Scan und Funde in Quarantäntäne mit Malwarebytes, 01.10.2015: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 01.10.2015
Suchlaufzeit: 08:55
Protokolldatei: MBAM_Suchlaufprot_20150929.txt
Administrator: Ja
Version: 2.1.8.1057
Malware-Datenbank: v2015.06.03.03
Rootkit-Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Aktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Gxxxx
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 439015
Abgelaufene Zeit: 24 Min., 14 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 15
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22501100-42D7-456F-9FD5-176DF951E078}, In Quarantäne, [a7a88e288efc81b5ad6c304eca3b6c94],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9C151CE4-18CC-4822-95C5-6717E56C7B0F}, In Quarantäne, [133c0babb6d436008097136b8f76e31d],
PUP.Optional.Tuto4PC.A, HKLM\SOFTWARE\WOW6432NODE\T4PC, In Quarantäne, [de71e5d12c5ee84edd1121ec48bc01ff],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22501100-42D7-456F-9FD5-176DF951E078}, In Quarantäne,
[5ff0c1f5701a8aac8c8d85f961a4d32d],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9C151CE4-18CC-4822-95C5-6717E56C7B0F}, In Quarantäne,
[e06f8531b7d3b18583945727e71e13ed],
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, In Quarantäne, [1c337a3c3c4e85b1deee8c823ec630d0],
PUP.Optional.VideoMediaPlayer.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\video MediaPlayer, In Quarantäne, [3b14b9fd8901cf67b74efc1be91ba759],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{148B4B0C-1082-4D27-92B5-CD7D5153874F}, In
Quarantäne, [ee61833351398da9769f0678897c4cb4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{17F914A8-5D76-478A-B97F-7C69401E8D49}, In
Quarantäne, [63ec09ad2d5da195ad69a3db976e8878],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22501100-42D7-456F-9FD5-176DF951E078}, In
Quarantäne, [1a3513a3afdb47ef46d0532b7f8636ca],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3141AC7A-A166-45C5-A468-972787217994}, In
Quarantäne, [76d9b8fe206ad363aa6bbdc156af10f0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EFF6D91-EAA7-43EA-944D-533C60FE2747}, In
Quarantäne, [c18eb402642692a41df9bfbfd5303bc5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9C151CE4-18CC-4822-95C5-6717E56C7B0F}, In
Quarantäne, [fb548135e9a1c37329eb1866a06559a7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F4D78E3E-FF08-42F1-83CD-2656104D91EE}, In
Quarantäne, [b49b872fe5a5c571ed28aad4cb3a837d],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-2159139518-318027333-701850226-500\SOFTWARE\AskPartnerNetwork, In Quarantäne, [c986eccac6c43afcda977f6535ce48b8],
Registrierungswerte: 13
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22501100-42d7-456f-9fd5-176df951e078}|AppName, V-9.1HD-codedownloader.exe, In Quarantäne,
[a7a88e288efc81b5ad6c304eca3b6c94]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9c151ce4-18cc-4822-95c5-6717e56c7b0f}|AppName, V-9.1HD-bg.exe, In Quarantäne,
[133c0babb6d436008097136b8f76e31d]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22501100-42d7-456f-9fd5-176df951e078}|AppName, V-9.1HD-codedownloader.exe, In
Quarantäne, [5ff0c1f5701a8aac8c8d85f961a4d32d]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9c151ce4-18cc-4822-95c5-6717e56c7b0f}|AppName, V-9.1HD-bg.exe, In Quarantäne,
[e06f8531b7d3b18583945727e71e13ed]
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_69, In Quarantäne, [99b6ded8296147efaff74cd652b27987],
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_70, In Quarantäne, [86c9caeca3e7072f7234ab779b6936ca],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{148B4B0C-1082-4D27-92B5-CD7D5153874F}|
AppName, a21de47c-ede0-4a31-a7c9-a35ba54faf4c-2.exe-buttonutil.exe, In Quarantäne, [ee61833351398da9769f0678897c4cb4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{17F914A8-5D76-478A-B97F-7C69401E8D49}|
AppName, ebbcf9bc-c879-437c-a028-b408c7c55d8f-2.exe-codedownloader.exe, In Quarantäne, [63ec09ad2d5da195ad69a3db976e8878]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22501100-42d7-456f-9fd5-176df951e078}|
AppName, V-9.1HD-codedownloader.exe, In Quarantäne, [1a3513a3afdb47ef46d0532b7f8636ca]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3141AC7A-A166-45C5-A468-972787217994}|
AppName, 2640d3ca-6745-434b-9cd2-6a6b74a99486-2.exe-buttonutil.exe, In Quarantäne, [76d9b8fe206ad363aa6bbdc156af10f0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EFF6D91-EAA7-43EA-944D-533C60FE2747}|
AppName, 2640d3ca-6745-434b-9cd2-6a6b74a99486-2.exe-codedownloader.exe, In Quarantäne, [c18eb402642692a41df9bfbfd5303bc5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9c151ce4-18cc-4822-95c5-6717e56c7b0f}|
AppName, V-9.1HD-bg.exe, In Quarantäne, [fb548135e9a1c37329eb1866a06559a7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F4D78E3E-FF08-42F1-83CD-2656104D91EE}|
AppName, ebbcf9bc-c879-437c-a028-b408c7c55d8f-2.exe-buttonutil.exe, In Quarantäne, [b49b872fe5a5c571ed28aad4cb3a837d]
Registrierungsdaten: 2
PUP.Optional.V9.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.v9.com/newtab, Gut: (www.google.com),
Schlecht: (hxxp://www.v9.com/newtab),Ersetzt,[024dd8de0684dc5a5e6272b765a1f709]
PUP.Optional.V9.A, HKU\S-1-5-21-2159139518-318027333-701850226-1001\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.v9.com/newtab, Gut:
(www.google.com), Schlecht: (hxxp://www.v9.com/newtab),Ersetzt,[69e622940a801c1a8a36ca5f07ffba46]
Ordner: 3
PUP.Optional.CrossRider.A, C:\Users\Gxxxx\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe, In Quarantäne,
[76d90babcfbb4fe7cc981f999e651ce4],
PUP.Optional.NewPlayer.A, C:\Users\Gxxxx\AppData\Local\com\NewPlayer.exe_Url_o4dtzvfairwgx2aefcjiiv2m5z1q0lha, In Quarantäne, [ff506b4bbcce9e98d3411fbb06fd60a0],
PUP.Optional.NewPlayer.A, C:\Users\Gxxxx\AppData\Local\com\NewPlayer.exe_Url_o4dtzvfairwgx2aefcjiiv2m5z1q0lha\2.1.1.9, In Quarantäne, [ff506b4bbcce9e98d3411fbb06fd60a0],
Dateien: 3
PUP.Optional.OpenCandy, C:\Users\Gxxxx\Downloads\FreeFileSync_5.12_setup.exe, In Quarantäne, [311eb3031e6c7cbaf5b7d5850600e719],
PUP.Optional.OpenCandy, C:\Users\Gxxxx\Downloads\winamp5621_full_emusic-7plus_all.exe, In Quarantäne, [7ed18e280486d95dd3d995c5a85e7789],
PUP.Optional.NewPlayer.A, C:\Users\Gxxxx\AppData\Local\com\NewPlayer.exe_Url_o4dtzvfairwgx2aefcjiiv2m5z1q0lha\2.1.1.9\user.config, In Quarantäne, [ff506b4bbcce9e98d3411fbb06fd60a0],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end)
Scan und Funde in Quarantänt mit Malwarebytes, 03.10.2015: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 03.10.2015
Suchlaufzeit: 05:32
Protokolldatei: MBAM_Suchlaufprot_20151003.txt
Administrator: Ja
Version: 2.1.8.1057
Malware-Datenbank: v2015.10.02.08
Rootkit-Datenbank: v2015.10.02.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Aktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Gxxxx
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 445600
Abgelaufene Zeit: 2 Std., 40 Min., 48 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 11
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\2640d3ca-6745-434b-9cd2-6a6b74a99486-4, Löschen bei Neustart,
[072980d26a21ad898bb7960b58acd828],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ebbcf9bc-c879-437c-a028-b408c7c55d8f-1, Löschen bei Neustart,
[78b8054d711ad5612a18fea3be46b64a],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ebbcf9bc-c879-437c-a028-b408c7c55d8f-11, Löschen bei Neustart,
[56da84cec3c88aac02401889cb39f10f],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ebbcf9bc-c879-437c-a028-b408c7c55d8f-2, Löschen bei Neustart,
[d55b173b5e2dbe78e75b89180ef6fc04],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ebbcf9bc-c879-437c-a028-b408c7c55d8f-3, Löschen bei Neustart,
[c769341e85063105340ebee363a13bc5],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ebbcf9bc-c879-437c-a028-b408c7c55d8f-4, Löschen bei Neustart,
[40f0b89ab8d381b545fde8b9c440ad53],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ebbcf9bc-c879-437c-a028-b408c7c55d8f-5, Löschen bei Neustart,
[0828480a305b64d2251d5e4349bb3ec2],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ebbcf9bc-c879-437c-a028-b408c7c55d8f-5_user, Löschen bei Neustart,
[052be270bfcc231361e1455c3bc99c64],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ebbcf9bc-c879-437c-a028-b408c7c55d8f-6, Löschen bei Neustart,
[c16fec6695f644f240024f52857f926e],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ebbcf9bc-c879-437c-a028-b408c7c55d8f-7, Löschen bei Neustart,
[8ca42a28c0cbee48f54dced3cf3510f0],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5350-4500-76A7-A758B70C1B00}, In Quarantäne, [e64a2a28f299d85e2f839249c44033cd],
Registrierungswerte: 1
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5350-4500-76A7-A758B70C1B00}|InstallSource, C:\ProgramData\APN\APN-Stub\ORJ-SPE\, In
Quarantäne, [e64a2a28f299d85e2f839249c44033cd]
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Dateien: 0
(keine bösartigen Elemente erkannt)
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end)
Spybot Scan und Immunisierung: Code:
[ Mozilla Firefox & compatibles ]
. G: No path updating needed.
. a: User S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: \
. A: Found Shell Folder Local AppData registry information: \
. C: Found AppData environment information: \
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
i cookies.sqlite detected, assuming profile is Firefox 3.0 or equivalent.
+ Added Mozilla profile at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
i cookies.sqlite detected, assuming profile is Firefox 3.0 or equivalent.
+ Added Mozilla profile at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
i Browser detection took 02.447 seconds.
[ Mozilla Firefox Portable & compatibles ]
i Browser detection took 00.000 seconds.
[ Mozilla Firefox & compatibles ]
. G: No path updating needed.
. a: User S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: \
. A: Found Shell Folder Local AppData registry information: \
. C: Found AppData environment information: \
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
i cookies.sqlite detected, assuming profile is Firefox 3.0 or equivalent.
+ Added Mozilla profile at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
i cookies.sqlite detected, assuming profile is Firefox 3.0 or equivalent.
+ Added Mozilla profile at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
i Browser detection took 00.067 seconds.
[ Mozilla Firefox Portable & compatibles ]
i Browser detection took 00.000 seconds.
[ Mozilla Firefox & compatibles ]
. G: No path updating needed.
. a: User S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: \
. A: Found Shell Folder Local AppData registry information: \
. C: Found AppData environment information: \
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
i cookies.sqlite detected, assuming profile is Firefox 3.0 or equivalent.
+ Added Mozilla profile at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
i cookies.sqlite detected, assuming profile is Firefox 3.0 or equivalent.
+ Added Mozilla profile at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
i Browser detection took 00.048 seconds.
[ Mozilla Firefox Portable & compatibles ]
i Browser detection took 00.000 seconds.
[ Mozilla Firefox & compatibles ]
. G: No path updating needed.
. a: User S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: \
. A: Found Shell Folder Local AppData registry information: \
. C: Found AppData environment information: \
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
i cookies.sqlite detected, assuming profile is Firefox 3.0 or equivalent.
+ Added Mozilla profile at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
i cookies.sqlite detected, assuming profile is Firefox 3.0 or equivalent.
+ Added Mozilla profile at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
. Final AppData found: C:\Users\Gxxxx\AppData\Roaming\
. Probing profile ini file file at C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\profiles.ini...
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\xk26o0zu.default\.
. Found profile reference to C:\Users\Gxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\cv6vvfi6.default-1403903067383\.
i Browser detection took 00.059 seconds.
[ Mozilla Firefox Portable & compatibles ]
i Browser detection took 00.000 seconds.
[ Opera ]
. G: No path updating needed.
. a: User S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: \
. A: Found Shell Folder Local AppData registry information: \
. C: Found AppData environment information: \
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. Probing possible profile in C:\Program Files (x86)\Opera\Opera\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera7\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera75\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera80\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera90\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera95\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera96\profile\...
i Browser detection took 00.006 seconds.
[ Opera Portable & compatibles ]
i Browser detection took 00.000 seconds.
[ Opera ]
. G: No path updating needed.
. a: User S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: \
. A: Found Shell Folder Local AppData registry information: \
. C: Found AppData environment information: \
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. Probing possible profile in C:\Program Files (x86)\Opera\Opera\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera7\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera75\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera80\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera90\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera95\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera96\profile\...
i Browser detection took 00.005 seconds.
[ Opera Portable & compatibles ]
i Browser detection took 00.000 seconds.
[ Opera ]
. G: No path updating needed.
. a: User S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: \
. A: Found Shell Folder Local AppData registry information: \
. C: Found AppData environment information: \
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. A: Found Shell Folder AppData registry information: C:\Users\Gxxxx\AppData\Roaming\
. A: Found Shell Folder Local AppData registry information: C:\Users\Gxxxx\AppData\Local\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. a: User S-1-5-21-2159139518-318027333-701850226-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 is not on a different drive
. F: Guessed (PE incompatible): C:\Users\Gxxxx\AppData\Roaming\
. G: No path updating needed.
. G: No path updating needed.
. G: No path updating needed.
. Probing possible profile in C:\Program Files (x86)\Opera\Opera\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera7\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera75\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera80\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera90\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera95\profile\...
. Probing possible profile in C:\Program Files (x86)\Opera\Opera96\profile\...
i Browser detection took 00.005 seconds.
[ Opera Portable & compatibles ]
i Browser detection took 00.000 seconds.
Spybot Checks: Code:
Search results from Spybot - Search & Destroy
01.10.2015 02:04:48
Scan took 01:06:00.
23 items found.
Log: [SBI $4E2AF2AC] Install: setupact.log (File, nothing done)
C:\Windows\setupact.log
Properties.size=168
Properties.md5=9982DE5B241F4776F71698EB4D4FC7E9
Properties.filedate=1443647563
Properties.filedatetext=2015-09-30 23:12:43
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file (File, nothing done)
C:\Users\Gxxxx\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7LEPAZBP\cdn1.ht.ui.siteerbros.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=CCF0CC05DE1D0F29DE207BD05B87DABE
Properties.filedate=1443655973
Properties.filedatetext=2015-10-01 01:32:52
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file (File, nothing done)
C:\Users\Gxxxx\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7LEPAZBP\sunstatic.fuckandcdn.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=BB40B012BA87F8BE731429C2E1C4A61F
Properties.filedate=1443656192
Properties.filedatetext=2015-10-01 01:36:32
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2159139518-318027333-701850226-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2159139518-318027333-701850226-1001\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2159139518-318027333-701850226-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2159139518-318027333-701850226-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2159139518-318027333-701850226-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2159139518-318027333-701850226-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (3) (Browser: Cache, nothing done)
--- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) ---
2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2012-12-12 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDECon64.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2014-01-08 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-01-22 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-01-08 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-14 Includes\Malware-C.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-01-21 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-01-15 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-01-22 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
Ich wäre dankbar für Hilfe bei der Prüfung, ob mein System nun wirklich sauber ist.
Viele Grüße und schon mal danke vorab
Pernod |
So funktioniert es:
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und:
Farbar Service Scanner 
und 
und speichere die Logdatei auf Deinem Desktop.
