| |
| |||||||
Alles rund um Windows: "Ads by Info" installiert sich alle paar Tage wie von selbstWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
18.02.2015, 12:26
| #1 |
| |  Problem: "Ads by Info" installiert sich alle paar Tage wie von selbst Hallo ihr, seit knapp einer Woche plagt mich alle paar Tage erneut ein Problem in meinem Browser.  Entstanden ist das Problem vermutlich durch einen versuchen Spiele-Download auf einer unseriösen Seite (ich weiß, dass es eigentlich klar ist, dass man sich dadurch einen Virus einfängt, aber das Verlangen ein uraltes Spiel zu spielen, das nicht mehr im Handel erhältlich ist, ist einfach zu groß gewesen... Beim Downloaden hat sich mein Sicherheitsprogramm gleich gemeldet und hat Trojaner gestoppt, die runtergeladen werden sollten. Allerdings blieb es nicht bei dem Trojaner; zahlreiche Adware hat sich mit eingeschlichen. Der Laptop lief plötzlich sehr stark verlangsamt, weshalb ich gleich alle an diesem Tag gedownloadete Programme deinstallinert, einen AntiMalwarebyte's und einen AdwCleaner Surchdurchlauf gestartet habe. Beide haben auch eine große Menge an Bedrohungen erkannt und entfernt. Danach lief alles gut, bis ich zwei Tage später den Laptop neu gestartet habe: Vor allem bei ebay erschien sehr viel Werbung ("Ads by Info"), die den Browser sehr stark verlangsamten und die Struktur einiger anderer Internetseiten völlig veränderte. Habe daraufhin erneut AntiMalwarebyte's und AdwCleaner gestartet, bis heute lief es gut. Als ich eben den Laptop hochgefahren habe, war die Werbung bei ebay wieder da (meist ein Banner oben, einer rechts und einer unten). Der Browser wäre wieder fast eingefroren und ich habe es gerade noch in dieses Forum geschafft. Zudem verlinkt dieses Programm anscheinend einzelne Wörter in Texten mit Werbung, habe mal einen Screenshot gemacht: hxxp://picload.org/view/cpapplr/adw.jpg.html Was kann bzw. muss ich tun, damit die Werbung aufhört, alle zwei Tage nach Bereinigung wiederzukommen?  Danke für Eure Hilfe! |
|
18.02.2015, 12:40
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | "Ads by Info" installiert sich alle paar Tage wie von selbst Anleitung / Hilfe Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
18.02.2015, 12:53
| #3 |
| | "Ads by Info" installiert sich alle paar Tage wie von selbst Details Hi, danke für die schnelle Antwort!
__________________ Das müsste der Suchverlauf sein, den ich direkt nach dem Download durchgeführt habe:Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 11.02.2015 Suchlauf-Zeit: 23:28:44 Logdatei: anti1.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.10.30.13 Rootkit Datenbank: v2014.10.22.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Acer Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 463316 Verstrichene Zeit: 35 Min, 0 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 4 PUP.Optional.BoxRock.A, C:\Program Files (x86)\Box Rock\updateBoxRock.exe, 7576, Löschen bei Neustart, [bc29b565ef8d152116acfad8827f0ef2] PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\JOSrv.exe, 7956, Löschen bei Neustart, [da0b8892a4d878be188ae4440ff41ee2] PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\nsj368A.tmpfs, 8416, Löschen bei Neustart, [da0b8892a4d878be188ae4440ff41ee2] PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\VOPackage.exe, 8636, Löschen bei Neustart, [da0b8892a4d878be188ae4440ff41ee2] Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 52 PUP.Optional.BoxRock.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Box Rock, In Quarantäne, [bc29b565ef8d152116acfad8827f0ef2], PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [717404163646de58dfd2b92a3cc603fd], PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [717404163646de58dfd2b92a3cc603fd], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [677ed04a275552e4584f3a7429d932ce], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [677ed04a275552e4584f3a7429d932ce], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [677ed04a275552e4584f3a7429d932ce], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [677ed04a275552e4584f3a7429d932ce], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [677ed04a275552e4584f3a7429d932ce], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [677ed04a275552e4584f3a7429d932ce], PUP.Optional.BoxRock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{464deeb8-b74f-4117-b8ec-e42f4028f3d1}, In Quarantäne, [568f95853844c67088d27374956d53ad], PUP.Optional.BoxRock.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{137FD54F-6407-494F-A222-05DB66EC8248}, In Quarantäne, [568f95853844c67088d27374956d53ad], PUP.Optional.BoxRock.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EBCD18AF-4FE7-4A67-B50C-87E635F60283}, In Quarantäne, [568f95853844c67088d27374956d53ad], PUP.Optional.BoxRock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EBCD18AF-4FE7-4A67-B50C-87E635F60283}, In Quarantäne, [568f95853844c67088d27374956d53ad], PUP.Optional.BoxRock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{137FD54F-6407-494F-A222-05DB66EC8248}, In Quarantäne, [568f95853844c67088d27374956d53ad], PUP.Optional.BoxRock.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{464DEEB8-B74F-4117-B8EC-E42F4028F3D1}, In Quarantäne, [568f95853844c67088d27374956d53ad], PUP.Optional.VOPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, In Quarantäne, [da0b8892a4d878be188ae4440ff41ee2], PUP.Optional.VOPackage.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\serverjo, In Quarantäne, [da0b8892a4d878be188ae4440ff41ee2], PUP.Optional.VOPackage.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\qodukyqu, In Quarantäne, [da0b8892a4d878be188ae4440ff41ee2], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\13641, In Quarantäne, [677eb8626913da5c92c086cd1ee59d63], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [20c58f8bc9b366d04b07f85b47bcd927], PUP.Optional.MBot.A, HKLM\SOFTWARE\WOW6432NODE\MYBESTOFFERSTODAY, In Quarantäne, [cc19ed2db6c6f3438ce4fb3644bf10f0], PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [578e30ea126a53e345849104e321629e], PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, In Quarantäne, [e7fee83238441d191023b69d4db67a86], PUP.Optional.WordProser.A, HKLM\SOFTWARE\WOW6432NODE\WordProser_1.10.0.9, In Quarantäne, [d5107aa05824290d06ed2afbe3207987], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, In Quarantäne, [598cc753324a8caae76e281015ee9d63], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\13641, In Quarantäne, [ca1b190199e3e452421003504ab9867a], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [677e1dfd3745df57460c3023dd26e11f], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [c12476a4720acf67ffd19dfb4eb63ec2], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [ae370a10413bbc7a815075231be99d63], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [ca1bfc1ec0bc04327f8869c7c43f0ef2], PUP.Optional.AdvancedSystemProtector.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\Advanced-System Protector, In Quarantäne, [925370aae597ef47525e8aa52ad95ca4], PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, In Quarantäne, [6283ba60e7959c9acf4ee456976c2ad6], PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [f8ed1dfd84f82b0be1901f1b9271e41c], PUP.Optional.WordProser.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wpnfd_1_10_0_9, In Quarantäne, [aa3bd04a3646e155856d4fd67a89b14f], PUP.Optional.WordProser.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wpsvc_1.10.0.9, In Quarantäne, [1ec755c5e59746f0d21f72b335ce4ab6], PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [b4310119d1ab4ee85ab139ec5aa9e11f], PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, In Quarantäne, [be2729f1700c2d0907fc61384cb834cc], PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, In Quarantäne, [a93c8991324a092d74c3c66f82814ab6], PUP.Optional.FastStart.A, HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [fce944d6007c270f55c060cde41f24dc], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{031A0433-D8FB-8B0B-8C95-183BBD563779}, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2553919-671B-B99C-CBC9-5FDB593E2ADA}, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6683F36B-0A5B-1C64-4706-2F948E2A1770}, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6683F36B-0A5B-1C64-4706-2F948E2A1770}, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2553919-671B-B99C-CBC9-5FDB593E2ADA}, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{031A0433-D8FB-8B0B-8C95-183BBD563779}, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{031A0433-D8FB-8B0B-8C95-183BBD563779}, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{031A0433-D8FB-8B0B-8C95-183BBD563779}, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{031A0433-D8FB-8B0B-8C95-183BBD563779}\INPROCSERVER32, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CC01D94D-2617-6474-0C1E-630BF6106CCD, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BoxRock.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Box Rock, In Quarantäne, [3ea7b466a3d989ad3c0268baa06358a8], Registrierungswerte: 7 PUP.Optional.VOPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Update, C:\Users\Acer\AppData\Roaming\VOPackage\VOPackage.exe /runonce, In Quarantäne, [da0b8892a4d878be188ae4440ff41ee2] PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantäne, [598cc753324a8caae76e281015ee9d63] PUP.Optional.MBot.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_de_505, In Quarantäne, [be2740da6b119a9c7ef1af820bf8d12f], PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE|UninstallString, "C:\Users\Acer\AppData\Roaming\VOPackage\uninstall.exe", In Quarantäne, [11d491893b411125694a85b2719214ec] PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com, In Quarantäne, [8f560119314b69cda83a0490b25224dc] PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, exp, In Quarantäne, [ca1bfc1ec0bc04327f8869c7c43f0ef2] PUP.Optional.FastStart.A, HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, In Quarantäne, [fce944d6007c270f55c060cde41f24dc] Registrierungsdaten: 9 PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873),Ersetzt,[24c1b16929530b2b435ef9319f6626da] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873),Ersetzt,[45a01efcb9c342f4ced74bdf92732bd5] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873&q={searchTerms}),Ersetzt,[ffe6d248f38983b3bde6b87245c05ca4] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873),Ersetzt,[9b4ae832c3b97cba950cd05af411a858] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873),Ersetzt,[5b8a0f0b13693501ccd93eec7b8a45bb] PUP.Optional.WebSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://istart.webssearches.com/web/?type=ds&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873&q={searchTerms}),Ersetzt,[81649288621a75c192a3cee99e63d12f] PUP.Optional.WebsSearches.A, HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873),Ersetzt,[e9fce4365428dd59188e0e1c59acc838] PUP.Optional.WebsSearches.A, HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873),Ersetzt,[54916eac4f2d171fd4cebc6ed72e13ed] PUP.Optional.WebsSearches.A, HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873&q={searchTerms}),Ersetzt,[509525f5b9c381b52183bc6ebe47a858] Ordner: 65 PUP.Optional.HealthAlert.A, C:\Users\Acer\AppData\Local\HealthAlert, In Quarantäne, [9b4afe1cb4c8a98d38662301c93aba46], PUP.Optional.HealthAlert.A, C:\ProgramData\HealthAlert, In Quarantäne, [865fb1690379e74f970849db4fb407f9], PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage, Löschen bei Neustart, [da0b8892a4d878be188ae4440ff41ee2], PUP.Optional.VOPackage, C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage, In Quarantäne, [c421b16947359c9affb572c546bd8f71], PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, In Quarantäne, [0bdab8625e1e8caa3885fc4bfb0847b9], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\clamunpack, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanerPro.A, C:\Users\Acer\AppData\Roaming\Systweak\regclean pro, In Quarantäne, [74714fcb91eb64d2c4db09ee61a143bd], PUP.Optional.RegCleanerPro.A, C:\Users\Acer\AppData\Roaming\Systweak\regclean pro\Version 6.1, In Quarantäne, [74714fcb91eb64d2c4db09ee61a143bd], PUP.Optional.RegCleanerPro.A, C:\Users\Acer\AppData\Roaming\Systweak\regclean pro\Version 6.1\voice, In Quarantäne, [74714fcb91eb64d2c4db09ee61a143bd], PUP.Optional.RegCleanerPro.A, C:\Users\Acer\AppData\Roaming\Systweak\regclean pro\Version 6.1\voice\de, In Quarantäne, [74714fcb91eb64d2c4db09ee61a143bd], PUP.Optional.WebsSearches.A, C:\Users\Acer\AppData\Roaming\webssearches, In Quarantäne, [ab3a38e24c30f73f585731ccca385da3], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\include, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\include\tools, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\lib, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\module, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\pack, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\en, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\en-US, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\es, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\es-419, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\fr, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\fr-BE, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\fr-CA, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\fr-CH, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\fr-LU, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\it, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\it-CH, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\pl, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\pt-BR, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\ru, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\ru-MO, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\tr, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\vi, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\zh-CN, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\zh-TW, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\skin, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\defaults, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\defaults\preferences, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [fde84cce5e1e89ad739cfb14af54a35d], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [fde84cce5e1e89ad739cfb14af54a35d], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{85BA4F80-328E-4967-A575-3B297046C641}, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.359480, In Quarantäne, [f3f20f0b621a4cead42923eda75c52ae], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\x64, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector, In Quarantäne, [796cb06a37452511b3b2c654ae55ce32], PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures, In Quarantäne, [796cb06a37452511b3b2c654ae55ce32], PUP.Optional.AdvancedSystemProtector.A, C:\Users\Acer\AppData\Roaming\Systweak\Advanced-System Protector, In Quarantäne, [7a6bef2b2656fd39b5b077a34ab9a25e], PUP.Optional.BoxRock.A, C:\Program Files (x86)\Box Rock, Löschen bei Neustart, [3ea7b466a3d989ad3c0268baa06358a8], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9, Löschen bei Neustart, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\3rd Party Licenses, In Quarantäne, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\Service, Löschen bei Neustart, [e8fdad6d463652e4a14efa2846bd60a0], Dateien: 311 PUP.Optional.BoxRock.A, C:\Program Files (x86)\Box Rock\updateBoxRock.exe, Löschen bei Neustart, [bc29b565ef8d152116acfad8827f0ef2], PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, In Quarantäne, [677ed04a275552e4584f3a7429d932ce], PUP.Optional.BoxRock.A, C:\Program Files (x86)\Box Rock\BoxRockbho.dll, In Quarantäne, [568f95853844c67088d27374956d53ad], PUP.Optional.BPlug, C:\Users\Acer\AppData\Local\Temp\zmFSPEwE0c.exe, In Quarantäne, [fce9ed2d067665d1a876873abf42c937], PUP.Optional.SupTab.A, C:\Users\Acer\AppData\Local\Temp\Wtmp121315640\tmp\XTab_v4.0.exe, In Quarantäne, [02e3dc3e1963f73f840348ed30d0b947], PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Temp\is-K8OV0.tmp\plushd_soft_partner.exe, In Quarantäne, [24c140da0c700d29c0ae23b43bc69f61], PUP.Optional.HealthAlert.A, C:\Users\Acer\AppData\Local\HealthAlert\data2.dat, In Quarantäne, [9b4afe1cb4c8a98d38662301c93aba46], PUP.Optional.HealthAlert.A, C:\ProgramData\HealthAlert\app.dat, In Quarantäne, [865fb1690379e74f970849db4fb407f9], PUP.Optional.HealthAlert.A, C:\ProgramData\HealthAlert\data.dat, In Quarantäne, [865fb1690379e74f970849db4fb407f9], PUP.Optional.HealthAlert.A, C:\ProgramData\HealthAlert\HealthAlert.ico, In Quarantäne, [865fb1690379e74f970849db4fb407f9], PUP.Optional.HealthAlert.A, C:\ProgramData\HealthAlert\Uninstall.exe, In Quarantäne, [865fb1690379e74f970849db4fb407f9], PUP.Optional.WordProser.A, C:\Windows\System32\drivers\wpnfd_1_10_0_9.sys, In Quarantäne, [8362b6642656fe38787860c51de6629e], PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\Uninstall.exe, In Quarantäne, [da0b8892a4d878be188ae4440ff41ee2], PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\jorunasu.exe, In Quarantäne, [da0b8892a4d878be188ae4440ff41ee2], PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\JOSrv.exe, Löschen bei Neustart, [da0b8892a4d878be188ae4440ff41ee2], PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\nsj368A.tmpfs, Löschen bei Neustart, [da0b8892a4d878be188ae4440ff41ee2], PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\runasu.exe, In Quarantäne, [da0b8892a4d878be188ae4440ff41ee2], PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\VOPackage.exe, Löschen bei Neustart, [da0b8892a4d878be188ae4440ff41ee2], PUP.Optional.AdvancedSystemProtector, C:\Windows\System32\Tasks\Advanced-System Protector_startup, In Quarantäne, [5a8bcc4e225a2e086bb445eb41c27d83], PUP.Optional.AdvancedSystemProtector, C:\Users\Public\Desktop\Advanced-System Protector.lnk, In Quarantäne, [8b5a20faf28adb5b6f36df5192718d73], PUP.Optional.RegCleanerPro, C:\Users\Public\Desktop\RegClean Pro.lnk, In Quarantäne, [a0454fcbe29ac07610b48ea4ef144db3], PUP.Optional.RegCleanerPro, C:\Windows\System32\Tasks\RegClean Pro, In Quarantäne, [856056c4f28ae74ffaccdd55fb08a45c], PUP.Optional.VOPackage, C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk, In Quarantäne, [c421b16947359c9affb572c546bd8f71], PUP.Optional.WebSearchs.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage, In Quarantäne, [05e0f1292656b0863adaa29635ce20e0], PUP.Optional.WebSearchs.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage-journal, In Quarantäne, [10d574a6413bf44250c4380005fe1fe1], PUP.Optional.Boost.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage, In Quarantäne, [33b268b2a3d93df9c5684deb50b316ea], PUP.Optional.Boost.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal, In Quarantäne, [757019016913b77f032ab8807291c937], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-1-6, In Quarantäne, [40a5b8625a2245f15bf52a0e57acd22e], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-1-7, In Quarantäne, [9a4b100a6f0d3bfbc9873008ff044eb2], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-4, In Quarantäne, [74716eac6b1161d5b19f1127ff043ac6], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-5, In Quarantäne, [3da82af0adcffb3bfd531226b25128d8], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-5_user, In Quarantäne, [cf1603178af291a5cd830236887bbd43], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-6, In Quarantäne, [63820e0c1d5f95a1044c67d127dcae52], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-7, In Quarantäne, [cf16a971a4d8f73f90c05eda758e47b9], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-1-6, In Quarantäne, [cf1663b7a6d68fa766eaf048a65d6d93], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-1-7, In Quarantäne, [7273c2585f1d85b15ff17abe13f00df3], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-10_user, In Quarantäne, [91546ab04438989ed47ce751d82b9e62], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-4, In Quarantäne, [f1f43fdb7c0053e3a5ab3503d330e917], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-5, In Quarantäne, [82639f7ba9d3a88ea1af0a2e887bb54b], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-5_user, In Quarantäne, [b33240da1e5e0f271838c771d72cac54], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-6, In Quarantäne, [bf262bef344884b2222e68d091729868], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-7, In Quarantäne, [d411ea305527a393f9570e2ac241be42], PUP.Optional.RegCleanPro.A, C:\Windows\System32\Tasks\RegClean Pro_DEFAULT, In Quarantäne, [9f46be5cb0cc8aac06fc68d5bd460df3], PUP.Optional.BlockAndSurf.A, C:\Windows\System32\Tasks\BlockAndSurf Update, In Quarantäne, [3da85ebcef8dc076b9b6ed500af95fa1], PUP.Optional.ShoppingGate.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, In Quarantäne, [d60f0416423a58de85e6d176ba498f71], PUP.Optional.ShoppingGate.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, In Quarantäne, [fbea34e6c4b8270fde8df84ff90a48b8], PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, In Quarantäne, [0bdab8625e1e8caa3885fc4bfb0847b9], PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro entfernen.lnk, In Quarantäne, [0bdab8625e1e8caa3885fc4bfb0847b9], PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, In Quarantäne, [0bdab8625e1e8caa3885fc4bfb0847b9], PUP.Optional.BlockAndSurf.A, C:\Windows\Tasks\BlockAndSurf Update.job, In Quarantäne, [1cc9af6b2a5220163f88fb568b7824dc], PUP.Optional.WebsSearches.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\searchplugins\webssearches.xml, In Quarantäne, [0cd9a07ac1bb59dd3bfb163dc14212ee], PUP.Optional.RegCleanerPro.J, C:\Windows\Tasks\RegClean Pro_UPDATES.job, In Quarantäne, [e302031786f6162026b198c9bb48e61a], PUP.Optional.RegCleanPro.A, C:\Windows\Tasks\RegClean Pro_DEFAULT.job, In Quarantäne, [b0353edc3b4162d4fc72beb67a8aa858], PUP.Optional.CrossRider.T, C:\Windows\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-1-6.job, In Quarantäne, [eff62dedde9e1521d294badcab59857b], PUP.Optional.CrossRider.T, C:\Windows\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-1-7.job, In Quarantäne, [eafb49d1aece8fa7075febabc440c13f], PUP.Optional.CrossRider.T, C:\Windows\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-4.job, In Quarantäne, [2abb6baf027aab8bf76fddb9e91b9e62], PUP.Optional.CrossRider.T, C:\Windows\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-5.job, In Quarantäne, [0fd60416cab292a4d6902472b54fd62a], PUP.Optional.CrossRider.T, C:\Windows\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-5_user.job, In Quarantäne, [727324f6d0ac34020e584d494bb9758b], PUP.Optional.CrossRider.T, C:\Windows\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-6.job, In Quarantäne, [34b197838cf0c5714b1bf5a154b0b947], PUP.Optional.CrossRider.T, C:\Windows\Tasks\0134def5-7618-4ea6-a72a-1c56f63dc6ca-7.job, In Quarantäne, [33b230eaa2da360091d50591fd07a35d], PUP.Optional.CrossRider.T, C:\Windows\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-1-6.job, In Quarantäne, [db0abe5cc7b52d09e680573f57add828], PUP.Optional.CrossRider.T, C:\Windows\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-1-7.job, In Quarantäne, [d510cb4f0577a4924d190c8adf25936d], PUP.Optional.CrossRider.T, C:\Windows\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-10_user.job, In Quarantäne, [469f0e0c512bbf77d5916e281be97789], PUP.Optional.CrossRider.T, C:\Windows\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-4.job, In Quarantäne, [51940f0b0973102685e12670a0647f81], PUP.Optional.CrossRider.T, C:\Windows\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-5.job, In Quarantäne, [e203f4262656eb4bc1a575214cb855ab], PUP.Optional.CrossRider.T, C:\Windows\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-5_user.job, In Quarantäne, [04e1bf5ba3d9ce6814525640fc081ce4], PUP.Optional.CrossRider.T, C:\Windows\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-6.job, In Quarantäne, [2db830eac4b8cc6a1e48177f04004fb1], PUP.Optional.CrossRider.T, C:\Windows\Tasks\3ca30645-f273-4dee-800d-a406e2c1faac-7.job, In Quarantäne, [28bd8d8d18646bcb76f0e1b5d2327789], PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, In Quarantäne, [11d4ca50295341f5cbb1a7ef48bce917], PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, In Quarantäne, [dc090a107903eb4b2954afe794706b95], PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, In Quarantäne, [796c9d7d007ccc6ac0be9afc6e9640c0], PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, In Quarantäne, [43a2809a99e346f037488a0ceb1948b8], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe.config, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\norwegian_asp_NO.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\AppResource.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\asp.ico, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\AspManager.exe, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\aspsys.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\ASPUninstall.exe, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\categories.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Chinese_asp_ZH-CN.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Chinese_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Communication.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\danish_asp_DA.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Danish_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\dutch_asp_NL.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Dutch_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\eng_asp_en.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\eng_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\filetypehelper.exe, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Finnish_asp_FI.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Finnish_uninst_fi.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\french_asp_FR.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\French_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\german_asp_DE.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\German_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Norwegian_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\polish_uninst_pl.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\portugese_uninst_pt.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\portuguese_asp_PT-BR.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Portuguese_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\russian_asp_ru.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\russian_uninst_ru.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\scandll.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\spanish_asp_ES.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\spanish_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\greek_uninst_el.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Interop.IWshRuntimeLibrary.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\italian_asp_IT.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Italian_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\japanese_asp_JA.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Japanese_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\korean_uninst_ko.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\loading_withWhiteBG.avi, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Microsoft.Win32.TaskScheduler.DLL, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\swedish_asp_SV.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\swedish_uninst.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\System.Core.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\System.Data.SQLite.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\TPS.ico, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\traditionalcn_uninst_zh-tw.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Turkish_uninst_tr.ini, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\unins000.dat, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\unins000.exe, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\unins000.msg, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\unrar.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Xceed.Compression.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Xceed.Compression.Formats.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Xceed.FileSystem.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Xceed.Zip.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\clamunpack\clamscan.exe, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\clamunpack\libclamav.dll, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\clamunpack\readme.txt, In Quarantäne, [974ed8423f3d9c9a5f9f7423fd07847c], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Chinese_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\FileList.rcp, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Chinese_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\CleanSchedule.exe, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Danish_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Danish_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Dutch_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Dutch_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\eng_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\eng_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Japanese_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Japanese_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\korean_rcp_ko.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\korean_uninst_ko.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\LicMgr.dll, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Norwegian_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Norwegian_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\polish_rcp_pl.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\polish_uninst_pl.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\portugese_rcp_pt.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\portugese_uninst_pt.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Portuguese_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Portuguese_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\RCPUninstall.exe, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Finnish_rcp_fi.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Finnish_uninst_fi.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\French_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\French_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\German_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\German_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\greek_rcp_el.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\greek_uninst_el.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\install_left_image.bmp, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\isxdl.dll, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Italian_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Italian_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\RegCleanPro.exe, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\RegList.rcp, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\russian_rcp_ru.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\russian_uninst_ru.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Spanish_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\spanish_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Swedish_rcp.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\swedish_uninst.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\systweakasp.exe, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\TPS.ico, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\TraditionalCn_rcp_zh-tw.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\traditionalcn_uninst_zh-tw.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\turkish_rcp_tr.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\Turkish_uninst_tr.ini, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\unins000.dat, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\unins000.exe, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\unins000.msg, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RCP\xmllite.dll, In Quarantäne, [fbea65b57c00191d0ef21682bc489e62], PUP.Optional.ReMarkable.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, In Quarantäne, [c81daa70037990a65e87d1c9d92bf40c], PUP.Optional.ReMarkable.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, In Quarantäne, [4c997d9d24580531fbead1c9f212b050], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\Service\wpsvc.exe, Löschen bei Neustart, [1ec755c5e59746f0d21f72b335ce4ab6], PUP.Optional.RegCleanerPro.A, C:\Users\Acer\AppData\Roaming\Systweak\regclean pro\dta.ini, In Quarantäne, [74714fcb91eb64d2c4db09ee61a143bd], PUP.Optional.RegCleanerPro.A, C:\Users\Acer\AppData\Roaming\Systweak\regclean pro\Version 6.1\backup1.bin, In Quarantäne, [74714fcb91eb64d2c4db09ee61a143bd], PUP.Optional.RegCleanerPro.A, C:\Users\Acer\AppData\Roaming\Systweak\regclean pro\Version 6.1\German_rcp.dat, In Quarantäne, [74714fcb91eb64d2c4db09ee61a143bd], PUP.Optional.RegCleanerPro.A, C:\Users\Acer\AppData\Roaming\Systweak\regclean pro\Version 6.1\log_02-11-2015.log, In Quarantäne, [74714fcb91eb64d2c4db09ee61a143bd], PUP.Optional.RegCleanerPro.A, C:\Users\Acer\AppData\Roaming\Systweak\regclean pro\Version 6.1\voice\de\voice.wav, In Quarantäne, [74714fcb91eb64d2c4db09ee61a143bd], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome.manifest, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\install.rdf, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\index.html, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\quick_start.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\js.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\module\mostgrid.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\skin\icon.png, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\skin\loading.gif, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\skin\logo.png, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\skin\newtab.ico, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\skin\simple.css, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\chrome\skin\style.css, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules\addonmanager.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules\aes.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules\config.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules\dialogs.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules\last_tab.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules\misc.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules\properties.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules\remoterequest.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules\restoreprefs.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.FastStart.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com\modules\settings.js, In Quarantäne, [03e2ca5057259e98f2e29c7140c338c8], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, In Quarantäne, [bc298397c9b387afb130c94752b1c838], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452\GoogleCrashHandler.exe, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452\GoogleUpdate.exe, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452\GoogleUpdateBroker.exe, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452\GoogleUpdateHelper.msi, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452\GoogleUpdateOnDemand.exe, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452\goopdate.dll, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452\goopdateres_en.dll, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452\npGoogleUpdate4.dll, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452\psmachine.dll, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.GlobalUpdate.A, C:\Users\Acer\AppData\Local\Temp\comh.91452\psuser.dll, In Quarantäne, [19cc9981c1bb092dc934fd13e22101ff], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\188.crx, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\188.dat, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\188.dll, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\188_x64.dll, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\188.xpi, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\BlockAndSurf.exe, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\G3BlockAndSurfQ04.dll, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\G3BlockAndSurfQ04.exe, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\sqlite3.dll, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\Uninstall.exe, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\x64\TandemRunner.exe, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\x64\WdfCoInstaller01009.dll, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\x64\webinstr.inf, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver2BlockAndSurf\x64\webTinst.sys, In Quarantäne, [7570ea30502c30064ef534e343c05ba5], PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\AddonSafelist, In Quarantäne, [796cb06a37452511b3b2c654ae55ce32], PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\log.xslt, In Quarantäne, [796cb06a37452511b3b2c654ae55ce32], PUP.Optional.AdvancedSystemProtector.A, C:\Users\Acer\AppData\Roaming\Systweak\Advanced-System Protector\ASPLog.txt, In Quarantäne, [7a6bef2b2656fd39b5b077a34ab9a25e], PUP.Optional.AdvancedSystemProtector.A, C:\Users\Acer\AppData\Roaming\Systweak\Advanced-System Protector\Settings.db, In Quarantäne, [7a6bef2b2656fd39b5b077a34ab9a25e], PUP.Optional.BoxRock.A, C:\Program Files (x86)\Box Rock\0, In Quarantäne, [3ea7b466a3d989ad3c0268baa06358a8], PUP.Optional.BoxRock.A, C:\Program Files (x86)\Box Rock\BoxRock.ico, In Quarantäne, [3ea7b466a3d989ad3c0268baa06358a8], PUP.Optional.BoxRock.A, C:\Program Files (x86)\Box Rock\BoxRockUninstall.exe, In Quarantäne, [3ea7b466a3d989ad3c0268baa06358a8], PUP.Optional.BoxRock.A, C:\Program Files (x86)\Box Rock\updateBoxRock.InstallState, In Quarantäne, [3ea7b466a3d989ad3c0268baa06358a8], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\terms-of-service.rtf, In Quarantäne, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\Uninstall.exe, In Quarantäne, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\3rd Party Licenses\buildcrx-license.txt, In Quarantäne, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\3rd Party Licenses\Info-ZIP-license.txt, In Quarantäne, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\3rd Party Licenses\JSON-simple-license.txt, In Quarantäne, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\3rd Party Licenses\nsJSON-license.txt, In Quarantäne, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\3rd Party Licenses\Nustache-license.txt, In Quarantäne, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\3rd Party Licenses\TaskScheduler-license.txt, In Quarantäne, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WordProser.A, C:\Program Files (x86)\WordProser_1.10.0.9\3rd Party Licenses\UAC-license.txt, In Quarantäne, [e8fdad6d463652e4a14efa2846bd60a0], PUP.Optional.WebsSearches.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873");), Ersetzt,[e5001bffdd9f191d9339f673f80d7a86] PUP.Optional.WebsSearches.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://istart.webssearches.com/newtab/?type=nt&ts=1423693493&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873");), Ersetzt,[994ce8326e0e2115339ac4a54fb63bc5] Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 16.02.2015 Suchlauf-Zeit: 12:12:27 Logdatei: anti2.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.02.16.04 Rootkit Datenbank: v2015.02.03.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Acer Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 495647 Verstrichene Zeit: 36 Min, 15 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 1 PUP.Optional.HealthAlert.A, C:\ProgramData\euYNVp\GCfQuE.exe, 2612, Löschen bei Neustart, [c85c4ed174160d29b2711fde20e18b75] Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 3 PUP.Optional.HealthAlert.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GCfQuE, In Quarantäne, [c85c4ed174160d29b2711fde20e18b75], PUP.Optional.CrossRider.A, HKU\S-1-5-21-796843528-3112425069-757958081-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\13641, In Quarantäne, [d450958a573337ff617ca501f60d26da], PUP.Optional.CrossRider.A, HKU\S-1-5-21-796843528-3112425069-757958081-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\13641, In Quarantäne, [5cc87ca3b6d4f640a33ae4c229da3ac6], Registrierungswerte: 1 PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_de_196, In Quarantäne, [fb2967b80e7c2a0cf6c1eaaf41c2bf41], Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 1 PUP.Optional.HealthAlert.A, C:\Users\Acer\AppData\Local\HealthAlert, In Quarantäne, [25ff63bc8efc3df988ffb1ee44bfc63a], Dateien: 47 PUP.Optional.HealthAlert.A, C:\ProgramData\euYNVp\GCfQuE.exe, Löschen bei Neustart, [c85c4ed174160d29b2711fde20e18b75], PUP.Optional.HealthAlert.A, C:\ProgramData\euYNVp\dat\lFENEq.exe, Löschen bei Neustart, [0321849b0f7b76c0c65dd22b827fc53b], PUP.Optional.ZombieInvasion.A, C:\ProgramData\euYNVp\dat\oOSVzulUDUh.dll, Löschen bei Neustart, [f92b64bbcebce5510bc5d9db7194728e], PUP.Optional.HealthAlert.A, C:\ProgramData\euYNVp\dat\qwAIEW.exe, Löschen bei Neustart, [c1631c031b6ff83eea3918e534cd7888], PUP.Optional.SFInstaller, C:\$Recycle.Bin\S-1-5-21-796843528-3112425069-757958081-1002\$RT7UA0D.zip, In Quarantäne, [dc48b06fd8b275c1169dcc49ad558f71], PUP.Optional.LuckyTab.A, C:\Users\Acer\AppData\Local\Temp\ogXlrHQ6kr.tmp, In Quarantäne, [df4578a767233600be28ac4ae81dd729], PUP.Optional.SFInstaller, C:\Users\Acer\AppData\Local\Temp\SimpleFilessiL06rWePV.exe, In Quarantäne, [42e239e693f7ae882d8603120df52ed2], PUP.Optional.SFInstaller, C:\Users\Acer\AppData\Local\Temp\SimpleFilesWGO4CBVK3H.exe, In Quarantäne, [d64e57c8345660d65d56a96ceb17ee12], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_quickref_installer_multilang.exe, In Quarantäne, [a1830d128ffb47ef5fb57f79e21fd22e], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_secprotwhite_installer_multilang.exe, In Quarantäne, [f133839ca9e13bfbc94b03f59d6457a9], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_secureprotect_installer_multilang.exe, In Quarantäne, [ff25b8678703ac8a18fcdf199e63b44c], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_snapdo_linkury_installer_multilang.exe, In Quarantäne, [f92baf702a6083b36fa51eda788953ad], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_speeditup_installer_multilang.exe, In Quarantäne, [82a24bd4d9b19f9742d287714db4b54b], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_spimali_installer_multilang.exe, In Quarantäne, [889ceb343951b48258bc7187ef120df3], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_stormpverti_installer_multilang.exe, In Quarantäne, [4bd957c8a9e175c1100456a2659cd12f], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_superpc_installer_multilang.exe, In Quarantäne, [df4577a88efcd95dcf4530c8de235da3], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_taplika_installer_multilang.exe, In Quarantäne, [8b99fd2205852e08050f9e5ae71a6b95], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_wordproser_pariente_installer_multilang.exe, In Quarantäne, [2004d34cf39783b31400dd1b837e46ba], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_zombie_installer_multilang.exe, In Quarantäne, [a67e3fe05d2db77f2aeaa0587d84e818], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_browsergood_installer_multilang.exe, In Quarantäne, [57cd8d9266248ea853c1fefab54c8878], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_BubbleSound_installer_multilang.exe, In Quarantäne, [8c98c758c7c372c4a17338c060a156aa], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_cp_desktopdock_installer_multilang.exe, In Quarantäne, [82a24dd2d2b8d85e1202d523de23be42], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_CubepileShopperz_installer_multilang.exe, In Quarantäne, [6eb6879890fa56e0fe169f5928d97090], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_FlashBeat_installer_multilang.exe, In Quarantäne, [f52f6cb395f596a0bb59e6127c854db3], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_gamehug_installer_multilang.exe, In Quarantäne, [aa7aaf70028847efbf5519df69987789], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_MyStartSearch_installer_multilang.exe, In Quarantäne, [899b958ad3b7270ff222da1edc259e62], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_omiga_pariente_installer_multilang.exe, In Quarantäne, [1e0648d70e7c66d04acaba3e41c0fd03], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_optimizerpro_installer_multilang.exe, In Quarantäne, [47dd1609fc8ed363769ea35528d9e11f], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_plumoweb_installer_multilang.exe, In Quarantäne, [d05476a9b5d573c320f4995f3bc6b44c], PUP.Optional.Tuto4PC.A, C:\Users\Acer\AppData\Local\Temp\is-2JL1Q.tmp\package_plushd_installer_multilang.exe, In Quarantäne, [af75a27d0b7f82b483915b9dde237c84], Riskware.Vmdetector, C:\Users\Acer\AppData\Local\Temp\is-D7N8E.tmp\IMUN.exe, In Quarantäne, [190be53abcce71c5cbe3882427de669a], PUP.Optional.SFInstaller, C:\Users\Acer\AppData\Local\Temp\Temp1_Muslim_massacre_game_downloader.exe.zip\Muslim_massacre_game_downloader.exe, In Quarantäne, [32f297880981e254149f1104c9398e72], PUP.Optional.Downloader, C:\Users\Acer\Downloads\Free Alarm Clock - CHIP-Installer.exe, In Quarantäne, [25ff9c8390fa7cba5ae1cc5625dd8a76], PUP.Optional.SelectNGo.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage, Löschen bei Neustart, [e4401e015f2b3303266b9ff2ad5624dc], PUP.Optional.SelectNGo.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage-journal, Löschen bei Neustart, [27fd38e796f489ad632ec8c93ac98d73], PUP.Optional.WebsSearches.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage, In Quarantäne, [e143d6496d1d85b16b75b8da90738b75], PUP.Optional.WebsSearches.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage-journal, In Quarantäne, [f72d5bc4fc8e7db918c89002c241eb15], PUP.Optional.SimpleFiles.A, C:\Windows\System32\Tasks\SimpleFiles Installer Starter, In Quarantäne, [70b4a57a6d1df04640000f8447bc2dd3], PUP.Optional.HealthAlert.A, C:\Users\Acer\AppData\Local\HealthAlert\data2.dat, In Quarantäne, [25ff63bc8efc3df988ffb1ee44bfc63a], PUP.Optional.SelectNGo.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, Löschen bei Neustart, [5cc831ee48429f972b675f5f53b08878], PUP.Optional.SelectNGo.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, Löschen bei Neustart, [43e1928d137758debbd70fafd82bb64a], PUP.Optional.ReMarkable.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, In Quarantäne, [2202978898f241f5d22580932cd90af6], PUP.Optional.ReMarkable.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, In Quarantäne, [998b8f90860480b63cbb4dc6fa0bf808], PUP.Optional.Vitruvian.A, C:\Users\Acer\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001, In Quarantäne, [5bc9cf506e1cfd395ce1ed2b8580de22], PUP.Optional.Vitruvian.A, C:\Users\Acer\AppData\Local\Temp\vitruvian-installer-install-v0003, In Quarantäne, [82a2ce51d9b187af201d898f47beb44c], PUP.Optional.Vitruvian.A, C:\Users\Acer\AppData\Local\Temp\vitruvian-installer-processes-v0002, In Quarantäne, [1014041b325860d6ef4ef424709519e7], PUP.Optional.Vitruvian.A, C:\Users\Acer\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, In Quarantäne, [01233de26426d95d3b02b662d332d030], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) |
|
18.02.2015, 13:00
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lösung: "Ads by Info" installiert sich alle paar Tage wie von selbst Voll mit Junkware  Bitte noch die FRST-Logs posten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.02.2015, 13:07
| #5 |
| | Wie "Ads by Info" installiert sich alle paar Tage wie von selbst Und hier sind die von Farbar: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015 Ran by Acer (administrator) on ACER-PC on 18-02-2015 13:02:29 Running from C:\Users\Acer\Downloads Loaded Profiles: Acer & (Available profiles: UpdatusUser & Acer & Gast) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc.) C:\Program Files\mcafee\AppStats\MfeASUM.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Users\Acer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\ARA.exe (Ivan Bischof ©2003 - 2005) C:\Users\Acer\AppData\Local\No23 Recorder.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe\time.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Acer\AppData\Roaming\Spotify\spotify.exe () C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\mspaint.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-14] () HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010800 2013-01-17] (Synaptics Incorporated) HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2499584 2010-03-25] (Vodafone) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications)) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-796843528-3112425069-757958081-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation) HKU\S-1-5-21-796843528-3112425069-757958081-1002\...\Run: [Amazon Cloud Player] => C:\Users\Acer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] () HKU\S-1-5-21-796843528-3112425069-757958081-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) HKU\S-1-5-21-796843528-3112425069-757958081-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2014-09-24] (Microsoft Corporation) HKU\S-1-5-21-796843528-3112425069-757958081-1002\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group) HKU\S-1-5-21-796843528-3112425069-757958081-1002\...\MountPoints2: {fdbe950a-5833-11e3-be6b-806e6f6e6963} - "D:\Autorun.exe" HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Cloud Player] => C:\Users\Acer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] () HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2014-09-24] (Microsoft Corporation) HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group) HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fdbe950a-5833-11e3-be6b-806e6f6e6963} - "D:\Autorun.exe" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-796843528-3112425069-757958081-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:50272;https=127.0.0.1:50272 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-796843528-3112425069-757958081-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com HKU\S-1-5-21-796843528-3112425069-757958081-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com HKU\S-1-5-21-796843528-3112425069-757958081-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com HKU\S-1-5-21-796843528-3112425069-757958081-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-796843528-3112425069-757958081-1002 -> DefaultScope {643BA8B3-0DF6-4966-B2B1-66DB751EDD5A} URL = SearchScopes: HKU\S-1-5-21-796843528-3112425069-757958081-1002 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP031E8C9C-8CDC-4806-AFBA-3556442012CE&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-796843528-3112425069-757958081-1002 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-796843528-3112425069-757958081-1002 -> {643BA8B3-0DF6-4966-B2B1-66DB751EDD5A} URL = SearchScopes: HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {643BA8B3-0DF6-4966-B2B1-66DB751EDD5A} URL = SearchScopes: HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP031E8C9C-8CDC-4806-AFBA-3556442012CE&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {643BA8B3-0DF6-4966-B2B1-66DB751EDD5A} URL = BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff64.dll No File BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff32.dll No File BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default FF DefaultSearchEngine: WebWebWeb - by Video Downloader Professional FF SearchEngineOrder.1: Sichere Suche FF SelectedSearchEngine: WebWebWeb - by Video Downloader Professional FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\searchplugins\webwebweb---by-video-downloader-professional.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml FF Extension: Yahoo Community Smartbar - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\Extensions\{2a55d04b-65b8-7428-1ba5-2ea219c92b65} [2014-10-30] FF Extension: 2e17e2b2b8d44a678d7bfafa6cc9d1d0 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\Extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0} [2015-02-15] FF Extension: DownloadHelper - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-30] FF Extension: Video Downloader professional - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\Extensions\ffext_basicvideoext@startpage24.xpi [2015-01-06] FF Extension: Box Rock 1.0.1 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\Extensions\{1f7001b5-3138-49aa-af1b-2761ce2486a5}.xpi [2015-02-11] FF Extension: Adblock Plus - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-30] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-26] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-04-18] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-04-18] FF HKU\S-1-5-21-796843528-3112425069-757958081-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] FF HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: No Name - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com [Not Found] FF Extension: No Name - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\fftoolbar2014@etech.com [Not Found] FF Extension: No Name - C:\Program Files (x86)\ver2BlockAndSurf\188.xpi [Not Found] FF Extension: No Name - C:\Program Files\shopperz\Firefox [Not Found] FF Extension: No Name - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\faststartff@gmail.com [Not Found] FF Extension: No Name - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xutht8p3.default\extensions\6c03cee0ab9442c4a67a507@58d658df5a30468fabf5c7a.com [Not Found] Chrome: ======= CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hppp&ts=1423693539&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873 CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hppp&ts=1423693539&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873" CHR DefaultSearchKeyword: Default -> webssearches CHR DefaultSuggestURL: Default -> CHR Profile: C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-08] CHR Extension: (Google Drive) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-08] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04] CHR Extension: (YouTube) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-08] CHR Extension: (Google-Suche) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-08] CHR Extension: (AdBlock) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-30] CHR Extension: (kniehgiejgnnpgojkdhhjbgbllnfkfdk) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kniehgiejgnnpgojkdhhjbgbllnfkfdk [2015-02-15] CHR Extension: (Google Wallet) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-08] CHR Extension: (Google Mail) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-08] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated) S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-14] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.) S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.) R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-12-31] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.) R2 mfevtp; C:\windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation) R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2010-03-25] (Vodafone) [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation) R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-18] (Malwarebytes Corporation) R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.) R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-12-31] (McAfee, Inc.) R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.) R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.) R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) R2 webTinst; C:\WINDOWS\system32\Drivers\webTinst.sys [50264 2015-02-11] () ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-18 13:02 - 2015-02-18 13:02 - 00033131 _____ () C:\Users\Acer\Downloads\FRST.txt 2015-02-18 13:02 - 2015-02-18 13:02 - 00000000 ____D () C:\FRST 2015-02-18 13:01 - 2015-02-18 13:02 - 02085888 _____ (Farbar) C:\Users\Acer\Downloads\FRST64.exe 2015-02-17 20:02 - 2015-02-17 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2015-02-17 14:14 - 2015-02-17 14:14 - 03000284 _____ () C:\Users\Acer\Downloads\1424178115438.webm 2015-02-16 15:34 - 2015-02-16 15:34 - 00000470 _____ () C:\Users\Acer\Downloads\listen-dsl (1).asx 2015-02-16 15:33 - 2015-02-16 15:34 - 00000470 _____ () C:\Users\Acer\Downloads\listen-dsl.asx 2015-02-16 15:12 - 2015-02-16 15:12 - 01573990 _____ () C:\Users\Acer\Downloads\1424094598618.webm 2015-02-16 15:09 - 2015-02-16 15:09 - 03069993 _____ () C:\Users\Acer\Downloads\1424090712298.webm 2015-02-16 15:06 - 2015-02-16 15:06 - 01375077 _____ () C:\Users\Acer\Downloads\1424089232090.webm 2015-02-16 12:08 - 2015-02-16 12:08 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-02-15 16:55 - 2015-02-15 16:55 - 00001095 _____ () C:\Users\Acer\Desktop\Free Alarm Clock.lnk 2015-02-15 16:55 - 2015-02-15 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock 2015-02-15 16:55 - 2015-02-15 16:55 - 00000000 ____D () C:\Program Files (x86)\FreeAlarmClock 2015-02-13 19:33 - 2015-02-13 19:33 - 02799141 _____ () C:\Users\Acer\Downloads\1423849323023.webm 2015-02-13 19:31 - 2015-02-13 19:31 - 02650134 _____ () C:\Users\Acer\Downloads\1423848499994.webm 2015-02-13 19:26 - 2015-02-13 19:26 - 03050807 _____ () C:\Users\Acer\Downloads\1423847891116.webm 2015-02-13 19:24 - 2015-02-13 19:24 - 02775781 _____ () C:\Users\Acer\Downloads\1423847683547.webm 2015-02-12 10:30 - 2015-02-18 12:28 - 00000000 ____D () C:\AdwCleaner 2015-02-12 10:22 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-02-12 10:22 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-02-11 23:36 - 2015-02-11 23:36 - 00613057 _____ (CMI Limited) C:\Users\Acer\AppData\Local\nsvF404.tmp 2015-02-11 23:36 - 2015-02-11 23:36 - 00000000 ____D () C:\Program Files (x86)\cd711e52-fa4d-426b-9cef-c03282115e20 2015-02-11 23:34 - 2015-02-16 12:50 - 00000000 ____D () C:\ProgramData\euYNVp 2015-02-11 23:25 - 2015-02-11 23:25 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webTinst_01009.Wdf 2015-02-11 23:25 - 2015-02-11 23:24 - 00050264 _____ () C:\WINDOWS\system32\Drivers\webTinst.sys 2015-02-11 09:51 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-02-11 09:51 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-02-11 09:51 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-02-11 09:51 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-02-11 09:51 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2015-02-11 09:51 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2015-02-11 09:51 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-02-11 09:51 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-02-11 09:51 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-02-11 09:51 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-02-11 09:51 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-02-11 09:51 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-02-11 09:51 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2015-02-11 09:51 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2015-02-11 09:51 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll 2015-02-11 09:51 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll 2015-02-11 09:51 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2015-02-11 09:51 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll 2015-02-11 09:51 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2015-02-11 09:51 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2015-02-11 09:51 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll 2015-02-11 09:51 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2015-02-11 09:51 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll 2015-02-11 09:51 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll 2015-02-11 09:51 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-02-11 09:51 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2015-02-11 09:51 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll 2015-02-11 09:51 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe 2015-02-11 09:51 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe 2015-02-11 09:51 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe 2015-02-11 09:50 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2015-02-11 09:50 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-02-11 09:50 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-02-11 09:50 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2015-02-11 09:50 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-02-11 09:50 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-02-11 09:50 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2015-02-11 09:50 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-02-11 09:50 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-02-11 09:50 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-02-11 09:50 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-02-11 09:50 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-02-11 09:50 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-02-11 09:50 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-02-11 09:50 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-02-11 09:50 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-02-11 09:50 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-02-11 09:50 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-02-11 09:50 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-02-11 09:50 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-02-11 09:50 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-02-11 09:50 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-02-11 09:50 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-02-11 09:50 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-02-11 09:50 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-02-11 09:50 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-02-11 09:50 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-02-11 09:50 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-02-11 09:50 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-02-11 09:50 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-02-11 09:50 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-02-11 09:50 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-02-11 09:50 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-02-11 09:50 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-02-11 09:50 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-02-09 14:35 - 2015-02-09 14:35 - 00002098 _____ () C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk 2015-02-03 13:20 - 2015-02-16 12:50 - 00001633 _____ () C:\WINDOWS\setupact.log 2015-02-03 13:20 - 2015-02-03 13:20 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-02-03 13:19 - 2015-02-16 12:50 - 00132628 _____ () C:\WINDOWS\PFRO.log 2015-01-31 21:09 - 2015-02-18 12:28 - 01346895 _____ () C:\WINDOWS\WindowsUpdate.log 2015-01-31 21:07 - 2015-01-31 21:07 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-01-31 21:07 - 2015-01-31 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-01-31 21:07 - 2015-01-31 21:07 - 00000000 ____D () C:\Program Files\CCleaner ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-18 13:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-02-18 13:01 - 2014-03-08 10:21 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-18 13:00 - 2014-03-08 10:21 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-18 12:46 - 2014-03-08 10:25 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\ClassicShell 2015-02-18 12:26 - 2014-09-06 16:55 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-02-18 12:13 - 2014-03-08 10:27 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Spotify 2015-02-18 12:10 - 2014-10-30 15:31 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3EF17C62-050F-41EA-B39B-CDBDD3446931} 2015-02-18 12:07 - 2014-03-08 10:28 - 00000000 ____D () C:\Users\Acer\AppData\Local\Spotify 2015-02-17 22:07 - 2014-03-30 16:40 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-02-17 21:27 - 2014-03-08 09:15 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-796843528-3112425069-757958081-1002 2015-02-16 15:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-02-16 13:47 - 2014-11-22 15:47 - 00000040 _____ () C:\Users\Acer\AppData\Local\tmp.no23 2015-02-16 12:50 - 2014-09-06 16:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-02-16 12:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Vss 2015-02-16 12:50 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-02-16 12:50 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2015-02-16 12:49 - 2014-03-08 22:57 - 00001483 _____ () C:\Users\Acer\AppData\Local\RecConfig.xml 2015-02-16 12:08 - 2014-09-06 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-02-14 11:46 - 2014-09-24 07:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-02-14 11:46 - 2014-09-24 06:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat 2015-02-14 11:46 - 2014-09-24 06:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat 2015-02-13 12:12 - 2014-05-12 20:23 - 00000000 ____D () C:\Users\Acer\Downloads\Pronz 2015-02-13 12:11 - 2014-05-12 20:20 - 00000000 ____D () C:\Users\Acer\Downloads\Programme 2015-02-12 10:54 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2015-02-12 10:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2015-02-12 10:35 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2015-02-12 10:24 - 2014-07-01 13:48 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Dropbox 2015-02-12 10:21 - 2014-07-01 13:52 - 00000000 ___RD () C:\Users\Acer\Dropbox 2015-02-12 00:09 - 2013-08-22 15:44 - 00410104 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-02-11 23:42 - 2014-10-30 15:19 - 00002314 _____ () C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2015-02-11 23:42 - 2014-03-30 12:29 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-02-11 23:42 - 2013-12-19 08:44 - 00001442 _____ () C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-02-11 23:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing 2015-02-11 23:26 - 2014-03-24 21:52 - 00000000 ____D () C:\Users\Acer\.gimp-2.8 2015-02-11 10:36 - 2014-03-08 21:48 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-11 10:35 - 2014-03-08 20:38 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-02-11 10:31 - 2014-03-08 20:38 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-02-09 17:40 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2015-02-09 14:35 - 2014-03-15 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games 2015-02-06 12:54 - 2014-03-08 10:21 - 00004106 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-06 12:54 - 2014-03-08 10:21 - 00003870 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-05 12:07 - 2014-03-30 16:40 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-02-03 20:31 - 2014-09-24 08:46 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-02-03 20:31 - 2014-09-24 08:46 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-31 21:09 - 2014-10-21 12:59 - 00000000 ___DC () C:\WINDOWS\Panther 2015-01-31 21:09 - 2014-03-08 22:14 - 00000000 ____D () C:\Users\Acer\AppData\Local\CrashDumps 2015-01-30 21:07 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages 2015-01-30 13:48 - 2014-03-08 20:16 - 00000000 ____D () C:\Users\Acer\Documents\Fistopedia 2015-01-28 14:03 - 2014-03-08 20:16 - 00000000 ____D () C:\Users\Acer\Documents\Bewerbungen 2015-01-26 13:13 - 2014-03-08 20:16 - 00000000 ____D () C:\Users\Acer\Documents\Yu-Gi-Oh! ==================== Files in the root of some directories ======= 2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Acer\AppData\Local\bass.dll 2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Acer\AppData\Local\basscd.dll 2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Acer\AppData\Local\CDRip.dll 2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\Acer\AppData\Local\lame_enc.dll 2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Acer\AppData\Local\No23 Recorder.exe 2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\Acer\AppData\Local\no23xwrapper.dll 2015-02-11 23:36 - 2015-02-11 23:36 - 0613057 _____ (CMI Limited) C:\Users\Acer\AppData\Local\nsvF404.tmp 2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\Acer\AppData\Local\ogg.dll 2014-03-08 22:57 - 2015-02-16 12:49 - 0001483 _____ () C:\Users\Acer\AppData\Local\RecConfig.xml 2015-01-18 12:09 - 2015-01-18 12:09 - 0000853 _____ () C:\Users\Acer\AppData\Local\recently-used.xbel 2014-11-22 15:47 - 2015-02-16 13:47 - 0000040 _____ () C:\Users\Acer\AppData\Local\tmp.no23 2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\Acer\AppData\Local\vorbis.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\Acer\AppData\Local\vorbisenc.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\Acer\AppData\Local\vorbisfile.dll 2010-03-15 19:15 - 2010-03-15 19:15 - 0156430 ____R () C:\ProgramData\DeviceManager.xml.rc4 2013-11-28 15:42 - 2013-11-28 15:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP: ==================== C:\Users\Acer\AppData\Local\Temp\6MRR7566YT.exe C:\Users\Acer\AppData\Local\Temp\6YzcG79fIw.exe C:\Users\Acer\AppData\Local\Temp\814DA056-555A-729A-6A6C-89E7F278D8A2.exe C:\Users\Acer\AppData\Local\Temp\A22A032C-FA9E-D97F-65B7-6373B26B30FC.dll C:\Users\Acer\AppData\Local\Temp\A22A032C-FA9E-D97F-65B7-6373B26B30FC.exe C:\Users\Acer\AppData\Local\Temp\bes8DF.exe C:\Users\Acer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwlevhm.dll C:\Users\Acer\AppData\Local\Temp\f0eSeFntAH.exe C:\Users\Acer\AppData\Local\Temp\kmkOeT9ltM.exe C:\Users\Acer\AppData\Local\Temp\Pn5dOL20uF.exe C:\Users\Acer\AppData\Local\Temp\xJZ0Jn7V87.exe C:\Users\kiosk\AppData\Local\Temp\octD154.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-16 13:28 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by Acer at 2015-02-18 13:03:54
Running from C:\Users\Acer\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-796843528-3112425069-757958081-1002\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Games (HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Games (HKU\S-1-5-21-796843528-3112425069-757958081-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-796843528-3112425069-757958081-1002\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon Cloud Player (HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dojotech Spotify Recorder (HKLM-x32\...\{D149DB2E-392E-48CC-8036-88BECC09C50A}) (Version: 3.2 - Dojotech Software)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Free Audio CD Burner version 2.0.25.327 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.25.327 - DVDVideoSoft Ltd.)
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 4.0.0.8 - )
Free YouTube to MP3 Converter version 3.12.29.304 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.29.304 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Set Editor 2.0.0 (HKLM-x32\...\Magic Set Editor 2_is1) (Version: - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero CoverDesigner (HKLM-x32\...\{12391E45-23F7-4DEA-ABAE-2CA69CA87D92}) (Version: 12.0.02300 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-796843528-3112425069-757958081-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Pokki) (Version: 0.266.1.172 - Pokki)
Pokki Start Menu (HKU\S-1-5-21-796843528-3112425069-757958081-1002\...\Pokki_Start_Menu) (Version: 0.269.3.181 - )
Pokki Start Menu (HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Pokki_Start_Menu) (Version: 0.269.3.181 - )
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.5 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version: - Wicked & Wild Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Vodafone Mobile Connect Lite (HKLM-x32\...\{91252C0A-59F9-42F9-9181-B9CC74F592C0}) (Version: 9.4.9.22273 - Vodafone)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version: - hxxp://www.WAVMP3.net)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
YGOPro DevPro Version 1.9.9 r0 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.9 r0 - YGOPro DevPro Online)
Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-796843528-3112425069-757958081-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-796843528-3112425069-757958081-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
28-01-2015 11:03:04 Windows Update
06-02-2015 02:32:25 Windows Update
09-02-2015 14:36:17 Windows Modules Installer
11-02-2015 23:32:51 Removed 7-Zip 9.34
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {327BBAFD-A60F-400E-B215-AF898D8309E5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {3313535F-7E04-4AB4-8E86-57B3B7482A12} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-17] (Acer Incorporate)
Task: {33734EF4-1E85-4EA6-84E5-4D3A39B4ACEB} - \SimpleFiles Installer Starter No Task File <==== ATTENTION
Task: {51B7E2BE-8273-429E-A6F4-92643E8BC167} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {59455845-9697-45E1-B960-8FB920D05173} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {601D65D0-332B-4C61-9FB3-BD3D1B961255} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-08] (Google Inc.)
Task: {6789E179-159C-4C2F-A575-2FD6D9A5F182} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-08] (Google Inc.)
Task: {785E0096-2729-42DF-A140-4428530C6C48} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {8EC30A3F-C95D-45D9-A0B1-F8B5A97D14E2} - System32\Tasks\{E0072692-DC01-4FB5-B4DA-D422C2E054A8} => pcalua.exe -a "C:\Program Files (x86)\Search Extensions\uninstall.exe" -c /u=true /UserID=7009effb-3cb7-443d-a232-83fa20837020 /SourceID=browsersafeguard-rockettab-spigot-ytd /ImplementationID=browsersafeguard-rockettab-spigot-ytd /UC=20150107
Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {92BD0DA5-58A5-4F79-96B3-368D6D919BE7} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {AE040DE6-D37B-4773-9804-1DB64B7566B2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-11] (Microsoft Corporation)
Task: {B29B7E31-1592-42DB-BF24-C52519BF4CC8} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {BF5A8C5A-7407-403A-9D95-BB55E3654140} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {C09F0974-B843-4D73-AB76-395A414FF0F9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) ==============
2013-09-05 01:36 - 2013-09-05 01:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-14 22:50 - 2014-10-14 22:50 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-01-25 00:09 - 2013-01-25 00:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 00:05 - 2013-01-25 00:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 00:12 - 2013-01-25 00:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-05-13 10:40 - 2014-03-07 21:39 - 03168576 _____ () C:\Users\Acer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-03-08 10:28 - 2014-12-14 13:56 - 00374840 _____ () C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-28 15:36 - 2013-01-23 08:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2005-08-23 22:34 - 2005-08-23 22:34 - 00029184 _____ () C:\Users\Acer\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 00015872 _____ () C:\Users\Acer\AppData\Local\ogg.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 00143872 _____ () C:\Users\Acer\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 00064000 _____ () C:\Users\Acer\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 00019456 _____ () C:\Users\Acer\AppData\Local\vorbisfile.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 00155136 _____ () C:\Users\Acer\AppData\Local\lame_enc.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-11-28 16:02 - 2013-02-20 22:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-02-06 13:00 - 2015-02-04 10:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 13:00 - 2015-02-04 10:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 13:00 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2015-02-06 13:00 - 2015-02-04 10:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
2014-03-08 10:28 - 2014-12-14 13:56 - 36966968 _____ () C:\Users\Acer\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-19 15:29 - 2014-12-14 13:56 - 00867896 _____ () C:\Users\Acer\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-03-08 10:28 - 2014-12-14 13:56 - 00886840 _____ () C:\Users\Acer\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-03-08 10:28 - 2014-12-14 13:56 - 00108600 _____ () C:\Users\Acer\AppData\Roaming\Spotify\Data\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-796843528-3112425069-757958081-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-796843528-3112425069-757958081-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Acer\Pictures\yugi orichalcos.jpg
HKU\S-1-5-21-796843528-3112425069-757958081-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Acer\Pictures\yugi orichalcos.jpg
HKU\S-1-5-21-796843528-3112425069-757958081-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Acer (S-1-5-21-796843528-3112425069-757958081-1002 - Administrator - Enabled) => C:\Users\Acer
Administrator (S-1-5-21-796843528-3112425069-757958081-500 - Administrator - Disabled)
Gast (S-1-5-21-796843528-3112425069-757958081-501 - Limited - Enabled) => C:\Users\Gast
UpdatusUser (S-1-5-21-796843528-3112425069-757958081-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (02/18/2015 04:06:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2094
Error: (02/18/2015 04:06:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2094
Error: (02/18/2015 04:06:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/18/2015 04:06:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1047
Error: (02/18/2015 04:06:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1047
Error: (02/18/2015 04:06:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/18/2015 03:46:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (02/18/2015 03:46:41 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (02/18/2015 03:46:41 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (02/18/2015 03:46:41 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
System errors:
=============
Error: (02/18/2015 00:13:50 PM) (Source: DCOM) (EventID: 10000) (User: Acer-PC)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Error: (02/18/2015 03:47:18 AM) (Source: DCOM) (EventID: 10010) (User: Acer-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/18/2015 03:46:48 AM) (Source: DCOM) (EventID: 10010) (User: Acer-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/18/2015 03:40:57 AM) (Source: DCOM) (EventID: 10000) (User: Acer-PC)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Error: (02/17/2015 08:31:20 PM) (Source: DCOM) (EventID: 10000) (User: Acer-PC)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Error: (02/17/2015 05:31:20 PM) (Source: DCOM) (EventID: 10000) (User: Acer-PC)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Error: (02/17/2015 00:30:39 PM) (Source: DCOM) (EventID: 10000) (User: Acer-PC)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Error: (02/17/2015 00:25:38 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{15411F4A-8607-4B96-8EA6-7BD5FF32ADC9} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (02/17/2015 03:31:08 AM) (Source: DCOM) (EventID: 10010) (User: Acer-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/17/2015 03:26:21 AM) (Source: DCOM) (EventID: 10000) (User: Acer-PC)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Microsoft Office Sessions:
=========================
Error: (02/18/2015 04:06:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2094
Error: (02/18/2015 04:06:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2094
Error: (02/18/2015 04:06:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/18/2015 04:06:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1047
Error: (02/18/2015 04:06:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1047
Error: (02/18/2015 04:06:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/18/2015 03:46:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files\CCleaner\CCleaner.exe
Error: (02/18/2015 03:46:41 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (02/18/2015 03:46:41 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (02/18/2015 03:46:41 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
CodeIntegrity Errors:
===================================
Date: 2015-02-16 13:28:57.027
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-25 05:20:02.931
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 67%
Total physical RAM: 8072.27 MB
Available physical RAM: 2659.04 MB
Total Pagefile: 9352.27 MB
Available Pagefile: 3421.22 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:913.26 GB) (Free:781.24 GB) NTFS
Drive d: (ZOO_TYCN) (CDROM) (Total:5.78 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E90A3043)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
18.02.2015, 13:15
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wo "Ads by Info" installiert sich alle paar Tage wie von selbst Lösung! Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> "Ads by Info" installiert sich alle paar Tage wie von selbst |
|
24.02.2015, 12:42
| #7 |
| | "Ads by Info" installiert sich alle paar Tage wie von selbst Hi, sorry für die Verspätung. Bis gestern vormittag war "Ads bei Info" übrigens weg, gegen Nachmittag kam es wieder. Wie kann ich Adwcleaner von der Programmleiste auf den Desktop ziehen, ohne, dass als Ort "Downloads" angegeben wird? Habe es gedownloadet und anschließend (als Verknüpfung, da ich nicht wusste, wie es sonst richtig ist) auf den Desktop gezogen. Hier die Ergebnisse: Code:
ATTFilter # AdwCleaner v4.111 - Bericht erstellt 24/02/2015 um 12:38:27
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Acer - ACER-PC
# Gestarted von : C:\Users\Acer\Downloads\adwcleaner_4.111.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage
Datei Gelöscht : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage
Datei Gelöscht : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage-journal
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v34.0.5 (x86 de)
-\\ Google Chrome v40.0.2214.115
[C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=dspp&ts=1423693539&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873&q={searchTerms}
[C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=dspp&ts=1423693539&from=exp&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A736787367873&q={searchTerms}
*************************
AdwCleaner[R0].txt - [1858 Bytes] - [24/02/2015 12:37:07]
AdwCleaner[S0].txt - [1780 Bytes] - [24/02/2015 12:38:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1839 Bytes] ##########
|
|
Linear-Darstellung
