Ununterbrochen Werbung im Browser, öffnet neue Werbeseiten+Downloads, Alarmbotschaften vom Virusblocker

Johanna LK. · 26.05.2014, 12:00

Liebe Trojaner-Boerder,

ich habe seit ca. 4 - 5 Wochen ununterbrochen Werbung in meinem Browser,
neue Seiten mit Spielwerbung oder Downloads öffnen sich, etliche Wörter sind markiert
und fährt die Maus darüber, öffnet sich sogleich ein neuer Download. Bei Ebaykleinanzeigen,
auch hier bzw. auf jeder Internetseite ist enorm viel Werbung, oft genau passend zu dem, was ich recherchiere. Gucke ich z.B nach Fahrrädern, kommt oben, unten, und von rechts nach links
eingefahrene Werbeangebote fuer Fahrräder. Hier im Forum habe ich jetzt links als Werbung
z.B stehen: "Virus Trojaner entfernen", "Katzenurin entfernen" (habe ich noch nie gegooglet,
habe keine Katzen! :/) , "Grafity entfernen" etc.

Ich benutze avast! und die ganze Zeit, teilweise im Takt von 5 Sekunden sagt mir die automatische Stimme: "Eine Bedrohung wurde gefunden" - und glücklicherweise blockiert.
Ich bekomme langsam richtig große Angst um meinen Laptop, bin total hilflos

und wäre sehr, sehr dankbar wenn mir hier ein netter User weiterhelfen könnte!

Liebe Grüße, Johanna

cosinus · 26.05.2014, 12:02

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Johanna LK. · 26.05.2014, 12:08

Hallo

Nein, ich glaube ich habe keine Logs mit "Funden", ich weiss ehrlich gesagt garnicht was das ist :/

Okay, also lade ich mir jetzt Scan mit Farbar's Recovery Scan Tool (FRST) herunter, das ist richtig, oder?

LG und danke

cosinus · 26.05.2014, 12:11

Zitat:

Nein, ich glaube ich habe keine Logs mit "Funden", ich weiss ehrlich gesagt garnicht was das ist :/

Was meinst du wohl warum extra ein Artikel verlinkt war....

Johanna LK. · 26.05.2014, 12:40

Hab ich mir angeschaut!!

Nur nicht 100% nachvollziehen können - sind mit Logs außer avast! weitere Virenblocker gemeint?

Hier ist der erste Code, FRST EDITOR

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Johanna (administrator) on JOHANNA-PC on 26-05-2014 13:30:42
Running from C:\Users\Johanna\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(SAMSUNG ELECTRONICS CO., Ltd.) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Fortunitas\updateFortunitas.exe
() C:\Program Files (x86)\Fortunitas\bin\utilFortunitas.exe
() C:\Program Files (x86)\Fortunitas\bin\Fortunitas.PurBrowse64.exe
() C:\Program Files (x86)\Fortunitas\bin\Fortunitas.BrowserAdapter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-12] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10372368 2011-03-30] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2721576 2011-06-17] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3873704 2014-05-04] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-578327087-4110603385-1361986703-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4240760 2010-11-09] (Microsoft Corporation)
HKU\S-1-5-21-578327087-4110603385-1361986703-1001\...\Run: [GoogleChromeAutoLaunch_E3F62F61E4998D36D80DBCD5AF27EFE9] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.)
HKU\S-1-5-21-578327087-4110603385-1361986703-1001\...\Run: [BackgroundContainer] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Johanna\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-578327087-4110603385-1361986703-1001\...\RunOnce: [Application Restart #2] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.)
HKU\S-1-5-21-578327087-4110603385-1361986703-1001\...\MountPoints2: {446a0322-cd84-11e1-8374-e8039a17d6d1} - F:\AutoRun.exe
HKU\S-1-5-21-578327087-4110603385-1361986703-1001\...\MountPoints2: {446a0333-cd84-11e1-8374-e8039a17d6d1} - F:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [96768 2014-03-05] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [85504 2014-03-05] (Skytech Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.golsearch.com/?affID=119816&babsrc=HP_ss_Btisdt6&mntrId=769ADCA9719AD7B6
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826&q={searchTerms}
URLSearchHook: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://hxxp://www.golsearch.com//?q={searchTerms}&affID=119816&babsrc=SP_ss_Btisdt6&mntrId=769ADCA9719AD7B6
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826&q={searchTerms}
SearchScopes: HKCU - {81E9455F-9EAD-4E21-B29F-CB2563F858CF} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050&SSPV=IEAUTOBR
SearchScopes: HKCU - {9422E909-BE0E-4377-B98F-C34B394F5CE4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=BEC75405-57D2-42D7-B771-EB524C13BCD7&apn_sauid=783AAAC3-71B5-4F75-A882-D5A2B9726FB1
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
BHO-x32: Fortunitas - {c6f3fc7b-d607-44ec-9caf-2a41d547137f} - C:\Program Files (x86)\Fortunitas\Fortunitasbho.dll (Fortunitas)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default
FF NewTab: hxxp://istart.webssearches.com/newtab/?type=nt&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826
FF DefaultSearchEngine: webssearches
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://istart.webssearches.com/?type=hp&ts=1396040601&from=tugs&uid=SAMSUNGXHN-M500MBB_S2R7J9DBA04826
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=2&CUI=UN26997002939356133&UM=1&sspv=TB_SA&q=
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\user.js
FF SearchPlugin: C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Delta Toolbar - C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\Extensions\ffxtlbr@delta.com [2013-04-30]
FF Extension: Quick Start - C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\Extensions\quick_start@gmail.com [2014-04-26]
FF Extension: Ask Toolbar - C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\Extensions\toolbar@ask.com [2012-11-11]
FF Extension: Yahoo! Toolbar - C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-09-26]
FF Extension: DownloadHelper - C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-09-26]
FF Extension: Fortunitas - C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\Extensions\{b8a90375-3b37-4954-86de-f96c458c4ce2}.xpi [2014-03-28]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012-04-23]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\i8d9acpl.default\extensions\quick_start@gmail.com [2014-04-26]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-23]

Chrome: 
=======
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Delta Toolbar) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-04-30]
CHR Extension: (Google Wallet) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-22]
CHR Extension: (Quick start) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-03-28]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-03-28]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Johanna\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-04-25]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Johanna\AppData\Roaming\BabSolution\CR\delta2.crx [2013-04-30]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [344928 2011-01-28] ()
S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [515584 2014-03-17] (Cherished Technololgy LIMITED)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2012-07-19] ()
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()
R2 Update Fortunitas; C:\Program Files (x86)\Fortunitas\updateFortunitas.exe [317728 2014-05-24] ()
R2 Util Fortunitas; C:\Program Files (x86)\Fortunitas\bin\utilFortunitas.exe [317728 2014-05-24] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-03-28] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-04] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2012-07-19] (Bytemobile, Inc.)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2012-07-19] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2012-07-19] (Huawei Technologies Co., Ltd.)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-12-06] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-03] (Anchorfree Inc.)
R1 tcpipBM; C:\windows\system32\drivers\tcpipBM.sys [39552 2012-07-19] (Bytemobile, Inc.)
R1 {b8a90375-3b37-4954-86de-f96c458c4ce2}Gw64; C:\Windows\System32\drivers\{b8a90375-3b37-4954-86de-f96c458c4ce2}Gw64.sys [61120 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-26 13:30 - 2014-05-26 13:31 - 00029419 _____ () C:\Users\Johanna\Downloads\FRST.txt
2014-05-26 13:30 - 2014-05-26 13:30 - 00000000 ____D () C:\FRST
2014-05-26 13:29 - 2014-05-26 13:29 - 02066944 _____ (Farbar) C:\Users\Johanna\Downloads\FRST64.exe
2014-05-26 13:27 - 2014-05-26 13:28 - 01056256 _____ (Farbar) C:\Users\Johanna\Downloads\FRST.exe
2014-05-20 08:47 - 2014-05-26 11:32 - 00000000 ____D () C:\Users\Johanna\AppData\Local\{0C5F4972-3162-4C41-ADF9-17582A981786}
2014-05-20 08:15 - 2014-05-20 08:15 - 00003382 _____ () C:\windows\System32\Tasks\BackgroundContainer Startup Task
2014-05-20 08:08 - 2014-05-20 08:08 - 00000000 _____ () C:\windows\SysWOW64\sho6AD1.tmp
2014-05-20 07:49 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-20 07:49 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-20 07:49 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-20 07:49 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-20 07:49 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-20 07:49 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-19 17:07 - 2014-05-19 17:07 - 00418424 _____ () C:\Users\Johanna\Downloads\Nicht bestätigt 244726.crdownload
2014-05-19 09:13 - 2014-05-19 09:13 - 00490480 _____ () C:\Users\Johanna\Downloads\Nicht bestätigt 550118.crdownload
2014-05-19 09:11 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-19 09:11 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-19 09:11 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-19 09:11 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-19 09:11 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-19 09:11 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-19 09:11 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-19 09:11 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-05-19 09:11 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-19 09:11 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-19 09:11 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-19 09:11 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-19 09:11 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-19 09:11 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-19 09:11 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-19 09:11 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-19 09:11 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-19 09:11 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-19 09:11 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-19 09:11 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-19 09:11 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-19 09:11 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-19 09:11 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-19 09:11 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-19 09:11 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-19 09:11 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-05-19 09:11 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-05-19 09:11 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-05-19 09:11 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-19 09:11 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-19 09:10 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-19 09:10 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-19 09:10 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-19 09:10 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-13 20:50 - 2014-05-13 20:51 - 00983168 _____ () C:\Users\Johanna\Downloads\Nicht bestätigt 540627.crdownload
2014-05-12 17:39 - 2014-05-12 17:40 - 00991360 _____ () C:\Users\Johanna\Downloads\setup (8).exe
2014-05-11 22:43 - 2014-05-11 22:44 - 00991360 _____ () C:\Users\Johanna\Downloads\setup (7).exe
2014-05-11 22:35 - 2014-05-11 22:36 - 00994160 _____ () C:\Users\Johanna\Downloads\setup (6).exe
2014-05-09 09:20 - 2014-05-09 09:21 - 00313488 _____ () C:\Users\Johanna\Downloads\Nicht bestätigt 359665.crdownload
2014-05-09 09:13 - 2014-05-09 09:14 - 00991376 _____ () C:\Users\Johanna\Downloads\setup (5).exe
2014-05-09 09:12 - 2014-05-09 09:13 - 00991376 _____ () C:\Users\Johanna\Downloads\setup (4).exe
2014-05-08 08:48 - 2014-05-19 20:47 - 00000000 ____D () C:\Users\Johanna\AppData\Local\{FDE61C09-14F3-4B76-9393-D0E451722313}
2014-05-07 09:00 - 2014-05-07 09:00 - 00991848 _____ () C:\Users\Johanna\Downloads\setup (3).exe
2014-05-06 09:00 - 2014-05-06 09:02 - 00820720 _____ () C:\Users\Johanna\Downloads\Setup (2).exe
2014-05-05 20:25 - 2014-05-07 07:59 - 00000000 ____D () C:\Users\Johanna\AppData\Local\{B520388A-D030-4F93-8147-06CA3DECD2C5}
2014-05-05 09:21 - 2014-05-05 09:21 - 00000000 ____D () C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-05 09:21 - 2014-05-05 09:21 - 00000000 ____D () C:\Users\Johanna\AppData\Roaming\DropboxMaster
2014-05-05 09:18 - 2014-05-05 09:21 - 00000000 ____D () C:\Users\Johanna\AppData\Roaming\Dropbox
2014-05-04 20:29 - 2014-05-19 20:29 - 00085328 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-05-04 20:29 - 2014-05-04 20:09 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-05-04 20:09 - 2014-05-04 20:09 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-05-04 20:01 - 2014-05-21 07:50 - 00004184 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-05-04 20:01 - 2014-05-04 20:09 - 00208416 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-05-04 20:00 - 2014-05-04 20:09 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-05-04 17:18 - 2014-05-20 08:08 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-04-27 13:04 - 2014-05-05 08:24 - 00000000 ____D () C:\Users\Johanna\AppData\Local\{F99CC10A-C8D5-404D-8052-E1D96A685ACC}
2014-04-26 12:55 - 2014-04-26 12:55 - 00000000 _____ () C:\windows\SysWOW64\shoAFEC.tmp

==================== One Month Modified Files and Folders =======

2014-05-26 13:31 - 2014-05-26 13:30 - 00029419 _____ () C:\Users\Johanna\Downloads\FRST.txt
2014-05-26 13:30 - 2014-05-26 13:30 - 00000000 ____D () C:\FRST
2014-05-26 13:29 - 2014-05-26 13:29 - 02066944 _____ (Farbar) C:\Users\Johanna\Downloads\FRST64.exe
2014-05-26 13:28 - 2014-05-26 13:27 - 01056256 _____ (Farbar) C:\Users\Johanna\Downloads\FRST.exe
2014-05-26 13:16 - 2012-04-23 19:20 - 00001112 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-26 11:47 - 2009-07-14 06:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-26 11:47 - 2009-07-14 06:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-26 11:43 - 2011-10-11 18:59 - 01542189 _____ () C:\windows\WindowsUpdate.log
2014-05-26 11:32 - 2014-05-20 08:47 - 00000000 ____D () C:\Users\Johanna\AppData\Local\{0C5F4972-3162-4C41-ADF9-17582A981786}
2014-05-24 16:16 - 2009-07-14 04:34 - 00000540 _____ () C:\windows\win.ini
2014-05-23 14:16 - 2012-04-23 19:20 - 00001108 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-23 13:30 - 2012-04-23 19:21 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-23 07:32 - 2009-07-14 06:51 - 00093877 _____ () C:\windows\setupact.log
2014-05-21 07:50 - 2014-05-04 20:01 - 00004184 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-05-20 10:05 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-05-20 08:15 - 2014-05-20 08:15 - 00003382 _____ () C:\windows\System32\Tasks\BackgroundContainer Startup Task
2014-05-20 08:14 - 2012-06-01 09:41 - 00000000 ____D () C:\Users\Johanna\Tracing
2014-05-20 08:14 - 2012-02-11 19:17 - 00000000 ___RD () C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 08:14 - 2012-02-11 19:17 - 00000000 ___RD () C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 08:10 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-20 08:08 - 2014-05-20 08:08 - 00000000 _____ () C:\windows\SysWOW64\sho6AD1.tmp
2014-05-20 08:08 - 2014-05-04 17:18 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-19 20:47 - 2014-05-08 08:48 - 00000000 ____D () C:\Users\Johanna\AppData\Local\{FDE61C09-14F3-4B76-9393-D0E451722313}
2014-05-19 20:29 - 2014-05-04 20:29 - 00085328 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-05-19 20:29 - 2012-04-23 19:32 - 01039096 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-05-19 20:29 - 2012-04-23 19:20 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-05-19 17:07 - 2014-05-19 17:07 - 00418424 _____ () C:\Users\Johanna\Downloads\Nicht bestätigt 244726.crdownload
2014-05-19 09:13 - 2014-05-19 09:13 - 00490480 _____ () C:\Users\Johanna\Downloads\Nicht bestätigt 550118.crdownload
2014-05-13 20:51 - 2014-05-13 20:50 - 00983168 _____ () C:\Users\Johanna\Downloads\Nicht bestätigt 540627.crdownload
2014-05-12 17:40 - 2014-05-12 17:39 - 00991360 _____ () C:\Users\Johanna\Downloads\setup (8).exe
2014-05-11 22:44 - 2014-05-11 22:43 - 00991360 _____ () C:\Users\Johanna\Downloads\setup (7).exe
2014-05-11 22:36 - 2014-05-11 22:35 - 00994160 _____ () C:\Users\Johanna\Downloads\setup (6).exe
2014-05-09 14:11 - 2012-04-23 19:20 - 00004108 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 14:11 - 2012-04-23 19:20 - 00003856 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 09:21 - 2014-05-09 09:20 - 00313488 _____ () C:\Users\Johanna\Downloads\Nicht bestätigt 359665.crdownload
2014-05-09 09:14 - 2014-05-09 09:13 - 00991376 _____ () C:\Users\Johanna\Downloads\setup (5).exe
2014-05-09 09:13 - 2014-05-09 09:12 - 00991376 _____ () C:\Users\Johanna\Downloads\setup (4).exe
2014-05-09 08:14 - 2014-05-19 09:10 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-19 09:10 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-07 09:38 - 2014-03-28 23:04 - 00000000 ____D () C:\Program Files (x86)\Fortunitas
2014-05-07 09:00 - 2014-05-07 09:00 - 00991848 _____ () C:\Users\Johanna\Downloads\setup (3).exe
2014-05-07 07:59 - 2014-05-05 20:25 - 00000000 ____D () C:\Users\Johanna\AppData\Local\{B520388A-D030-4F93-8147-06CA3DECD2C5}
2014-05-06 09:02 - 2014-05-06 09:00 - 00820720 _____ () C:\Users\Johanna\Downloads\Setup (2).exe
2014-05-06 06:40 - 2014-05-20 07:49 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-20 07:49 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-20 07:49 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-20 07:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-20 07:49 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-20 07:49 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-05 09:21 - 2014-05-05 09:21 - 00000000 ____D () C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-05 09:21 - 2014-05-05 09:21 - 00000000 ____D () C:\Users\Johanna\AppData\Roaming\DropboxMaster
2014-05-05 09:21 - 2014-05-05 09:18 - 00000000 ____D () C:\Users\Johanna\AppData\Roaming\Dropbox
2014-05-05 08:45 - 2013-02-07 22:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-05 08:45 - 2010-11-21 05:47 - 00676330 _____ () C:\windows\PFRO.log
2014-05-05 08:24 - 2014-04-27 13:04 - 00000000 ____D () C:\Users\Johanna\AppData\Local\{F99CC10A-C8D5-404D-8052-E1D96A685ACC}
2014-05-04 20:29 - 2012-04-23 19:20 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-04 20:09 - 2014-05-04 20:29 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-05-04 20:09 - 2014-05-04 20:09 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-05-04 20:09 - 2014-05-04 20:01 - 00208416 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-05-04 20:09 - 2014-05-04 20:00 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-05-04 20:09 - 2012-04-23 19:33 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-05-04 20:09 - 2012-04-23 19:32 - 01039096 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.1400524171405
2014-05-04 20:09 - 2012-04-23 19:32 - 00334648 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-05-04 20:09 - 2012-04-23 19:20 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys.1400524171405
2014-05-04 20:09 - 2012-04-23 19:20 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-05-04 20:00 - 2012-04-23 19:20 - 00000000 _____ () C:\windows\SysWOW64\config.nt
2014-04-26 15:02 - 2014-02-15 18:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-26 13:03 - 2011-10-11 03:44 - 00700134 _____ () C:\windows\system32\perfh007.dat
2014-04-26 13:03 - 2011-10-11 03:44 - 00149984 _____ () C:\windows\system32\perfc007.dat
2014-04-26 13:03 - 2009-07-14 07:13 - 01622236 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-26 12:55 - 2014-04-26 12:55 - 00000000 _____ () C:\windows\SysWOW64\shoAFEC.tmp
2014-04-26 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-26 12:35 - 2014-04-18 22:49 - 00000000 ____D () C:\Users\Johanna\AppData\Local\{C4177328-A60D-434A-A047-E8428189EBDF}

Some content of TEMP:
====================
C:\Users\Johanna\AppData\Local\Temp\APNStub.exe
C:\Users\Johanna\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Johanna\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Johanna\AppData\Local\Temp\DeltaTB.exe
C:\Users\Johanna\AppData\Local\Temp\dp.exe
C:\Users\Johanna\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzeirnn.dll
C:\Users\Johanna\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe
C:\Users\Johanna\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Johanna\AppData\Local\Temp\HssInstaller64.exe
C:\Users\Johanna\AppData\Local\Temp\IminentSetup.exe
C:\Users\Johanna\AppData\Local\Temp\pricepeep_130001_0101.exe
C:\Users\Johanna\AppData\Local\Temp\setup.exe
C:\Users\Johanna\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Johanna\AppData\Local\Temp\tbHots.dll
C:\Users\Johanna\AppData\Local\Temp\TB_AA59.exe
C:\Users\Johanna\AppData\Local\Temp\vlc-2.0.2-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-20 09:56

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Und hier ist der Addition Editor:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Johanna at 2014-05-26 13:32:10
Running from C:\Users\Johanna\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{48DB5914-8772-472D-B8DF-E2092BE598F6}) (Version: 10.3.181.34 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.36191 - Ask.com) <==== ATTENTION
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BitGuard (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - MediaTechSoft Inc.) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
C4500 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media Suite (x32 Version: 8.0.2227 - CyberLink Corp.) Hidden
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink Media+ Player10 (x32 Version: 10.0.1110.00 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1130a - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.3306 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.4417 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Delta) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.16.16 - Delta) <==== ATTENTION
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
DVDVideoSoftTB Toolbar (HKLM-x32\...\DVDVideoSoftTB Toolbar) (Version: 6.12.0.516 - DVDVideoSoftTB)
Easy File Share (HKLM-x32\...\{95BB7324-77D3-4BF3-8CF6-29F0857AC175}) (Version: 1.1.1699 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics Co., Ltd.)
Easy Software Manager (HKLM-x32\...\{DE256D8B-D971-456D-BC02-CB64DA24F115}) (Version: 1.1.44.25 - Samsung Electronics Co., Ltd.)
Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.36 - Samsung)
ETDWare PS/2-X64 10.0.7.2_WHQL (HKLM\...\Elantech) (Version: 10.0.7.2 - ELAN Microelectronic Corp.)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fortunitas (HKLM\...\Fortunitas) (Version: 2014.03.27.233502 - Fortunitas) <==== ATTENTION
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free MP4 Video Converter version 5.0.24.426 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.24.426 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.2.426 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.426 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
grafstat4 (HKLM-x32\...\{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1) (Version: 4.252 - DrSoft)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4 (HKLM\...\{AA6F009F-0CCD-4DD6-A462-28419C101D54}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.00.748 - Huawei Technologies Co.,Ltd)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA Display Control Panel (Version: 6.14.12.6883 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 268.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.42.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.23 (Version: 1.0.23 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.23 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PS_AIO_04_C4500_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.5 - Samsung)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wildlife Park 2 (HKLM-x32\...\{A1C659AF-C761-47A8-BAFD-5FD2BE1ED419}) (Version: 1.01 - Deep Silver)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Foto-galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Pošta (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 메일 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WPM17.8.0.3442 (HKLM-x32\...\WPM) (Version: 17.8.0.3442 - Cherished Technololgy LIMITED) <==== ATTENTION
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

25-04-2014 06:49:19 Windows Update
02-05-2014 16:44:40 Windows Update
04-05-2014 15:16:43 Windows Update
04-05-2014 18:01:59 avast! antivirus system restore point
05-05-2014 06:24:43 Windows Update
09-05-2014 06:39:16 Windows Update
13-05-2014 06:42:06 Windows Update
19-05-2014 07:05:05 Windows Update
20-05-2014 05:44:48 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {06A5BCB0-6E61-4AA5-948A-F58BB9B925DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {0CBCC47A-D47B-47C7-8919-72C8A09C9DE9} - System32\Tasks\Easy Software Manager Agent => C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2012-03-16] (SAMSUNG ELECTRONICS CO., Ltd.)
Task: {120BCC3C-0E70-4F4B-97B3-730C36063045} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {138511B7-E44F-4289-8F23-C146C7FF6A9F} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2011-08-19] (Samsung Electronics Co., Ltd.)
Task: {2C709E0E-EEC2-432B-8D4C-DD94A9685427} - System32\Tasks\EPUpdater => C:\Users\Johanna\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
Task: {2DFCD5D1-5B79-4CB3-B559-6D97C2EC1D40} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-08-19] (SAMSUNG Electronics co., LTD.)
Task: {2F0F17EF-DC4A-496F-9148-ED16F5F7EBA3} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-25] () <==== ATTENTION
Task: {3346EB51-5C8B-4C2E-92BD-FCF89620D6E7} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2011-09-06] (Samsung Electronics Co., Ltd.)
Task: {3779A771-A423-4945-AA5A-C479009DA724} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Johanna\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {769BD9CA-58B1-40D4-BBFF-6DAE9250AC48} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-06-24] (SEC)
Task: {9414A20D-EC2C-4D3B-9FAF-A4463CFB16FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {94883EA7-9898-48FC-941A-AFA7C7DB0945} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {A4CF5630-2D45-4D87-AC3D-98420472C3CA} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [2011-07-30] (SAMSUNG Electronics)
Task: {B0AB2D5F-5374-4E2C-8BD0-B981E8F1F8D8} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2011-08-22] (Samsung Electronics Co., Ltd.)
Task: {B248FDF7-38BA-4624-BEE5-44937A0DAEF3} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-05-04] (AVAST Software)
Task: {D60AF5EA-B7F4-4AA9-9886-E1C36FD71042} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2011-09-06] (Samsung Electronics Co., Ltd.)
Task: {D68BA58B-8B6C-406C-ABE7-9AFDD5B1DFE7} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2011-09-28] (Samsung Electronics)
Task: {FD66C730-A76E-498B-8CB3-8A0714CEAA8A} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-01-28 06:03 - 2011-01-28 06:03 - 00344928 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-07-19 10:46 - 2012-07-19 10:45 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2011-10-11 04:22 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-07-21 07:51 - 2010-12-16 11:37 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2014-03-28 01:35 - 2014-05-24 15:43 - 00317728 _____ () C:\Program Files (x86)\Fortunitas\updateFortunitas.exe
2014-03-29 13:16 - 2014-05-24 15:46 - 00317728 _____ () C:\Program Files (x86)\Fortunitas\bin\utilFortunitas.exe
2014-04-25 08:49 - 2014-05-22 18:15 - 00287008 _____ () C:\Program Files (x86)\Fortunitas\bin\Fortunitas.PurBrowse64.exe
2014-04-16 21:13 - 2014-05-24 01:58 - 00096544 _____ () C:\Program Files (x86)\Fortunitas\bin\Fortunitas.BrowserAdapter.exe
2014-05-20 12:10 - 2014-05-20 12:10 - 02253312 _____ () C:\Program Files\Alwil Software\Avast5\defs\14052000\algo.dll
2014-05-26 11:32 - 2014-05-26 11:32 - 02255872 _____ () C:\Program Files\Alwil Software\Avast5\defs\14052601\algo.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-19 10:46 - 2012-07-19 10:45 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2012-07-19 10:46 - 2012-07-19 10:45 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2012-07-19 10:46 - 2012-07-19 10:45 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2012-07-19 10:46 - 2012-07-19 10:45 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2011-10-11 03:12 - 2011-02-16 18:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2014-05-04 20:09 - 2014-05-04 20:09 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2011-10-11 03:12 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2011-10-11 03:23 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-05-19 08:53 - 2014-05-08 01:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
2014-05-19 08:53 - 2014-05-08 01:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
2014-05-19 08:53 - 2014-05-08 01:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll
2014-05-19 08:53 - 2014-05-08 01:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll
2014-05-19 08:53 - 2014-05-08 01:29 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll
2014-05-19 08:53 - 2014-05-08 01:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
2014-05-19 08:53 - 2014-05-08 01:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Photosmart C4500 series
Description: Photosmart C4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Photosmart C4500 series
Description: Photosmart C4500 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/24/2014 04:38:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8080

Error: (05/24/2014 04:38:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8080

Error: (05/24/2014 04:38:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/24/2014 04:38:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7066

Error: (05/24/2014 04:38:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7066

Error: (05/24/2014 04:38:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/24/2014 04:38:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6068

Error: (05/24/2014 04:38:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6068

Error: (05/24/2014 04:38:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/24/2014 04:38:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5070


System errors:
=============
Error: (05/24/2014 03:23:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (05/20/2014 05:37:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (05/20/2014 08:10:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IePlugin Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/20/2014 08:10:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/20/2014 08:10:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (05/07/2014 09:40:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IePlugin Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/07/2014 09:39:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/07/2014 09:39:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (05/07/2014 09:38:51 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎05.‎2014 um 09:16:16 unerwartet heruntergefahren.

Error: (05/07/2014 08:00:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Fortunitas" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (05/24/2014 04:38:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8080

Error: (05/24/2014 04:38:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8080

Error: (05/24/2014 04:38:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/24/2014 04:38:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7066

Error: (05/24/2014 04:38:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7066

Error: (05/24/2014 04:38:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/24/2014 04:38:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6068

Error: (05/24/2014 04:38:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6068

Error: (05/24/2014 04:38:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/24/2014 04:38:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5070


==================== Memory info =========================== 

Percentage of memory in use: 79%
Total physical RAM: 4009.55 MB
Available physical RAM: 816.41 MB
Total Pagefile: 8017.27 MB
Available Pagefile: 2016.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:177 GB) (Free:112.53 GB) NTFS
Drive d: () (Fixed) (Total:265.59 GB) (Free:265.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: A90831CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=177 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=266 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23 GB) - (Type=27)

==================== End Of Log ============================

Danke für deine Hilfe!

cosinus · 26.05.2014, 12:59

Zitat:

Nur nicht 100% nachvollziehen können

Und warum erwähnst du nicht was...ist doch alles bebildert dam was ist denn da so unverständlich?

Johanna LK. · 26.05.2014, 13:54

Tut mir leid. Ich bin ziemlich unsicher..
Was muss ich denn nun als Nächstes tun?

Liebe Grüße

cosinus · 26.05.2014, 14:00

Ich will immer noch alle Logs mit Funden sehen

Johanna LK. · 26.05.2014, 14:41

sorry, aber ich weiß nicht was du meinst. Wo kann ich diese Logs finden und dir zeigen?
Ich habe mir den Link wirklich angesehen und danke dir für deine Zeit, mir zu helfen!

cosinus · 26.05.2014, 14:48

Da sind doch bebilderte Anleitungen

Bevor du weiterhin auf der Stelle trittst sagst du vllt erstmal ob du überhaupt schon mt diversen Virenscanner fündig geworden bist

Johanna LK. · 26.05.2014, 20:47

Hey,

alsp ich habe ja avast! (nicht die virenscanner aus den Beispielbildern) und avast! sagt
die ganze Zeit "eine Bedrohung wurde gefunden" und beim "browser cleanup" steht, dass
regelmäßig automatische Überprüfungen durchgeführt werden.

Ist das die richtige Info?

Oh, und ich sehe gerade, dass avast! am 4.5 eine schnelle überprüfung gemacht und dabei einen virus gefunden hat

cosinus · 26.05.2014, 21:58

Logs von Avast posten, zu finden unter C:\ProgramData\AVAST Software\Avast\log

Johanna LK. · 27.05.2014, 08:38

Guten Morgen!

Also zum Einen erinnere ich mich, dass avast einmal (denke am 4.5) den virus reperieren wollte, aber das hat leider nicht geklappt..

Aber ich finde deine Anleitung nicht..Ich hab das so eingetragen bei meiner
Computersuchfunktion aber der hört mit der Suche nicht auf :/
Aber vllt hilft ja auch dieses Bild:

Johanna LK. · 27.05.2014, 08:57

Ah, ich glaube, ich habs jetzt gefunden!!

Ist das eine Datei mit ganz vielen Buchstaben wieder?

Hm, ich habe sie hier eingefügt, aber ich glaube, dass sie zu lang ist. Denn ich habe schon mehrmals auf antworten geklickt, aber die Antwort wird nicht abgesendet.. :/ ??

Hier, die Nachricht habe ich erhalten: " Der Text, den Sie eingegeben haben, besteht aus 268208 Zeichen und ist damit zu lang. Bitte kürzen Sie den Text auf die maximale Länge von 120000 Zeichen. " Un jetzt?

cosinus · 27.05.2014, 10:30

Log aufplitten und über mehrere Beiträge verteilt posten

26.05.2014, 14:00	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Ununterbrochen Werbung im Browser, öffnet neue Werbeseiten+Downloads, Alarmbotschaften vom Virusblocker Ich will immer noch alle Logs mit Funden sehen __________________ Logfiles bitte immer in CODE-Tags posten

26.05.2014, 14:48	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Ununterbrochen Werbung im Browser, öffnet neue Werbeseiten+Downloads, Alarmbotschaften vom Virusblocker Da sind doch bebilderte Anleitungen Bevor du weiterhin auf der Stelle trittst sagst du vllt erstmal ob du überhaupt schon mt diversen Virenscanner fündig geworden bist __________________ Logfiles bitte immer in CODE-Tags posten

26.05.2014, 21:58	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Ununterbrochen Werbung im Browser, öffnet neue Werbeseiten+Downloads, Alarmbotschaften vom Virusblocker Logs von Avast posten, zu finden unter C:\ProgramData\AVAST Software\Avast\log __________________ Logfiles bitte immer in CODE-Tags posten

27.05.2014, 10:30	#15
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Ununterbrochen Werbung im Browser, öffnet neue Werbeseiten+Downloads, Alarmbotschaften vom Virusblocker Log aufplitten und über mehrere Beiträge verteilt posten __________________ Logfiles bitte immer in CODE-Tags posten

Ununterbrochen Werbung im Browser, öffnet neue Werbeseiten+Downloads, Alarmbotschaften vom Virusblocker

Log-Analyse und Auswertung: Ununterbrochen Werbung im Browser, öffnet neue Werbeseiten+Downloads, Alarmbotschaften vom Virusblocker