air\UIExec.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(COMODO) C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9263944 2011-10-07] (COMODO)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Join Air\UIExec.exe [132608 2009-08-31] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2011-06-07] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [COMODO] => C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe [213304 2011-05-26] (COMODO)
HKLM-x32\...\Run: [CPA] => C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe [184120 2011-05-26] (COMODO)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1341164320-801784960-3961693224-1000\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4440896 2012-08-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1341164320-801784960-3961693224-1000\...\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] => 0
HKU\S-1-5-21-1341164320-801784960-3961693224-1000\...\Run: [Spotify Web Helper] => C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-10] (Spotify Ltd)
HKU\S-1-5-21-1341164320-801784960-3961693224-1000\...\MountPoints2: {10466c6e-c8fb-11e0-bcb2-78acc09f075f} - F:\pushinst.exe
HKU\S-1-5-21-1341164320-801784960-3961693224-1004\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-10] ()
HKU\S-1-5-21-1341164320-801784960-3961693224-1004\...\RunOnce: [Report] - \AdwCleaner\AdwCleaner[S0].txt [10822 2014-05-01] ()
HKU\S-1-5-21-1341164320-801784960-3961693224-1004\...\MountPoints2: {dcf2ee64-eb97-11e0-987b-806e6f6e6963} - D:\start.exe
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [388280 2011-10-07] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [300200 2011-10-07] (COMODO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{40C0B82D-741F-4588-8683-40C2299EFA66}: [NameServer]139.7.30.125 139.7.30.126
FireFox:
========
FF ProfilePath: C:\Users\Admiral Plushie\AppData\Roaming\Mozilla\Firefox\Profiles\dctqr78k.default-1395401781361
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=1.1.10 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Admiral Plushie\AppData\Roaming\Mozilla\Firefox\Profiles\dctqr78k.default-1395401781361\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Admiral Plushie\AppData\Roaming\Mozilla\Firefox\Profiles\dctqr78k.default-1395401781361\Extensions\youtubeunblocker@unblocker.yt [2014-03-21]
FF Extension: Ghostery - C:\Users\Admiral Plushie\AppData\Roaming\Mozilla\Firefox\Profiles\dctqr78k.default-1395401781361\Extensions\firefox@ghostery.com.xpi [2014-03-21]
FF Extension: NoScript - C:\Users\Admiral Plushie\AppData\Roaming\Mozilla\Firefox\Profiles\dctqr78k.default-1395401781361\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-23]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 CLPSLS; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [161080 2011-05-26] (COMODO)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2663568 2011-10-07] (COMODO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [241664 2009-08-31] ()
R2 Uvnc_service; C:\Program Files (x86)\UltraVNC Addons\uvnc_service.exe [63296 2007-06-04] ()
S3 TipCtrl; "C:\Program Files (x86)\uTIPu\TipCtrl.exe" [X]
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-04] (AVM Berlin)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [16528 2011-10-07] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [574216 2011-10-07] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2011-10-07] (COMODO)
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [36432 2008-03-26] (DemoForge, LLC)
S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-04] (AVM GmbH)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2011-10-07] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-05-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2008-11-28] (CACE Technologies)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-01 23:56 - 2014-05-01 23:56 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion
2014-05-01 23:49 - 2014-05-01 23:49 - 00001203 _____ () C:\Users\Admiral Plushie\Desktop\JRT2.txt
2014-05-01 23:44 - 2014-05-01 23:44 - 00001203 _____ () C:\Users\Admiral Plushie\Desktop\JRT.txt
2014-05-01 23:34 - 2014-05-01 23:34 - 00000000 ____D () C:\Windows\ERUNT
2014-05-01 23:31 - 2014-05-01 23:27 - 00010822 _____ () C:\Users\User\Desktop\AdwCleaner[S0].txt
2014-05-01 23:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-01 23:26 - 2014-05-01 23:27 - 00000000 ____D () C:\AdwCleaner
2014-05-01 23:24 - 2014-05-01 23:24 - 00037066 _____ () C:\Users\User\Desktop\mbam.txt
2014-05-01 23:24 - 2014-05-01 23:24 - 00001149 _____ () C:\Users\User\Desktop\mbam2.txt
2014-05-01 23:09 - 2014-05-01 23:09 - 01016261 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-05-01 23:08 - 2014-05-01 23:08 - 01310621 _____ () C:\Users\User\Downloads\adwcleaner.exe
2014-05-01 22:33 - 2014-05-01 22:33 - 00001791 _____ () C:\Users\User\Desktop\Revouninstaller - Verknüpfung.lnk
2014-05-01 22:05 - 2014-05-01 22:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95(1).exe
2014-05-01 21:51 - 2014-05-01 21:51 - 00001264 _____ () C:\Users\Admiral Plushie\Desktop\Revo Uninstaller.lnk
2014-05-01 21:51 - 2014-05-01 21:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-01 21:50 - 2014-05-01 21:50 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95.exe
2014-05-01 19:32 - 2014-05-01 19:32 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-01 19:32 - 2014-05-01 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-01 19:32 - 2014-05-01 19:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-01 19:32 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-01 19:32 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-01 19:32 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-01 19:30 - 2014-05-01 19:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.1.1004(1).exe
2014-04-30 15:13 - 2014-04-29 14:21 - 06880256 _____ ( ) C:\Users\User\Downloads\A Long Way From Home-0.4.1.exe
2014-04-29 07:05 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 07:05 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 07:05 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-29 07:05 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 07:05 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-29 07:05 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-29 07:05 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-29 07:05 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-29 07:05 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-29 07:05 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-29 07:05 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 07:05 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-29 07:05 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-29 07:05 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-29 07:05 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-29 07:05 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-29 07:05 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-29 07:05 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-29 07:05 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-29 07:05 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-29 07:05 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-29 07:05 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-29 07:05 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-29 07:05 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-29 07:05 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-29 07:05 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-29 07:05 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-29 07:05 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-29 07:05 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-29 07:05 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-29 07:05 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-29 07:05 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-29 07:05 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-29 07:05 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-29 07:05 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-29 07:05 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-29 07:05 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-29 07:05 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-29 07:05 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-29 07:05 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-29 07:05 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-29 07:05 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-29 07:05 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-29 07:05 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-29 07:05 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-29 07:05 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-29 07:05 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-29 07:05 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-27 13:54 - 2014-04-27 13:54 - 00001960 _____ () C:\Users\User\Desktop\Gubble_HDAE106.lnk
2014-04-27 13:54 - 2014-04-27 13:54 - 00001960 _____ () C:\Users\UpdatusUser\Desktop\Gubble_HDAE106.lnk
2014-04-27 13:54 - 2014-04-27 13:54 - 00001960 _____ () C:\Users\Admiral Plushie\Desktop\Gubble_HDAE106.lnk
2014-04-27 13:54 - 2014-04-27 13:54 - 00000000 ____D () C:\Users\Admiral Plushie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gubble_HDAE106
2014-04-27 13:54 - 2014-04-27 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gubble_HDAE106
2014-04-27 13:54 - 2014-04-27 13:54 - 00000000 ____D () C:\Program Files (x86)\Gubble_HDAE106
2014-04-27 13:49 - 2014-04-27 13:53 - 76761279 _____ () C:\Users\User\Downloads\Gubble_HDAE_106.exe
2014-04-26 17:02 - 2014-04-26 17:02 - 00030793 _____ () C:\Users\User\Desktop\Addition.txt
2014-04-26 17:00 - 2014-05-01 23:57 - 00016098 _____ () C:\Users\User\Desktop\FRST.txt
2014-04-26 17:00 - 2014-05-01 23:57 - 00000000 ____D () C:\FRST
2014-04-26 16:59 - 2014-05-01 23:56 - 02062336 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-04-26 14:33 - 2014-05-01 20:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 14:32 - 2014-04-26 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 14:31 - 2014-04-26 14:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-11 21:31 - 2014-04-11 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-04-11 21:31 - 2014-04-11 21:31 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-11 20:46 - 2014-04-11 21:31 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-04-11 20:46 - 2014-04-11 21:31 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-04-11 20:46 - 2014-04-11 20:46 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-04-11 20:46 - 2014-04-11 20:46 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-11 19:31 - 2014-04-11 19:31 - 00041723 _____ () C:\Users\User\Downloads\stealthy-1.0-fx(1).xpi
2014-04-11 19:30 - 2014-04-11 19:30 - 00041723 _____ () C:\Users\User\Downloads\stealthy-1.0-fx.xpi
2014-04-09 14:54 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 14:54 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 14:54 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 14:54 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 14:54 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 14:54 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 14:54 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 14:54 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 14:54 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 14:54 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 14:54 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 14:54 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 14:54 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 14:54 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 14:54 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 14:54 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 14:54 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-05 10:49 - 2014-04-13 20:48 - 00000000 ____D () C:\Users\User\Documents\Fortschritt_Mappe
==================== One Month Modified Files and Folders =======
2014-05-01 23:57 - 2014-04-26 17:00 - 00016098 _____ () C:\Users\User\Desktop\FRST.txt
2014-05-01 23:57 - 2014-04-26 17:00 - 00000000 ____D () C:\FRST
2014-05-01 23:56 - 2014-05-01 23:56 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion
2014-05-01 23:56 - 2014-04-26 16:59 - 02062336 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-05-01 23:52 - 2012-10-11 12:29 - 00071972 _____ () C:\Windows\setupact.log
2014-05-01 23:52 - 2012-03-08 19:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-01 23:52 - 2011-12-14 11:40 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-05-01 23:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-01 23:51 - 2011-07-07 12:59 - 01621676 _____ () C:\Windows\WindowsUpdate.log
2014-05-01 23:49 - 2014-05-01 23:49 - 00001203 _____ () C:\Users\Admiral Plushie\Desktop\JRT2.txt
2014-05-01 23:46 - 2013-03-16 13:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 23:44 - 2014-05-01 23:44 - 00001203 _____ () C:\Users\Admiral Plushie\Desktop\JRT.txt
2014-05-01 23:39 - 2009-07-14 06:45 - 00015632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-01 23:39 - 2009-07-14 06:45 - 00015632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-01 23:34 - 2014-05-01 23:34 - 00000000 ____D () C:\Windows\ERUNT
2014-05-01 23:29 - 2013-03-16 00:42 - 00643370 _____ () C:\Windows\PFRO.log
2014-05-01 23:27 - 2014-05-01 23:31 - 00010822 _____ () C:\Users\User\Desktop\AdwCleaner[S0].txt
2014-05-01 23:27 - 2014-05-01 23:26 - 00000000 ____D () C:\AdwCleaner
2014-05-01 23:25 - 2012-11-24 12:06 - 00000000 ____D () C:\Users\User\AppData\Roaming\Spotify
2014-05-01 23:24 - 2014-05-01 23:24 - 00037066 _____ () C:\Users\User\Desktop\mbam.txt
2014-05-01 23:24 - 2014-05-01 23:24 - 00001149 _____ () C:\Users\User\Desktop\mbam2.txt
2014-05-01 23:09 - 2014-05-01 23:09 - 01016261 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-05-01 23:08 - 2014-05-01 23:08 - 01310621 _____ () C:\Users\User\Downloads\adwcleaner.exe
2014-05-01 22:39 - 2012-02-12 16:01 - 00000000 ____D () C:\Users\User\AppData\Local\Akamai
2014-05-01 22:33 - 2014-05-01 22:33 - 00001791 _____ () C:\Users\User\Desktop\Revouninstaller - Verknüpfung.lnk
2014-05-01 22:32 - 2011-07-13 21:14 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-01 22:05 - 2014-05-01 22:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95(1).exe
2014-05-01 21:51 - 2014-05-01 21:51 - 00001264 _____ () C:\Users\Admiral Plushie\Desktop\Revo Uninstaller.lnk
2014-05-01 21:51 - 2014-05-01 21:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-01 21:50 - 2014-05-01 21:50 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95.exe
2014-05-01 20:11 - 2014-04-26 14:33 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-01 19:32 - 2014-05-01 19:32 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-01 19:32 - 2014-05-01 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-01 19:32 - 2014-05-01 19:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-01 19:30 - 2014-05-01 19:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.1.1004(1).exe
2014-05-01 18:33 - 2009-07-14 19:58 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-05-01 18:33 - 2009-07-14 19:58 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-05-01 18:33 - 2009-07-14 07:13 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-29 19:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-29 16:09 - 2012-11-24 12:06 - 00000000 ____D () C:\Users\User\AppData\Local\Spotify
2014-04-29 14:21 - 2014-04-30 15:13 - 06880256 _____ ( ) C:\Users\User\Downloads\A Long Way From Home-0.4.1.exe
2014-04-29 12:46 - 2013-03-16 13:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 12:46 - 2012-04-21 12:46 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 12:46 - 2011-11-14 11:23 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 10:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-27 13:54 - 2014-04-27 13:54 - 00001960 _____ () C:\Users\User\Desktop\Gubble_HDAE106.lnk
2014-04-27 13:54 - 2014-04-27 13:54 - 00001960 _____ () C:\Users\UpdatusUser\Desktop\Gubble_HDAE106.lnk
2014-04-27 13:54 - 2014-04-27 13:54 - 00001960 _____ () C:\Users\Admiral Plushie\Desktop\Gubble_HDAE106.lnk
2014-04-27 13:54 - 2014-04-27 13:54 - 00000000 ____D () C:\Users\Admiral Plushie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gubble_HDAE106
2014-04-27 13:54 - 2014-04-27 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gubble_HDAE106
2014-04-27 13:54 - 2014-04-27 13:54 - 00000000 ____D () C:\Program Files (x86)\Gubble_HDAE106
2014-04-27 13:53 - 2014-04-27 13:49 - 76761279 _____ () C:\Users\User\Downloads\Gubble_HDAE_106.exe
2014-04-27 13:50 - 2011-07-13 21:20 - 00000000 ____D () C:\Users\User\Phantasma
2014-04-27 00:52 - 2011-12-20 19:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-04-26 17:02 - 2014-04-26 17:02 - 00030793 _____ () C:\Users\User\Desktop\Addition.txt
2014-04-26 14:32 - 2014-04-26 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 14:31 - 2014-04-26 14:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-24 10:54 - 2013-12-12 23:35 - 00000000 ____D () C:\Users\User\Documents\Anki
2014-04-13 20:48 - 2014-04-05 10:49 - 00000000 ____D () C:\Users\User\Documents\Fortschritt_Mappe
2014-04-11 21:31 - 2014-04-11 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-04-11 21:31 - 2014-04-11 21:31 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-11 21:31 - 2014-04-11 20:46 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-04-11 21:31 - 2014-04-11 20:46 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-04-11 21:31 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-11 20:46 - 2014-04-11 20:46 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-04-11 20:46 - 2014-04-11 20:46 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-11 20:46 - 2012-10-11 22:52 - 00000000 ____D () C:\Users\Admiral Plushie\AppData\Local\Adobe
2014-04-11 19:31 - 2014-04-11 19:31 - 00041723 _____ () C:\Users\User\Downloads\stealthy-1.0-fx(1).xpi
2014-04-11 19:30 - 2014-04-11 19:30 - 00041723 _____ () C:\Users\User\Downloads\stealthy-1.0-fx.xpi
2014-04-09 17:36 - 2011-07-07 15:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 17:35 - 2013-08-14 23:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 17:33 - 2011-07-07 14:34 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-06 12:24 - 2011-01-07 15:02 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-04-06 12:24 - 2011-01-07 15:02 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-04-03 14:57 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-03 09:51 - 2014-05-01 19:32 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-05-01 19:32 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-05-01 19:32 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
Files to move or delete:
====================
C:\Users\User\sai-1.1.0-ful-en(2).exe
Some content of TEMP:
====================
C:\Users\Admiral Plushie\AppData\Local\Temp\ForteDependencies.exe
C:\Users\Admiral Plushie\AppData\Local\Temp\Quarantine.exe
C:\Users\Admiral Plushie\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Admiral Plushie\AppData\Local\Temp\_is1F8.exe
C:\Users\Admiral Plushie\AppData\Local\Temp\_is2960.exe
C:\Users\Admiral Plushie\AppData\Local\Temp\_is36E.exe
C:\Users\Admiral Plushie\AppData\Local\Temp\_isA00B.exe
C:\Users\Admiral Plushie\AppData\Local\Temp\_isC763.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 19:30
==================== End Of Log ============================ --- --- ---
--- --- ---
Noch eine Frage: Ich musste QuickTimes deinstallieren, brauch dies aber für mein Itunes (hust). Kann ich es nach dem Bereinigen wieder installieren oder sollte ich mich davon fernhalten?
Vielen Dank und schönen Abend! |