| |
| |||||||
Log-Analyse und Auswertung: Nur noch Pop Ups und Werbungen - Tipps für Chrome erbetenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
16.06.2015, 13:15
| #1 |
| |  Nur noch Pop Ups und Werbungen - Tipps für Chrome erbeten Hallo Zusammen, mein Chrome produziert nur noch Werbungen. Jede Seite die ich öffne ist befallen. Danke sehr für Eure Tipps und Hilfe. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015 Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe (Atheros Commnucations) C:\Program Files\Bluetooth Suite\AdminService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe () C:\ProgramData\Avg_Update_0615avt\AVG-Secure-Search-Update_0615avt.exe (Link Wiz) C:\Program Files\LinkWiz_1.10.0.13\Service\lwsvc.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe () C:\Users\Fam. Teu Heim-PC\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe (Atheros Communications) C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files\Bluetooth Suite\AthBtTray.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Google Inc.) C:\Users\Fam. Teu Heim-PC\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Avanquest Software) C:\Program Files\Sony\Sony PC Companion\PCCService.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcfgex.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Run: [] => [X] HKLM\...\Run: [Nikon Message Center 2] => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation) HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [296520 2015-04-07] (RealNetworks, Inc.) HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] () HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] () HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [490656 2011-02-17] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-02-17] (Atheros Commnucations) HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.) HKLM\...\Run: [TrojanScanner] => C:\Program Files\Trojan Remover\Trjscan.exe [1911712 2015-06-16] (Simply Super Software) HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\Run: [Google Update] => C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-02-11] (Google Inc.) HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\Run: [Google+ Auto Backup] => C:\Users\Fam. Teu Heim-PC\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.) HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony) HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-06-05] (Google Inc.) HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\RunOnce: [Uninstall C:\Users\Fam. Teu Heim-PC\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fam. Teu Heim-PC\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_188_Plugin.exe [927920 2015-06-09] (Adobe Systems Incorporated) HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\MountPoints2: {70b3a660-d133-11e4-ac5c-1c75081744a0} - H:\startme.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-02-16] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-02-15] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2015-04-07] ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled ProxyServer: [.DEFAULT] => http=127.0.0.1:56608;https=127.0.0.1:56608 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-825476160-397804973-4097189815-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_16¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtC0ByDtByB0FtB0F0C0CtN0D 0Tzu0StCtCzyzytN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtBtB0AtDtAyCyEtGyE0FyBtAtGyC0A0F0EtGyD0E0DtDtGtCtB0AyBzzyD0EtBtD0A0C0D2QtN1M1F1B2Z 1V1N2Y1L1Qzu2SzytDyCtC0B0FtAzztG0BtDyC0EtGyE0DtD0CtG0AyB0ByEtGtAzytC0ByDtAyDyC0A0FtD0C2QtN0A0LzuyE%26cr%3D1040216501%26a%3Dwny_ir_15_16%26os%3DWindows 7 Home Premium HKU\S-1-5-21-825476160-397804973-4097189815-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp HKU\S-1-5-21-825476160-397804973-4097189815-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtC0ByDtByB0FtB0F0C0CtN0D 0Tzu0StCtCzyzytN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtBtB0AtDtAyCyEtGyE0FyBtAtGyC0A0F0EtGyD0E0DtDtGtCtB0AyBzzyD0EtBtD0A0C0D2QtN1M1F1B2Z 1V1N2Y1L1Qzu2SzytDyCtC0B0FtAzztG0BtDyC0EtGyE0DtD0CtG0AyB0ByEtGtAzytC0ByDtAyDyC0A0FtD0C2QtN0A0LzuyE%26cr%3D1040216501%26a%3Dwny_ir_15_16%26os%3DWindows 7 Home Premium&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtC0ByDtByB0FtB0F0C0CtN0D 0Tzu0StCtCzyzytN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtBtB0AtDtAyCyEtGyE0FyBtAtGyC0A0F0EtGyD0E0DtDtGtCtB0AyBzzyD0EtBtD0A0C0D2QtN1M1F1B2Z 1V1N2Y1L1Qzu2SzytDyCtC0B0FtAzztG0BtDyC0EtGyE0DtD0CtG0AyB0ByEtGtAzytC0ByDtAyDyC0A0FtD0C2QtN0A0LzuyE%26cr%3D1040216501%26a%3Dwny_ir_15_16%26os%3DWindows 7 Home Premium&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-825476160-397804973-4097189815-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtC0ByDtByB0FtB0F0C0CtN0D 0Tzu0StCtCzyzytN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtBtB0AtDtAyCyEtGyE0FyBtAtGyC0A0F0EtGyD0E0DtDtGtCtB0AyBzzyD0EtBtD0A0C0D2QtN1M1F1B2Z 1V1N2Y1L1Qzu2SzytDyCtC0B0FtAzztG0BtDyC0EtGyE0DtD0CtG0AyB0ByEtGtAzytC0ByDtAyDyC0A0FtD0C2QtN0A0LzuyE%26cr%3D1040216501%26a%3Dwny_ir_15_16%26os%3DWindows 7 Home Premium&p={searchTerms} SearchScopes: HKU\S-1-5-21-825476160-397804973-4097189815-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtC0ByDtByB0FtB0F0C0CtN0D 0Tzu0StCtCzyzytN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtBtB0AtDtAyCyEtGyE0FyBtAtGyC0A0F0EtGyD0E0DtDtGtCtB0AyBzzyD0EtBtD0A0C0D2QtN1M1F1B2Z 1V1N2Y1L1Qzu2SzytDyCtC0B0FtAzztG0BtDyC0EtGyE0DtD0CtG0AyB0ByEtGtAzytC0ByDtAyDyC0A0FtD0C2QtN0A0LzuyE%26cr%3D1040216501%26a%3Dwny_ir_15_16%26os%3DWindows 7 Home Premium&p={searchTerms} BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-26] (RealDownloader) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-02-17] (Atheros Commnucations) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: StumbleUpon -> {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} -> C:\Users\Fam. Teu Heim-PC\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll [2011-11-22] (StumbleUpon Inc.) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF DefaultSearchEngine: Search Provided by Yahoo FF Homepage: hxxp://de.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_16¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dde%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtC0ByDtByB0FtB0F0C0 CtN0D0Tzu0StCtCzyzytN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtBtB0AtDtAyCyEtGyE0FyBtAtGyC0A0F0EtGyD0E0DtDtGtCtB0AyBzzyD0EtBtD0A0C0D2QtN1M1 F1B2Z1V1N2Y1L1Qzu2SzytDyCtC0B0FtAzztG0BtDyC0EtGyE0DtD0CtG0AyB0ByEtGtAzytC0ByDtAyDyC0A0FtD0C2QtN0A0LzuyE%26cr%3D1040216501%26a%3Dwny_ir_15_16%26os%3DWi ndows 7 Home Premium FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2015-04-07] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-26] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-04-07] (RealPlayer Cloud) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-09] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-09] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin HKU\S-1-5-21-825476160-397804973-4097189815-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-09] (Google Inc.) FF Plugin HKU\S-1-5-21-825476160-397804973-4097189815-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-09] (Google Inc.) FF Plugin HKU\S-1-5-21-825476160-397804973-4097189815-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC) FF SearchPlugin: C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\searchplugins\google-images.xml [2015-04-11] FF SearchPlugin: C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\searchplugins\google-maps.xml [2015-04-11] FF SearchPlugin: C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\searchplugins\search-provided-by-yahoo.xml [2015-04-14] FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\Extensions\sparpilot@sparpilot.com [2015-04-07] FF Extension: StumbleUpon - C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\Extensions\toolbar@stumbleupon.com [2015-04-14] FF Extension: WEB.DE MailCheck - C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\Extensions\toolbar@web.de [2015-04-20] FF Extension: Adblock Plus - C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-20] FF Extension: {d9b89592-8666-49da-9c69-aab621818289} - C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\Extensions\{d9b89592-8666-49da-9c69-aab621818289}.xpi [2015-04-07] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-02-15] FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-04-07] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found] Chrome: ======= CHR Profile: C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Translate) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-02-11] CHR Extension: (Google Slides) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-11] CHR Extension: (Super Netflix) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aioencjhbaolepcoappllicjebblphoc [2015-06-16] CHR Extension: (Google Docs) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11] CHR Extension: (Google Drive) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-11] CHR Extension: (Please enter your password) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2015-02-11] CHR Extension: (SoundCloud Downloader) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjckonbgbnaihkahaolpfjpllplfifjo [2015-02-27] CHR Extension: (YouTube) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-11] CHR Extension: (Google Cast) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-02-11] CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2015-02-11] CHR Extension: (Google Search) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-11] CHR Extension: (Flag for Chrome) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn [2015-02-11] CHR Extension: (Fernsehen) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\deinkbkflkommolikefigdljdgjhkpfk [2015-02-11] CHR Extension: (CinemaxX Trailer) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopcgojamofpmhidpadjjfilkiiehjea [2015-02-11] CHR Extension: (CHIP Adventskalender 2014) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eieokkbmdedgencncfbagbcapghlakcg [2015-02-11] CHR Extension: (Box) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-02-11] CHR Extension: (Photo Zoom for Facebook) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2015-02-11] CHR Extension: (Google Sheets) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-11] CHR Extension: (Ripple Emulator (Beta)) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\geelfhphabnejjhdalkjhgipohgpdnoc [2015-02-11] CHR Extension: (AdBlock) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-11] CHR Extension: (Stealthy) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2015-02-11] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17] CHR Extension: (Numerics Calculator & Converter) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-02-11] CHR Extension: (GutscheinDoktor Gutscheinmelder) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mipmkfhkfboanillfokcilheonihaelf [2015-06-16] CHR Extension: (Google Wallet) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-11] CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2015-02-11] CHR Extension: (Love Calculator) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolmcecgdmgibngcbeedeljjadklplag [2015-02-11] CHR Extension: (BMI Calculator) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbapipcgadndjlpokbcmgohpjpgkbodo [2015-02-11] CHR Extension: (Gutscheinsammler Finder) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilobbegphefikcgjpajnneiiahhejam [2015-02-11] CHR Extension: (Gmail) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-11] CHR Profile: C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-27] CHR Extension: (Google Docs) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-27] CHR Extension: (Google Drive) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-27] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-27] CHR Extension: (YouTube) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-27] CHR Extension: (Google Search) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-27] CHR Extension: (Google Sheets) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-27] CHR Extension: (Katie's butterflies.) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbpkehnhcfehoeahdnpafnfffkdnnoeb [2015-02-27] CHR Extension: (Google Wallet) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-07] CHR Extension: (Gmail) - C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-27] CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" [Not Found] CHR HKLM\...\Chrome\Extension: [pgifblbjgdjhcelbanblbhkhmbnnmhfg] - C:\Users\Fam. Teu Heim-PC\AppData\LocalLow\StumbleUpon\CHROME\StumbleUpon.crx [2011-11-22] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [72864 2011-02-17] (Atheros Commnucations) [File not signed] R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1522664 2015-05-18] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.) R2 hasplms; C:\Windows\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 lwsvc_1.10.0.13; C:\Program Files\LinkWiz_1.10.0.13\Service\lwsvc.exe [278592 2015-04-02] (Link Wiz) S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] () R2 RealPlayer Cloud Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2015-04-07] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] () R3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) R2 StumbleUponUpdater; C:\Users\Fam. Teu Heim-PC\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] () [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [362496 2012-06-28] (SafeNet Inc.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [57824 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [226784 2015-04-27] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [191968 2015-05-07] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [29664 2015-05-14] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [206816 2015-04-15] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [166880 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [213984 2015-05-04] (AVG Technologies CZ, s.r.o.) R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [24736 2011-02-17] (Atheros) S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2015-04-03] (Sony Mobile Communications) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [596424 2011-08-10] (SafeNet Inc.) R1 lwnfd_1_10_0_13; C:\Windows\System32\drivers\lwnfd_1_10_0_13.sys [52720 2015-04-02] (Link Wiz) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation) S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [359424 2009-07-14] (Realtek Semiconductor Corporation ) U3 DfSdkS; No ImagePath S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015x\WNt600x86\Sandra.sys [X] S3 Tosrfcom; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-16 13:58 - 2015-06-16 13:59 - 00030723 _____ C:\Users\Fam. Teu Heim-PC\Downloads\FRST.txt 2015-06-16 13:58 - 2015-06-16 13:58 - 00000000 ____D C:\FRST 2015-06-16 13:57 - 2015-06-16 13:57 - 01148416 _____ (Farbar) C:\Users\Fam. Teu Heim-PC\Downloads\FRST.exe 2015-06-16 13:33 - 2015-06-16 13:33 - 00000000 ____D C:\ProgramData\TEMP 2015-06-16 13:33 - 2015-06-16 13:33 - 00000000 ____D C:\ProgramData\Licenses 2015-06-16 13:30 - 2015-06-16 13:31 - 00000000 ____D C:\Program Files\Trojan Remover 2015-06-16 13:30 - 2015-06-16 13:30 - 00001109 _____ C:\Users\Public\Desktop\Trojan Remover.lnk 2015-06-16 13:30 - 2015-06-16 13:30 - 00000000 ____D C:\Users\Fam. Teu Heim-PC\Documents\Simply Super Software 2015-06-16 13:30 - 2015-06-16 13:30 - 00000000 ____D C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Simply Super Software 2015-06-16 13:30 - 2015-06-16 13:30 - 00000000 ____D C:\ProgramData\Simply Super Software 2015-06-16 13:30 - 2015-06-16 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover 2015-06-16 13:28 - 2015-06-16 13:29 - 35218576 _____ (Simply Super Software ) C:\Users\Fam. Teu Heim-PC\Downloads\trjsetup692.exe 2015-06-15 16:03 - 2015-06-16 09:34 - 00056988 _____ C:\Windows\PFRO.log 2015-06-15 14:50 - 2015-06-16 13:32 - 00003464 _____ C:\Windows\setupact.log 2015-06-15 14:50 - 2015-06-15 14:50 - 00000000 _____ C:\Windows\setuperr.log 2015-06-15 14:44 - 2015-06-15 14:44 - 00768512 _____ (Reimage®) C:\Users\Fam. Teu Heim-PC\Downloads\ReimageRepair.exe 2015-06-15 14:42 - 2015-06-15 14:44 - 110655528 _____ C:\Users\Fam. Teu Heim-PC\Downloads\S-PCU2__-020101WF-ALLIN-ALL___.exe 2015-06-15 14:28 - 2015-06-15 14:28 - 00047310 _____ C:\Users\Fam. Teu Heim-PC\Documents\cc_20150615_142819.reg 2015-06-15 14:24 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-06-15 14:10 - 2015-06-16 13:11 - 00000464 _____ C:\Windows\Tasks\AVG_SYS_TASK_0615avt_VALID.job 2015-06-15 14:10 - 2015-06-16 13:11 - 00000412 _____ C:\Windows\Tasks\AVG_SYS_TASK_0615avt_DELETE.job 2015-06-15 14:10 - 2015-06-15 14:51 - 00000000 ____D C:\ProgramData\Avg_Update_0615avt 2015-06-13 19:00 - 2015-06-13 19:00 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2015-06-13 18:59 - 2015-06-13 18:59 - 00000000 ____D C:\Users\Fam. Teu Heim-PC\AppData\Local\Samsung 2015-06-13 18:58 - 2015-06-13 18:58 - 00000000 ____D C:\Users\Fam. Teu Heim-PC\Documents\samsung 2015-06-13 18:58 - 2015-06-13 18:58 - 00000000 ____D C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Samsung 2015-06-13 18:57 - 2015-06-13 18:57 - 00001960 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2015-06-13 18:57 - 2015-06-13 18:57 - 00001950 _____ C:\Users\Public\Desktop\Samsung Kies.lnk 2015-06-13 18:56 - 2014-10-13 07:57 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2015-06-13 18:56 - 2014-10-13 07:57 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2015-06-13 18:55 - 2015-06-13 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2015-06-13 18:55 - 2015-06-13 18:55 - 00000000 ____D C:\Program Files\MyFree Codec 2015-06-13 18:54 - 2015-06-13 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2015-06-13 18:53 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll 2015-06-13 18:53 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll 2015-06-13 18:52 - 2013-12-30 10:52 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll 2015-06-13 18:51 - 2015-06-13 18:56 - 00000000 ____D C:\Program Files\Samsung 2015-06-13 18:51 - 2015-06-13 18:55 - 00000000 ____D C:\ProgramData\Samsung 2015-06-13 18:46 - 2015-06-13 18:50 - 77663392 _____ (Samsung Electronics Co., Ltd.) C:\Users\Fam. Teu Heim-PC\Downloads\Kies4Setup(1).exe 2015-06-13 18:46 - 2015-06-13 18:47 - 77663392 _____ (Samsung Electronics Co., Ltd.) C:\Users\Fam. Teu Heim-PC\Downloads\Kies4Setup.exe 2015-06-09 23:09 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-09 23:09 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-09 23:09 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-09 23:09 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-09 23:09 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-09 23:09 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-09 23:09 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-09 23:09 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-09 23:09 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-09 23:09 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-09 23:09 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-09 23:09 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-09 23:09 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-09 23:09 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-09 23:09 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-09 23:09 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-09 23:09 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-09 23:09 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-09 23:09 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-09 23:09 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-09 23:09 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-09 23:09 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-09 23:09 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-09 23:09 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-09 23:09 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-09 23:09 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-09 23:09 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-09 23:09 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-09 23:09 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-09 23:09 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-09 23:09 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-09 23:09 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-09 23:09 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-09 23:09 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-09 23:09 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-09 23:09 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-09 23:09 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-09 23:09 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-09 23:09 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-09 23:09 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-09 23:09 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-09 23:09 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2015-06-09 23:09 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-06-09 23:08 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-06-09 23:08 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-09 23:08 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-09 23:08 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-09 23:08 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-09 23:08 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-09 23:08 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-09 23:08 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-09 23:08 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-09 23:08 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-09 23:08 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-09 23:08 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-09 23:08 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-09 23:08 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-09 23:08 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-09 23:08 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-09 23:08 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-09 23:08 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-09 23:08 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-09 23:08 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-09 23:08 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-06-09 23:08 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-06-09 23:08 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-06-09 23:07 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-09 23:07 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-09 23:07 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-09 23:07 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-09 23:07 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-09 23:07 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-09 23:07 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-09 23:07 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-09 23:07 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-09 23:07 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-09 23:07 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-09 23:07 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-06-09 23:07 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-06-09 23:07 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-06-09 23:07 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-06-09 23:07 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-06-09 23:07 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-06-09 23:07 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-06-09 23:07 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-06-09 23:02 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-09 22:39 - 2015-06-09 22:39 - 00000000 ____D C:\Users\Fam. Teu Heim-PC\AppData\Local\Avg ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-16 13:32 - 2015-02-11 12:53 - 00001164 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-825476160-397804973-4097189815-1000UA.job 2015-06-16 13:32 - 2015-02-11 12:39 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-16 13:27 - 2009-07-14 06:34 - 00017216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-16 13:27 - 2009-07-14 06:34 - 00017216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-16 13:25 - 2015-03-23 12:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-16 13:23 - 2015-02-15 00:43 - 00000000 ____D C:\Program Files\Sony Mobile 2015-06-16 13:20 - 2015-02-10 22:21 - 01822445 _____ C:\Windows\WindowsUpdate.log 2015-06-16 13:17 - 2015-02-11 15:11 - 00000000 ____D C:\ProgramData\MFAData 2015-06-16 13:11 - 2015-04-12 13:37 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini 2015-06-16 13:10 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-16 09:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2015-06-15 16:13 - 2009-07-14 10:56 - 00000000 ____D C:\Program Files\Windows Journal 2015-06-15 15:08 - 2015-03-07 17:25 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-15 15:07 - 2015-03-07 17:25 - 00001072 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-06-15 15:07 - 2015-03-07 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-06-15 15:07 - 2015-03-07 17:25 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2015-06-15 14:57 - 2015-02-10 23:16 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-15 14:50 - 2009-07-14 06:33 - 00344792 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-15 14:47 - 2015-02-11 14:18 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-15 14:47 - 2015-02-11 14:18 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-15 14:47 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE 2015-06-15 14:47 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers 2015-06-15 14:30 - 2015-04-11 17:01 - 00000000 ____D C:\Users\Fam. Teu Heim-PC\AppData\Local\CrashDumps 2015-06-15 14:18 - 2015-04-07 18:33 - 00000000 ___SD C:\Windows\system32\GWX 2015-06-13 20:39 - 2015-04-25 13:08 - 00000000 ____D C:\Program Files\Mozilla Firefox.bak 2015-06-13 19:37 - 2015-02-15 00:34 - 00000000 ____D C:\Windows\system32\MRT 2015-06-13 18:52 - 2015-02-11 00:42 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-06-13 18:50 - 2015-03-05 16:50 - 00000000 ____D C:\Users\Fam. Teu Heim-PC\AppData\Local\Downloaded Installations 2015-06-13 18:44 - 2015-04-07 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-06-13 18:43 - 2015-04-07 18:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-06-13 18:33 - 2015-02-11 12:52 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-825476160-397804973-4097189815-1000Core.job 2015-06-09 22:44 - 2015-02-11 15:18 - 00000963 _____ C:\Users\Public\Desktop\AVG 2015.lnk 2015-06-09 22:44 - 2015-02-11 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-06-09 22:27 - 2015-02-11 12:39 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-09 22:26 - 2015-03-23 12:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-06-09 22:26 - 2015-03-23 12:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-05-27 00:03 - 2015-02-15 00:34 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Files in the root of some directories ======= 2015-04-11 17:05 - 2015-04-11 17:05 - 0000268 ___RH () C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Caches 2015-04-11 17:04 - 2015-04-11 17:04 - 0000268 ___RH () C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Calibrators 2015-03-05 16:51 - 2015-04-11 17:04 - 0000268 ___RH () C:\Users\Fam. Teu Heim-PC\AppData\Roaming\CMMs 2015-02-10 23:35 - 2015-02-10 23:35 - 0000000 _____ () C:\Users\Fam. Teu Heim-PC\AppData\Roaming\gdfw.log 2015-02-10 23:35 - 2015-02-10 23:35 - 0000779 _____ () C:\Users\Fam. Teu Heim-PC\AppData\Roaming\gdscan.log 2015-04-01 13:50 - 2015-04-01 13:51 - 28579392 _____ (Sony Mobile Communications ) C:\Users\Fam. Teu Heim-PC\AppData\Local\pcc.exe 2015-03-09 11:57 - 2015-03-09 11:57 - 0000000 _____ () C:\ProgramData\BSD 2015-04-11 17:04 - 2015-04-11 17:04 - 0000268 ___RH () C:\ProgramData\Channel 2015-04-11 17:05 - 2015-04-11 17:05 - 0000268 ___RH () C:\ProgramData\Chiller 2015-04-11 17:04 - 2015-04-11 17:04 - 0000268 ___RH () C:\ProgramData\Chorus 2015-02-14 23:59 - 2015-02-15 00:16 - 0001321 _____ () C:\ProgramData\hpzinstall.log 2015-03-05 16:52 - 2015-04-11 17:05 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT 2015-03-05 16:51 - 2015-04-11 17:07 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT 2015-03-05 16:51 - 2015-04-11 17:09 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-14 22:59 ==================== End of log ============================ |
|
16.06.2015, 13:20
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Nur noch Pop Ups und Werbungen - Tipps für Chrome erbeten Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Außerdem fehlt die Addition.txt von FRST.  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
17.06.2015, 15:01
| #3 |
| | Nur noch Pop Ups und Werbungen - Tipps für Chrome erbeten Hallo cosinus, ja Malwarebytes hatte knappe 160 Funde. Aber da hab ich leider keine Logs im Moment. Die Addition.txt reiche ich nach. Kann im Moment nur noch per Tablet ins Forum, da Chrome sich nicht mehr öffnet.
__________________ |
|
17.06.2015, 15:08
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nur noch Pop Ups und Werbungen - Tipps für Chrome erbeten Du kannst temporär den IE nehmen Logs von MBAM mit Funden alle posten
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.06.2015, 16:08
| #5 |
| | Nur noch Pop Ups und Werbungen - Tipps für Chrome erbeten [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by Fam. Teu Heim-PC at 2015-06-16 13:59:39
Running from C:\Users\Fam. Teu Heim-PC\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-825476160-397804973-4097189815-500 - Administrator - Disabled)
Fam. Teu Heim-PC (S-1-5-21-825476160-397804973-4097189815-1000 - Administrator - Enabled) => C:\Users\Fam. Teu Heim-PC
Gast (S-1-5-21-825476160-397804973-4097189815-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-825476160-397804973-4097189815-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Internet Security 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
ABC der Tiere 1 (HKLM\...\ABC der Tiere 1 1.0) (Version: 1.0 - Mildenberger)
ABC der Tiere Spiele (HKLM\...\com.mildenberger.abdeti) (Version: 1.0 - UNKNOWN)
ABC der Tiere Spiele (Version: 1.0 - UNKNOWN) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 4 v.4.1.2 (HKLM\...\{91B33C97-7650-0EB0-B6C7-DDBA2932B7B4}_is1) (Version: 4.1.2 - Ashampoo GmbH & Co. KG)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)
AVG 2015 (Version: 15.0.4365 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.2.0.60 - Atheros Communications)
BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
C4700 (Version: 140.0.690.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Daminion 3.7.0.1186 (HKLM\...\{EFD0A11E-2F0B-40A9-A4BA-DD63C779E4D5}_is1) (Version: 3.7.0.1186 - Daminion Software)
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Fotogalerie (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{68550918-63B5-4762-85CB-3C160AA4B213}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Junk Mail filter update (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
LibreOffice 4.4.0.3 (HKLM\...\{8BEE1CDD-F95D-4759-952D-6B38DF99D1F0}) (Version: 4.4.0.3 - The Document Foundation)
Link Wiz 1.10.0.13 (HKLM\...\LinkWiz_1.10.0.13) (Version: 1.10.0.13 - Link Wiz)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Media Go (HKLM\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.103.06300 (HKLM\...\{CB7048B4-5D1F-E24E-41FC-2AB7AAFE6597}) (Version: 2.12.103.06300 - Sony)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-825476160-397804973-4097189815-1000\...\MyFreeCodec) (Version: - )
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility 2 (HKLM\...\{4946D03F-421F-480D-96C9-D6CF90640D33}) (Version: 2.0.2 - Nikon)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
PS_AIO_06_C4700_SW_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
RealDownloader (Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Shotcut (HKLM\...\Shotcut) (Version: - )
ShufflePlusVLOI (Version: 1.00.0000 - Your Company Name) Hidden
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.15.8.201506081556 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.259 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Trojan Remover 6.9.2.2938 (HKLM\...\Trojan Remover_is1) (Version: 6.9.2.2938 - Simply Super Software)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (Version: 1.0.0 - RealNetworks) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version: - VTech)
WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Window Color (HKLM\...\Window Color) (Version: - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WISO steuer:Start 2015 (HKLM\...\{8B31E72D-2869-4241-8D7B-40389151481B}) (Version: 22.00.8811 - Buhl Data Service GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-825476160-397804973-4097189815-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Fam. Teu Heim-PC\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\FileSyncApi.dll (Microsoft Corporation)
==================== Restore Points =========================
14-04-2015 19:19:10 DirectX wurde installiert
14-04-2015 19:20:43 WLSetup
17-04-2015 05:00:31 Windows Modules Installer
25-04-2015 12:46:22 Windows Update
27-04-2015 18:53:24 Windows Update
13-06-2015 18:32:55 Windows Update
15-06-2015 14:12:43 Windows Update
15-06-2015 16:12:31 Windows Update
16-06-2015 13:24:59 Installed Sony Mobile Drivers
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {062B3416-6B92-4C4C-99C6-A96CDDCD7500} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-825476160-397804973-4097189815-1000UA => C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-11] (Google Inc.)
Task: {119397C8-BE8D-4641-A72F-E484E5BD94AD} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-825476160-397804973-4097189815-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {175C77C3-322A-4903-861B-E255676A3745} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-825476160-397804973-4097189815-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {20B22DE4-91C3-4C9F-9F41-8D33328C09B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
Task: {640C09A6-279E-4668-9182-4FA8BFAB8B08} - System32\Tasks\Games\UpdateCheck_S-1-5-21-825476160-397804973-4097189815-1000
Task: {738F50D8-789A-4B5D-A64F-C0ECC4DF8258} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {902BC5E0-3480-4C55-BFB5-82E0AACAE930} - System32\Tasks\AVG_SYS_TASK_0615avt_DELETE => C:\ProgramData\Avg_Update_0615avt\AVG-Secure-Search-Update_0615avt.exe [2015-05-07] ()
Task: {94CD5A68-3BDE-4926-8017-78E9905A937F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-825476160-397804973-4097189815-1000Core => C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-11] (Google Inc.)
Task: {9D52EFAC-A910-4256-BCEF-920FA419DA1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-11] (Google Inc.)
Task: {9F93BF21-E492-4BB5-8BAD-D5759767B6B6} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {A1727B70-956E-4E50-96EE-67449C7AC953} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {A5FC9EF1-6A43-40A1-A2D5-0A4B330EB249} - System32\Tasks\0615avtUpdateInfo => C:\ProgramData\Avg_Update_0615avt\0615avt_AVG-Secure-Search-Update_0615avt.exe [2015-05-07] ()
Task: {A7AA2533-68A7-4D42-A985-3C0C32209252} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {A923D790-1204-4016-AFC3-D0938FB00CF3} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {B59CDE70-351E-4FAD-85D1-4822342D7B73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-11] (Google Inc.)
Task: {FAE8EC1E-096B-452F-B07E-E749B8C4F3C3} - System32\Tasks\AVG_SYS_TASK_0615avt_VALID => C:\ProgramData\Avg_Update_0615avt\AVG-Secure-Search-Update_0615avt.exe [2015-05-07] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG_SYS_TASK_0615avt_DELETE.job => C:\ProgramData\Avg_Update_0615avt\AVG-Secure-Search-Update_0615avt.exe
Task: C:\Windows\Tasks\AVG_SYS_TASK_0615avt_VALID.job => C:\ProgramData\Avg_Update_0615avt\AVG-Secure-Search-Update_0615avt.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-825476160-397804973-4097189815-1000Core.job => C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-825476160-397804973-4097189815-1000UA.job => C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-06-15 14:10 - 2015-05-07 13:47 - 02779584 _____ () C:\ProgramData\Avg_Update_0615avt\AVG-Secure-Search-Update_0615avt.exe
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-04-07 20:32 - 2015-04-07 20:32 - 00865880 _____ () C:\Program Files\Real\RealPlayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files\Real\UpdateService\RPDSUpdatePlugin.dll
2011-11-22 10:59 - 2011-11-22 10:59 - 00018432 _____ () C:\Users\Fam. Teu Heim-PC\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-10-29 19:07 - 2014-10-29 19:07 - 00065600 _____ () C:\Program Files\RealNetworks\RealDownloader\dtvhooks.dll
2014-10-13 03:49 - 2014-06-20 08:42 - 00401280 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2014-10-13 03:49 - 2014-03-04 13:20 - 00117760 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-10-13 03:49 - 2014-04-22 04:14 - 00065536 _____ () C:\Program Files\VTech\DownloadManager\System\QHttpServer.dll
2014-10-13 03:49 - 2014-05-06 07:39 - 00861184 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-10-13 03:49 - 2014-05-06 07:38 - 00021504 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-10-13 03:49 - 2014-05-06 07:38 - 00020992 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-10-13 03:49 - 2014-05-06 07:38 - 00204800 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-10-13 03:49 - 2014-05-06 12:44 - 00218112 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-10-13 03:49 - 2014-05-06 07:58 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-10-13 03:49 - 2014-05-06 12:44 - 00015360 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-10-13 03:49 - 2014-05-06 12:44 - 00307712 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-10-13 03:49 - 2014-05-06 12:44 - 00014848 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-10-13 03:49 - 2014-05-06 08:31 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-10-13 03:49 - 2014-05-06 07:38 - 00036352 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-10-13 03:49 - 2014-05-06 07:38 - 00038912 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2015-02-13 13:15 - 2015-02-13 13:15 - 03219456 _____ () C:\Users\Fam. Teu Heim-PC\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
2015-04-01 13:40 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
2015-04-01 13:40 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
2013-06-11 09:31 - 2013-06-11 09:31 - 00090112 _____ () C:\Program Files\Sony\Sony PC Companion\CalEngine.dll
2012-04-04 14:33 - 2012-04-04 14:33 - 00139776 _____ () C:\Program Files\Sony\Sony PC Companion\CAgdLNotes.dll
2013-01-08 17:02 - 2013-01-08 17:02 - 00163840 _____ () C:\Program Files\Sony\Sony PC Companion\CAgdOutlook.dll
2012-07-26 11:51 - 2012-07-26 11:51 - 00208896 _____ () C:\Program Files\Sony\Sony PC Companion\VistaCalendar.dll
2015-04-01 13:40 - 2010-01-11 16:44 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\VObject.dll
2011-01-05 15:01 - 2011-01-05 15:01 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\PimNotes.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll
2015-04-01 13:40 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files\Sony\Sony PC Companion\sqlite3.dll
2015-03-23 19:19 - 2015-03-23 19:19 - 02620416 _____ () C:\Program Files\Sony\Sony PC Companion\libxt.dll
2013-02-18 15:45 - 2013-02-18 15:45 - 00452096 _____ () C:\Program Files\Sony\Sony PC Companion\Calendar.dll
2015-04-10 11:26 - 2015-04-10 11:26 - 00669696 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
2015-01-21 04:06 - 2015-01-21 04:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-04-01 13:40 - 2014-06-23 09:07 - 00113376 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-06-09 23:11 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 23:11 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-09 23:11 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-825476160-397804973-4097189815-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5E89C0B3-86AD-4F93-A89D-4AF8CC8529B0}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7D1AF6AB-8C30-4FB2-A6BC-48CDDAB2EC11}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{88C481FE-F430-403A-AC64-E785B1A1BFB7}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{A00E62C5-499E-46BA-9552-D5051C44CEED}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{ED6D80C4-A57C-452A-8347-3AEEF95EE14E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{CB8D3F90-FA1F-41DB-9100-FAD3E80C9B20}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{869EE799-7F0D-4445-A151-C0C49F84CB1D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{17333DA3-CCEE-442C-8749-75CA9AF208DD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{8C9A07F4-7B23-4302-B0C8-A1BF63630702}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{4CAE17D1-DA38-4C50-B67F-00A0A358D24A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{7602DDB4-477F-40F8-822A-62365EF002AE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{7FC06A21-F10E-42CE-B5FF-D16A6DC84074}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{7EDF1EEA-0751-4946-BB2F-4CEB94D94ECF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{BC231393-498A-4006-908B-0ADC249157BC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D74AE861-69D3-40B9-90D5-7C321927C404}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{90B9430E-8A31-49F9-A31C-94ED421A16EF}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{5E8910AC-99DA-4A41-969A-033F14A65FD0}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{AA72A08B-F62F-4ADF-AECD-5A6F040E973C}] => (Allow) C:\Users\Fam. Teu Heim-PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{75A13C19-3E8A-4649-8EFC-23F2DF4299BA}] => (Allow) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{3FE75797-53D8-494D-B917-134E0D464CE5}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{AEECA129-8A78-48F5-8DC2-A823CD0775E2}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{BC7DA756-77EE-48D2-B6D7-F9DCE959D92B}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{2F48867E-23BD-4D5F-9EB7-C81B6479A069}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{FC2983B4-C5F0-48B2-A5BB-B40D7C40C3F0}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{92F4586F-0BEB-4F4A-9074-D243054BF328}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{3F559919-D43F-4761-AD17-8C28B601F1BA}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{46D93B8E-55EC-42E0-B51A-358984D5C272}] => (Allow) LPort=2869
FirewallRules: [{5DC6E940-98D0-47DC-B3C0-2B57F8A163B8}] => (Allow) LPort=1900
FirewallRules: [{562AEF9A-8ECE-4643-8689-B35ABB2FDD3B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{59022037-0F22-4ACC-B0F3-B900FD52A704}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{00F15EE0-67F2-46ED-9274-547E9EDD600B}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{2983BB10-33C6-4FD3-8067-B08DF207D800}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F63E57C5-471F-4DB8-99B3-DE729C4C2B08}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{E1A2966F-E4A0-4BF6-9767-965BD30C890A}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{39497094-AF14-442C-B79D-76A01D7BE647}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{9C975CB0-CFDC-4777-AFA8-B1AF9019D705}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{B76363C1-9D85-4A6A-9791-203E156332D9}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{6F6787CF-A6B1-4A00-96E5-19912FA06FE3}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
==================== Faulty Device Manager Devices =============
Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/16/2015 01:10:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/16/2015 01:10:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/16/2015 01:10:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/16/2015 09:59:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636303
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00098001
ID des fehlerhaften Prozesses: 0x6ec
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Error: (06/16/2015 09:34:13 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/16/2015 09:34:13 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/16/2015 09:34:13 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/15/2015 04:03:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/15/2015 04:03:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/15/2015 04:03:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
System errors:
=============
Error: (06/16/2015 01:17:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (06/16/2015 01:11:07 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (06/16/2015 01:11:04 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (06/16/2015 09:59:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/16/2015 09:34:20 AM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (06/16/2015 09:34:18 AM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (06/15/2015 04:04:08 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Error: (06/15/2015 02:50:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/15/2015 02:50:52 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (06/15/2015 02:50:31 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!
Microsoft Office:
=========================
Error: (06/16/2015 01:10:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (06/16/2015 01:10:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (06/16/2015 01:10:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
Error: (06/16/2015 09:59:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc100ntdll.dll6.1.7601.1886955636303c000000d000980016ec01d0a806d875da80C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll9225d54b-13fd-11e5-b38e-1c75081744a0
Error: (06/16/2015 09:34:13 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (06/16/2015 09:34:13 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (06/16/2015 09:34:13 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
Error: (06/15/2015 04:03:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (06/15/2015 04:03:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (06/15/2015 04:03:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 66%
Total physical RAM: 3001.98 MB
Available physical RAM: 1009.09 MB
Total Pagefile: 6002.27 MB
Available Pagefile: 3716.49 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.41 MB
==================== Drives ================================
Drive c: (Systemplatte) (Fixed) (Total:583.07 GB) (Free:429.97 GB) NTFS
Drive d: (Elias 2.4.2015) (CDROM) (Total:0.4 GB) (Free:0 GB) UDF
Drive f: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (PQSERVICE) (Fixed) (Total:13 GB) (Free:2.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 4F3E0DFF)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=583.1 GB) - (Type=07 NTFS)
==================== End of log ============================
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 15.06.2015 Suchlauf-Zeit: 15:08:40 Logdatei: mbam.txt Administrator: Ja Version: 2.01.4.1018 Malware Datenbank: v2015.06.15.03 Rootkit Datenbank: v2015.06.02.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Fam. Teu Heim-PC Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 314822 Verstrichene Zeit: 42 Min, 39 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 3 PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\mystartsearch uninstall, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\mystartsearchSoftware, In Quarantäne, [b8c12f14a6e444f2258b11a793708080], PUP.Optional.IStart.A, HKU\S-1-5-21-825476160-397804973-4097189815-1000\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [5128ff44642686b021fc347256ad0ef2], Registrierungswerte: 3 PUP.Optional.SearchEngine.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|searchengine@gmail.com, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\searchengine@gmail.com, In Quarantäne, [1168b093fb8f0a2c4b276fc8f60f54ac] PUP.Optional.IStart.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|istart_ffnt@gmail.com, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com, In Quarantäne, [90e9ad9690fa93a3de74a8fdcb38837d] PUP.Optional.IStart.A, HKU\S-1-5-21-825476160-397804973-4097189815-1000\SOFTWARE\MOZILLA\EXTENDS|appid, istart_ffnt@gmail.com, In Quarantäne, [5128ff44642686b021fc347256ad0ef2] Registrierungsdaten: 7 PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105&q={searchTerms}),Ersetzt,[d6a3ce75c7c3a1954cc4b91c39ccd828] PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hp&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105),Ersetzt,[9bde0a39d0bac076e32da3329f6612ee] PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105),Ersetzt,[b9c0d56eb7d3ef471ef2a332a75e11ef] PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105&q={searchTerms}),Ersetzt,[dc9d8cb78ffb2e084ac67d5823e2eb15] PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-825476160-397804973-4097189815-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105&q={searchTerms}),Ersetzt,[9ddcab9893f773c3f021c1146c99619f] PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-825476160-397804973-4097189815-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105&q={searchTerms}),Ersetzt,[d3a65ae9c3c77eb8b061795ce71e1ce4] PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-825476160-397804973-4097189815-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hp&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1428425148&from=cvs2&uid=WDCXWD6400BEVT-22A0RT0_WD-WX11A90F2105F2105),Ersetzt,[85f4bc87a1e9fa3ca36e706548bd10f0] Ordner: 41 PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\code, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.SearchEngine.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\searchengine@gmail.com, In Quarantäne, [a0d9043f5c2e5cda9708c2dfb251817f], PUP.Optional.SearchEngine.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\searchengine@gmail.com\chrome, In Quarantäne, [a0d9043f5c2e5cda9708c2dfb251817f], PUP.Optional.SearchEngine.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\searchengine@gmail.com\chrome\content, In Quarantäne, [a0d9043f5c2e5cda9708c2dfb251817f], PUP.Optional.SearchEngine.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\searchengine@gmail.com\chrome\skin, In Quarantäne, [a0d9043f5c2e5cda9708c2dfb251817f], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\include, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\en, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\en-US, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\es, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\es-419, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\it, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\pl, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\tr, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\vi, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\skin, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\defaults, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\defaults\preferences, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\updateinfo, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], Dateien: 102 PUP.Optional.BoostSaves.A, C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage, In Quarantäne, [b0c9c083ef9be94da6e31d9711f2b050], PUP.Optional.BoostSaves.A, C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal, In Quarantäne, [6d0c54efc1c97cba63269d17000322de], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\MessageBox.xml, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\310.json, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\uninstallDlg2.xml, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\UninstallManager.exe, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\bg.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\bg1.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\bk_shadow.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\button.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\button1.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\checkbox.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\checkbox_select.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\checked.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\close.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\loading_bg.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\loading_light.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\min.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\scrollbar.bmp, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\Thumbs.db, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\unchecked.png, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\code\code1.jpg, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\code\code2.jpg, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\code\code3.jpg, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\code\code4.jpg, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\code\code5.jpg, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\code\code6.jpg, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.MyStartSearch.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\mystartsearch\images\code\Thumbs.db, In Quarantäne, [8dec95ae42487db934e78c2af70c08f8], PUP.Optional.ReMarkable.A, C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, In Quarantäne, [30497dc61d6d77bffeaaac838f76d62a], PUP.Optional.ReMarkable.A, C:\Users\Fam. Teu Heim-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, In Quarantäne, [b9c046fd4842999d5c4c96997392f30d], PUP.Optional.SearchEngine.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\searchengine@gmail.com\chrome.manifest, In Quarantäne, [a0d9043f5c2e5cda9708c2dfb251817f], PUP.Optional.SearchEngine.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\searchengine@gmail.com\install.rdf, In Quarantäne, [a0d9043f5c2e5cda9708c2dfb251817f], PUP.Optional.SearchEngine.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\searchengine@gmail.com\chrome\content\toolbar.js, In Quarantäne, [a0d9043f5c2e5cda9708c2dfb251817f], PUP.Optional.SearchEngine.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\searchengine@gmail.com\chrome\content\toolbar.xul, In Quarantäne, [a0d9043f5c2e5cda9708c2dfb251817f], PUP.Optional.SearchEngine.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\searchengine@gmail.com\chrome\skin\icon.png, In Quarantäne, [a0d9043f5c2e5cda9708c2dfb251817f], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome.manifest, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\install.rdf, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\index.html, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\js.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\mostgrid.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\skin\icon.png, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\skin\loading.gif, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\skin\logo.png, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\skin\newtab.ico, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\skin\simple.css, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\chrome\skin\style.css, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules\addonmanager.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules\aes.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules\config.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules\dialogs.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules\last_tab.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules\misc.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules\properties.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules\remoterequest.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules\restoreprefs.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\modules\settings.js, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\updateinfo\faststart.update.rdf, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\updateinfo\ff.update.rdf, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\updateinfo\istart.update.rdf, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\updateinfo\istart_ffnt#5.3.6.xpi, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\updateinfo\istart_ffnt.xpi, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], PUP.Optional.IStart.A, C:\Users\Fam. Teu Heim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fnzualy4.default\extensions\istart_ffnt@gmail.com\updateinfo\lightning.update.rdf, In Quarantäne, [0f6a72d191f958dee43bbce7847fbe42], Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) |
|
17.06.2015, 19:43
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nur noch Pop Ups und Werbungen - Tipps für Chrome erbeten Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Nur noch Pop Ups und Werbungen - Tipps für Chrome erbeten |
|
| Themen zu Nur noch Pop Ups und Werbungen - Tipps für Chrome erbeten |
| adobe, avg, browser, calculator, converter, defender, desktop, explorer, flash player, google, helper, home, homepage, iexplore.exe, installation, mozilla, newtab, pop ups, realtek, registry, software, super, svchost.exe, system, ups, usb, windows, winlogon.exe |
Linear-Darstellung
