Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Buzzdock Adware entfernt (oder doch nicht?)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.04.2015, 17:01   #1
furkan189
 
Buzzdock Adware entfernt (oder doch nicht?) - Standard

Buzzdock Adware entfernt (oder doch nicht?)



Hallo alle zusammen,

ich habe mir einen gebrauchten Laptop erworben, der leider voll ist mit Adware wie z. B. Buzzdock.

Ich habe versucht mit Malwarebytes und den AdwCleaner das Problem zu löschen. Also beides durchlaufen lassen. Könntet ihr mir sagen, ob es noch irgendwelche Adware gibt.

Der Scanlog von Malwarebytes Anti-Malware

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 25.04.2015 17:03:57, SYSTEM, MEC-GAMER-PC, Protection, Malware Protection, Starting, 
Protection, 25.04.2015 17:03:57, SYSTEM, MEC-GAMER-PC, Protection, Malware Protection, Started, 
Protection, 25.04.2015 17:03:57, SYSTEM, MEC-GAMER-PC, Protection, Malicious Website Protection, Starting, 
Update, 25.04.2015 17:03:57, SYSTEM, MEC-GAMER-PC, Manual, Remediation Database, 2015.3.9.1, 2015.4.22.1, 
Update, 25.04.2015 17:03:57, SYSTEM, MEC-GAMER-PC, Manual, Rootkit Database, 2015.2.25.1, 2015.4.21.1, 
Protection, 25.04.2015 17:03:58, SYSTEM, MEC-GAMER-PC, Protection, Malicious Website Protection, Started, 
Update, 25.04.2015 17:03:58, SYSTEM, MEC-GAMER-PC, Manual, Malware Database, 2015.3.9.5, 2015.4.25.2, 
Protection, 25.04.2015 17:03:58, SYSTEM, MEC-GAMER-PC, Protection, Refresh, Starting, 
Protection, 25.04.2015 17:03:58, SYSTEM, MEC-GAMER-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 25.04.2015 17:03:59, SYSTEM, MEC-GAMER-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 25.04.2015 17:04:04, SYSTEM, MEC-GAMER-PC, Protection, Refresh, Success, 
Protection, 25.04.2015 17:04:04, SYSTEM, MEC-GAMER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 25.04.2015 17:04:05, SYSTEM, MEC-GAMER-PC, Protection, Malicious Website Protection, Started, 
Detection, 25.04.2015 17:06:18, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.InstallCore.C, C:\Program Files (x86)\Mediaplayersversion2.4\Uninstall.exe, Quarantäne, [a91da6caff8bf5418cf245fe3fc719e7]
Detection, 25.04.2015 17:06:55, Muharrem, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.Binkiland.A, C:\Program Files (x86)\WSE_Binkiland\uninstall.exe, Quarantäne, [656195db5b2fb086c6276f4f917215eb]
Detection, 25.04.2015 17:07:29, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\UninstallManager.exe, Quarantäne, [9b2bea86e5a50234f4dec9e1fe056c94]
Detection, 25.04.2015 17:09:12, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.Nova.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\6ec4e515-7693-4d8f-8eef-57a6e54bb336.dll, Quarantäne, [487e5e12ccbe67cf27820609d72b19e7]
Detection, 25.04.2015 17:12:00, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-10_user, Quarantäne, [438398d831593006010e965a8083be42]
Detection, 25.04.2015 17:12:00, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.Binkiland.A, C:\Windows\System32\Tasks\Binkiland, Quarantäne, [b016a6ca9bef0432c51d57fc0500ea16]
Detection, 25.04.2015 17:12:00, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-10_user, Quarantäne, [0fb79ed2d8b290a615fafdf3788ba060]
Detection, 25.04.2015 17:12:00, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.Binkiland.A, C:\Users\Muharrem\AppData\Roaming\Binkiland\UpdateProc\UpdateTask.exe, Quarantäne, [9e28c0b042489c9a4d9f68569f64f808]
Detection, 25.04.2015 17:12:00, Muharrem, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\Mediaplayersversion2.4\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-10.exe, Quarantäne, [0eb8521e9feb4ee8aa1350f126e04bb5]
Detection, 25.04.2015 17:13:00, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\Mediaplayersversion2.4\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-1-7.exe, Quarantäne, [ab1b75fbe9a1e35309b4d36eb353748c]
Detection, 25.04.2015 17:13:00, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\Mediaplayersversion2.4\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-5.exe, Quarantäne, [8d39e789e4a6e452ac11b78a9a6c6898]
Protection, 25.04.2015 17:16:42, SYSTEM, MEC-GAMER-PC, Protection, Malware Protection, Starting, 
Protection, 25.04.2015 17:16:42, SYSTEM, MEC-GAMER-PC, Protection, Malware Protection, Started, 
Protection, 25.04.2015 17:16:42, SYSTEM, MEC-GAMER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 25.04.2015 17:16:42, SYSTEM, MEC-GAMER-PC, Protection, Malicious Website Protection, Started, 
Detection, 25.04.2015 17:20:00, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-1-7.exe, Quarantäne, [507688e8d2b81a1c73c6003b9f674bb5]
Detection, 25.04.2015 17:20:00, Muharrem, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-5.exe, Quarantäne, [5d69ff715a300432fe3bc2793acc0af6]
Detection, 25.04.2015 17:20:00, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-6.exe, Quarantäne, [c600313fa7e35bdb360372c9cb3bdc24]
Detection, 25.04.2015 17:20:00, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-1-6.exe, Quarantäne, [4f775c14d4b6e74f0d2cee4d09fdcb35]
Detection, 25.04.2015 17:20:00, SYSTEM, MEC-GAMER-PC, Protection, Malwareschutz, Datei, PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-7.exe, Quarantäne, [70565f1165258caa9e9b46f5a561629e]
Scan, 25.04.2015 17:22:52, SYSTEM, MEC-GAMER-PC, Manual, Start: 25.04.2015 17:16:56, Dauer: 5 Minuten 34 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 1 Malwareerkennung, "499" nicht-Malwareerkennung, 
Protection, 25.04.2015 17:24:04, SYSTEM, MEC-GAMER-PC, Protection, Malware Protection, Starting, 
Protection, 25.04.2015 17:24:04, SYSTEM, MEC-GAMER-PC, Protection, Malware Protection, Started, 
Protection, 25.04.2015 17:24:04, SYSTEM, MEC-GAMER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 25.04.2015 17:24:06, SYSTEM, MEC-GAMER-PC, Protection, Malicious Website Protection, Started, 

(end)
         
Und der Protection-Log:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.04.2015
Suchlauf-Zeit: 17:16:56
Logdatei: malware.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.04.25.02
Rootkit Datenbank: v2015.04.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Muharrem

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 340785
Verstrichene Zeit: 5 Min, 34 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 167
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\CLASSES\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}, In Quarantäne, [2a9c91df98f284b23d2eae91010208f8], 
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}, In Quarantäne, [2a9c91df98f284b23d2eae91010208f8], 
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}, In Quarantäne, [2a9c91df98f284b23d2eae91010208f8], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [9b2beb85bbcfd36355a3d574699ae818], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [9b2beb85bbcfd36355a3d574699ae818], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [9b2beb85bbcfd36355a3d574699ae818], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{c723a437-2eaf-466d-a95b-3fa0966bf88c}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{e806ac01-e7a5-4949-af7c-7e6e5775035b}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{BA6EB888-8424-4C93-8E71-6050C714CFBE}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BA6EB888-8424-4C93-8E71-6050C714CFBE}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BA6EB888-8424-4C93-8E71-6050C714CFBE}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{e806ac01-e7a5-4949-af7c-7e6e5775035b}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{e806ac01-e7a5-4949-af7c-7e6e5775035b}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C723A437-2EAF-466D-A95B-3FA0966BF88C}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C723A437-2EAF-466D-A95B-3FA0966BF88C}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.StrongSignal.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C723A437-2EAF-466D-A95B-3FA0966BF88C}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.StrongSignal.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C723A437-2EAF-466D-A95B-3FA0966BF88C}, In Quarantäne, [24a29fd16c1edd59d30382bdfc0718e8], 
PUP.Optional.InstallCore.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Cinemax Plus 1.9cV21.02, In Quarantäne, [2e98442cc6c40c2a007e3a098482cc34], 
PUP.Optional.VeriBrowse.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\8BF8DAD4-46AC-4AA7-2EB8-8C7F3FCF7EB7, In Quarantäne, [ccfa442cd1b976c0c0ada98e11f1c739], 
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [7650e987fa90d75fbc8c9daacd3526da], 
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [7650e987fa90d75fbc8c9daacd3526da], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [982e9bd5aae06dc9cde321375ca929d7], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, In Quarantäne, [774f98d8fe8cea4c624ee1775ea73dc3], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, In Quarantäne, [eadc95db9eec92a4674993c5f213d22e], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, In Quarantäne, [6a5c224eb3d7cb6bb1005dfb0ef77888], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, In Quarantäne, [378f5719f199251106abcf893fc68779], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, In Quarantäne, [ecda6e02206a62d49e13e2768b7a40c0], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, In Quarantäne, [17af1c543d4d20162f824711b64f827e], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, In Quarantäne, [86400d63d0bae353367b70e8679e57a9], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, In Quarantäne, [dbebafc15832e74f6a470f4906ffcf31], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, In Quarantäne, [cff77cf4f09ac96d03aefa5e2ed79d63], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, In Quarantäne, [b511205092f8ef47872a56023dc8e917], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, In Quarantäne, [21a54a26a6e4191d0ca5500849bca957], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [ebdbe58b94f6ba7cd2df6eeac83d14ec], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [bf074c2497f373c3b7fa0b4da5609868], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [0abcdf91f991e6508e2373e50df81de3], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, In Quarantäne, [efd7412fa0eacc6af7ba332557ae3ec2], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [ba0cec84dab05cda4a670058ae57e11f], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, In Quarantäne, [784ec0b0c4c666d0951c23357c8954ac], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, In Quarantäne, [10b671ff791120161899a0b82fd6619f], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, In Quarantäne, [d9ed056b3e4cfe38169b6aeef80de818], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, In Quarantäne, [794d660ac2c8d0662c851b3d729354ac], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, In Quarantäne, [0eb8254bdfab94a2b2ff0256a263a55b], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, In Quarantäne, [13b3e98774169a9c179a76e219ec36ca], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, In Quarantäne, [1ea8b7b98a00072f4b664216ef163bc5], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [5f67630d61294ceae0d13127c93c1ee2], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, In Quarantäne, [05c12a463951dd5998195dfbfe07db25], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, In Quarantäne, [af177ff1226859dd8b2631272ed75ca4], 
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}\INSTL\DATA, In Quarantäne, [e8deb5bbb0da6bcbb196fdc79b6859a7], 
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}\INSTL\DATA, In Quarantäne, [5c6a353bf29869cd73d423a1649f27d9], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [8244b8b8a6e4b08605ac689f60a408f8], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [eed8caa63456a5913f72c6411fe5ec14], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\Cinemax Plus 1.9cV21.02, In Quarantäne, [fbcb620e494192a41aef0ec1dd26817f], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\Cinemax Plus 1.9cV21.02-nv, In Quarantäne, [6f57e888eb9f9d992edb9b342cd707f9], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\Cinemax Plus 1.9cV21.02-nv-ie, In Quarantäne, [ab1b046c0d7ded497990c70802018f71], 
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [bd09f8787c0e7eb8554c7d57887bce32], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [d7efc0b04c3ebd790459dd3733d112ee], 
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, In Quarantäne, [9a2cacc40b7fd0669ccb965411f2c43c], 
PUP.Optional.MediaPlayer.A, HKLM\SOFTWARE\WOW6432NODE\Mediaplayersversion2.4, In Quarantäne, [2f976e02c7c30f27b263606ed03334cc], 
PUP.Optional.MediaPlayer.A, HKLM\SOFTWARE\WOW6432NODE\Mediaplayersversion2.4-nv-ie, In Quarantäne, [c303551b55354beb0015fcd2a65dd12f], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [f8ce30406c1ebb7bb9ab6adebc49f808], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, In Quarantäne, [487e30400a80b284ce818d44ca3955ab], 
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [794d541c0189be781745655f50b35da3], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [15b1036de8a265d17838f66208fda55b], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, In Quarantäne, [6066acc41b6f47ef8d23aaaedb2a3fc1], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, In Quarantäne, [fcca3f31ff8b043259579cbc4bbad22e], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync, In Quarantäne, [b214eb851674ec4ae9c80c4c6d98bc44], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, In Quarantäne, [f6d00e6266248ea8f1c0e47465a06a96], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass, In Quarantäne, [e9dd95dbbdcdf442cee35701ba4b7c84], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass.1, In Quarantäne, [c7ff8ae6e9a1be789e1350085baa6d93], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass, In Quarantäne, [8d391b558406e3538b26bc9ce12418e8], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, In Quarantäne, [9a2cf080dab00f27377a193f40c5966a], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, In Quarantäne, [e1e5eb8518729c9aedc495c38085926e], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, In Quarantäne, [d4f24a26c4c65fd71b96ee6a1aeb1de3], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, In Quarantäne, [31956c04741606308a2798c07b8a33cd], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [e5e1e7890c7e50e6426f5efa7e87c33d], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [289e333d1575ac8ad3de193f3bcaec14], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [8b3b403094f68aac5d542f29b94c718f], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, In Quarantäne, [03c30b65ddad74c2377a95c32bda4bb5], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [864098d80b7fe5515859bf996d9823dd], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher, In Quarantäne, [fec86e023c4e1c1a674ab1a7fc09d62a], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, In Quarantäne, [755181efd5b5ef476051cd8b59acc33d], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService, In Quarantäne, [814510605733bc7a8f22b5a3d4317789], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, In Quarantäne, [982e92de56346cca81302f2925e0e31d], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine, In Quarantäne, [24a2462a7c0e96a0931eaaae62a30ef2], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, In Quarantäne, [af170f61a8e2b185862b60f8a36201ff], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, In Quarantäne, [d1f5f57b2862e650951c312754b140c0], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [18ae521efe8c8caa04ad23350df86c94], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc, In Quarantäne, [d4f24c242b5fa88e4170cb8dc045df21], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, In Quarantäne, [1da9195762283df90ca5184048bdf709], 
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}\INSTL\DATA, In Quarantäne, [992d412f1e6cc57142058e3615ee1ae6], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, In Quarantäne, [9135056bfd8d4fe79d77c0305ea57d83], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [6066353b6b1f73c3bbf6d13654b03dc3], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [2b9bdf91cac06ccab6fb53b4689cef11], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantäne, [e6e0d59bdfab73c3cb9c349a857e3bc5], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantäne, [fccae68a3654f73f0e582f9fc83bcb35], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, In Quarantäne, [a71fed831b6f2e08eb548c506e9528d8], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantäne, [d7ef7df35931eb4b71f3f0dee0237e82], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [685e125e2d5d5dd955a183c79e67718f], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [685e0a660d7da98db64166e47491f30d], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [e7dfa3cd5634db5ba732a345b64d15eb], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [18ae2749a3e7fa3c109c9d41768d6997], 
PUP.Optional.CrossRider.A, HKU\S-1-5-18\SOFTWARE\Cinemax Plus 1.9cV21.02-nv, In Quarantäne, [6c5a85ebe0aa0234a4667f50f0134eb2], 
PUP.Optional.CrossRider.A, HKU\S-1-5-18\SOFTWARE\Cinemax Plus 1.9cV21.02-nv-ie, In Quarantäne, [06c0610f91f9b18546c4bf107e858b75], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18\SOFTWARE\Mediaplayersversion2.4-nv-ie, In Quarantäne, [11b573fd840658dee63016b88380cc34], 
PUP.Optional.Binkiland.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\Binkiland Browser, In Quarantäne, [7e484d236c1e6bcb489ded66dc29b54b], 
PUP.Optional.BrowserApps.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\BrowsrApp+v3.1-nv-ie, In Quarantäne, [21a573fd43471125b72457760ef5cc34], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\Cinemax Plus 1.9cV21.02, In Quarantäne, [12b42749a2e8191d29e11ab5d23147b9], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\Cinemax Plus 1.9cV21.02-nv, In Quarantäne, [487eda960d7d73c35fab25aa61a237c9], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\Cinemax Plus 1.9cV21.02-nv-ie, In Quarantäne, [15b1afc12a600b2b27e3b7180300629e], 
PUP.Optional.HomeTab.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\HomeTab, In Quarantäne, [d7ef8be51b6fb2842cbd9b5e26dd58a8], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\Mediaplayersversion2.4, In Quarantäne, [f3d396dad7b33afcbb5b3698b84be11f], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\Mediaplayersversion2.4-nv-ie, In Quarantäne, [21a5a9c7c1c9f541df378b43e81b25db], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\SearchProtectWS, In Quarantäne, [d5f1214fafdb31057cedc50956adad53], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\WajIntEnhance, In Quarantäne, [5e682a46008a5dd92a26f9d88a79659b], 
PUP.Optional.Binkiland.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\wse_binkiland, In Quarantäne, [b016a3cdd2b83402b72e20337194e51b], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [ffc7610ffd8dc4722d23c578df2657a9], 
PUP.Optional.MultiIE.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, In Quarantäne, [6660432d8a00181e85a378cefc09619f], 
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, In Quarantäne, [7f4798d8f397fd39395053732ad9b54b], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [a5217af64446ab8bbfb1c053b74d8c74], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\INSTALLCORE, In Quarantäne, [7254d59b43478da9ad911f0a7293956b], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [8f376f01fd8d77bff956eff6d03310f0], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [e6e02b452664f83ea3ac8f5635ce1fe1], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Cinema PlusV21.02, In Quarantäne, [6d59343c8cfe191dfd79e0fabb48817f], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\PlayMCVenture, In Quarantäne, [d4f2bfb1731761d5fa1ea5298a79da26], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\SIMPLYTECH\HomeTabWajIEnhance, In Quarantäne, [378f76fa791113234f16b9154ab9ab55], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.OneClickCtrl.10, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.Update3WebControl.4, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1E4B93BB-1E5E-15A9-B6DB-F3D94158CB14}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{76771D2E-FA3D-E351-2A5C-E9EEAF3D1E41}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E7D10373-2625-89F3-5261-51403360D16A}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E7D10373-2625-89F3-5261-51403360D16A}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E7D10373-2625-89F3-5261-51403360D16A}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{76771D2E-FA3D-E351-2A5C-E9EEAF3D1E41}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{76771D2E-FA3D-E351-2A5C-E9EEAF3D1E41}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1E4B93BB-1E5E-15A9-B6DB-F3D94158CB14}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1E4B93BB-1E5E-15A9-B6DB-F3D94158CB14}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\CLASSES\CLSID\{1E4B93BB-1E5E-15A9-B6DB-F3D94158CB14}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\CLASSES\CLSID\{1E4B93BB-1E5E-15A9-B6DB-F3D94158CB14}\INPROCSERVER32, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1E4B93BB-1E5E-15A9-B6DB-F3D94158CB14}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1E4B93BB-1E5E-15A9-B6DB-F3D94158CB14}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1E4B93BB-1E5E-15A9-B6DB-F3D94158CB14}, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 

Registrierungswerte: 27
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}\INSTL\DATA|tlbrSrchUrl, hxxp://binkiland.com/?f=3&a=bnk_ir_15_08&cd=2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBtDyDyC0BtByCyEyD0FtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyEtByByDyDtBzztGtC0B0E0BtG0B0C0A0DtGyDtBzztCtGtB0AyE0FyCyDyCyCyE0EtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCyBtDyEyDzztGtBtD0F0AtGyEtDtCtDtG0A0CzyyBtGyBzyzzyB0E0E0DtDyBzyyE0D2Q&cr=141899710&ir=&q=, In Quarantäne, [e8deb5bbb0da6bcbb196fdc79b6859a7]
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}\INSTL\DATA|tlbrSrchUrl, hxxp://binkiland.com/?f=3&a=bnk_ir_15_08&cd=2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBtDyDyC0BtByCyEyD0FtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyEtByByDyDtBzztGtC0B0E0BtG0B0C0A0DtGyDtBzztCtGtB0AyE0FyCyDyCyCyE0EtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCyBtDyEyDzztGtBtD0F0AtGyEtDtCtDtG0A0CzyyBtGyBzyzzyB0E0E0DtDyBzyyE0D2Q&cr=141899710&ir=&q=, In Quarantäne, [5c6a353bf29869cd73d423a1649f27d9]
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_08&cd=2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBtDyDyC0BtByCyEyD0FtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyEtByByDyDtBzztGtC0B0E0BtG0B0C0A0DtGyDtBzztCtGtB0AyE0FyCyDyCyCyE0EtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCyBtDyEyDzztGtBtD0F0AtGyEtDtCtDtG0A0CzyyBtGyBzyzzyB0E0E0DtDyBzyyE0D2Q&cr=141899710&ir=, In Quarantäne, [9f27ea8641492511ae8eb413d0337789]
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_08&cd=2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBtDyDyC0BtByCyEyD0FtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyEtByByDyDtBzztGtC0B0E0BtG0B0C0A0DtGyDtBzztCtGtB0AyE0FyCyDyCyCyE0EtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCyBtDyEyDzztGtBtD0F0AtGyEtDtCtDtG0A0CzyyBtGyBzyzzyB0E0E0DtDyBzyyE0D2Q&cr=141899710&ir=, In Quarantäne, [90362d432c5ecc6a1527daed45be6898]
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Binkiland, In Quarantäne, [378f78f896f472c435073c8b06fd8779]
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Binkiland, In Quarantäne, [f0d6214f2f5b36001f1d32953dc6f907]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}, In Quarantäne, [36900f61c3c7290de7b2d284798ca060]
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}\INSTL\DATA|tlbrSrchUrl, hxxp://binkiland.com/?f=3&a=bnk_ir_15_08&cd=2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBtDyDyC0BtByCyEyD0FtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyEtByByDyDtBzztGtC0B0E0BtG0B0C0A0DtGyDtBzztCtGtB0AyE0FyCyDyCyCyE0EtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCyBtDyEyDzztGtBtD0F0AtGyEtDtCtDtG0A0CzyyBtGyBzyzzyB0E0E0DtDyBzyyE0D2Q&cr=141899710&ir=&q=, In Quarantäne, [992d412f1e6cc57142058e3615ee1ae6]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantäne, [9135056bfd8d4fe79d77c0305ea57d83]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, In Quarantäne, [1fa7da966921320436bd0bba19ea639d]
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Binkiland\\, In Quarantäne, [8e38bcb4f6940531351c418342c1dc24]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}, In Quarantäne, [cef8fc74ff8bd165b9e0ea6ce520d828]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, tugs, In Quarantäne, [e7dfa3cd5634db5ba732a345b64d15eb]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, In Quarantäne, [7f4798d8f397fd39395053732ad9b54b]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\INSTALLCORE|tb, zr2X2X1G1S1F2V1S2Q0V, In Quarantäne, [7254d59b43478da9ad911f0a7293956b]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&ts=1424556763&type=default&q={searchTerms}, In Quarantäne, [388ef47c533792a4efa967efe223db25]
PUP.Optional.Binkiland.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_08&cd=2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBtDyDyC0BtByCyEyD0FtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyEtByByDyDtBzztGtC0B0E0BtG0B0C0A0DtGyDtBzztCtGtB0AyE0FyCyDyCyCyE0EtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0EyCyBtDyEyDzztGtBtD0F0AtGyEtDtCtDtG0A0CzyyBtGyBzyzzyB0E0E0DtDyBzyyE0D2Q&cr=141899710&ir=, In Quarantäne, [a323343c7f0b81b591ac1aadca39d52b]
PUP.Optional.Binkiland.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Binkiland, In Quarantäne, [dee8e38da5e570c691acb80f47bc966a]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&ts=1424556763&type=default&q={searchTerms}, In Quarantäne, [7056b3bd99f1d95db1e7a2b4788d9e62]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&ts=1424556763&type=default&q={searchTerms}, In Quarantäne, [04c2b2be602a1620fa9e0650d233f907]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, hxxp://www.istartsurf.com//favicon.ico, In Quarantäne, [10b6f977533774c20593c591cd38b44c]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&ts=1424556763&type=default&q={searchTerms}, In Quarantäne, [7c4ae48c16742412fe9ad08674914ab6]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|TopResultURL, hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}, In Quarantäne, [6c5afa762b5f3105a0f88acc9570f907]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{968885CA-6341-4FB8-9E60-BDFC47434B56}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&ts=1424556763&type=default&q={searchTerms}, In Quarantäne, [fbcb462a64262412b9df10463ec79070]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&ts=1424556763&type=default&q={searchTerms}, In Quarantäne, [dde939379eec3df94f493f174abbd927]
PUP.Optional.Binkiland.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Binkiland, C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Muharrem\AppData\Roaming\Binkiland\UpdateProc\bkup.dat", In Quarantäne, [695db8b8fc8e05319551332006ff6997]
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Binkiland, C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Muharrem\AppData\Roaming\Binkiland\UpdateProc\bkup.dat", In Quarantäne, [695db8b8fc8e05319551332006ff6997]

Registrierungsdaten: 14
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}),Ersetzt,[e7df3f31b3d723137ff107f57590cf31]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA),Ersetzt,[6b5b145c4842b482472914e8da2bb050]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA),Ersetzt,[a422333d32586accafc19a62ee174eb2]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}),Ersetzt,[a71ff27e64262b0b8ee2ea12ea1bd52b]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[0cba363a4644ee4892cec2467d89718f]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}),Ersetzt,[fdc919570c7eec4ac6aa669657ae5ba5]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA),Ersetzt,[9e28e48c1872e84eabc5fdff699c926e]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA),Ersetzt,[a42249272b5fe94d452b619b40c5639d]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1424556716&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}),Ersetzt,[be0875fb4a4014220b650bf1867ff40c]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[25a1ed830387ed49134dd632f610fb05]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA),Ersetzt,[12b4ee8245456dc9244adc208382d729]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA),Ersetzt,[9c2a442cb5d5da5cef7fd22a09fc6f91]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=dspp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=dspp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}),Ersetzt,[c600d19f2169ae882c42c636877e02fe]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-122386573-4026919766-2664048506-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=dspp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=dspp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA&q={searchTerms}),Ersetzt,[586e452b7614da5c91dd53a9ff0631cf]

Ordner: 46
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\image, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\weather, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{35AF3F4E-4790-4F38-B52F-5B90E23B72DF}, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.A, C:\Users\Muharrem\AppData\Local\Temp\comh.167387, In Quarantäne, [507690e0b3d73ff7bad32d7ae71c857b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Muharrem\AppData\Local\Temp\comh.349972, In Quarantäne, [dcea99d76b1faf878eff436490732bd5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Muharrem\AppData\Local\Temp\comh.419383, In Quarantäne, [ba0ce18ff6946fc7256801a68182ba46], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\code, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\x64, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02, In Quarantäne, [784e333da5e5a98d5ac7842d27dcfc04], 
PUP.Optional.Binkiland.A, C:\Users\Muharrem\AppData\Roaming\Binkiland, In Quarantäne, [982eb8b8a9e1af8748a4caf47b8816ea], 
PUP.Optional.Binkiland.A, C:\Users\Muharrem\AppData\Roaming\Binkiland\UpdateProc, In Quarantäne, [982eb8b8a9e1af8748a4caf47b8816ea], 
PUP.Optional.Binkiland.A, C:\Program Files (x86)\WSE_Binkiland, In Quarantäne, [477f4b255f2bc4722ac3d6e8f90a3ec2], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\Mediaplayersversion2.4, In Quarantäne, [15b1016f2d5d1c1ab0d6ead562a1cb35], 

Dateien: 246
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, In Quarantäne, [0db95c14a0ea4ee81d537bcee221e818], 
PUP.Optional.OptimizerPro, C:\ProgramData\{96e69f92-40a5-7881-96e6-69f9240a7e49}\OptimizerPro.exe, In Quarantäne, [83430d6301897abc1424b3792cd61ce4], 
PUP.Optional.Nova.A, C:\Program Files (x86)\0ba24292-afde-462a-b6c7-7003e2cdfdfe\6a87bb79-f8e6-4a05-98be-2216c431259f.dll, In Quarantäne, [3690a2ced1b9e353129740cf16ecb54b], 
PUP.Optional.InstallCore.C, C:\Program Files (x86)\0ba24292-afde-462a-b6c7-7003e2cdfdfe\b9d275f1-d553-49c0-b0e1-865887d67344.dll, In Quarantäne, [675f165a1278f93d9ae4ce7534d242be], 
PUP.Optional.Nova.A, C:\Program Files (x86)\Apple Software Update\0a8068e1-4ad9-458e-9295-ac8a1480b4bc.dll, In Quarantäne, [d4f2e68ac4c635012c7dc847669cc937], 
PUP.Optional.InstallCore.C, C:\Program Files (x86)\Apple Software Update\0ba24292-afde-462a-b6c7-7003e2cdfdfe.dll, In Quarantäne, [18aefd73711961d5443a053e5aaca25e], 
PUP.Optional.InstallCore.C, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\aba38ab5-3c2f-467c-bfa4-a80bdaa8f23b.dll, In Quarantäne, [b610620e43471a1c3c423310fc0ab64a], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-1-6.exe, In Quarantäne, [dbebee82abdfda5ceb4ec17ac1453bc5], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-1-7.exe, In Quarantäne, [5373016fe9a1b08659e0f14a2ed83cc4], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-10.exe, In Quarantäne, [1da9462ad6b4261041f846f564a2b44c], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-5.exe, In Quarantäne, [33931957e9a189adc574211a848215eb], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-6.exe, In Quarantäne, [893db3bdb6d40630e059a19a41c5b54b], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-64.exe, In Quarantäne, [8d396b05cbbffe38c8718ab13bcbaa56], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-7.exe, In Quarantäne, [14b2640c9eec79bd04353b00d3335ea2], 
PUP.Optional.InstallCore.C, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\Uninstall.exe, In Quarantäne, [2e98442cc6c40c2a007e3a098482cc34], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\UninstallBrw.exe, In Quarantäne, [6c5a6010addd66d0d4654dee17ef3bc5], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\utils.exe, In Quarantäne, [9e28d69a5f2bc27487b5034bd927f010], 
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, In Quarantäne, [794da8c82d5da09614a70867fa06857b], 
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, In Quarantäne, [e5e139376a20fa3cf4c7c7a8837de21e], 
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\BrowserAction.dll, In Quarantäne, [86400f610a8044f22a2389ba936f52ae], 
PUP.Optional.ELEX, C:\Program Files (x86)\XTab\HPNotify.exe, In Quarantäne, [5472ef811278280ed5f7ef44fe0438c8], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, In Quarantäne, [d9ed442c7416bb7b6c7d8989f30f52ae], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\Mediaplayersversion2.4\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-1-6.exe, In Quarantäne, [7056b1bfdfab2610724bfc455da939c7], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\Mediaplayersversion2.4\UninstallBrw.exe, In Quarantäne, [7452125e53378caaf7c686bbb94db050], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Mediaplayersversion2.4\utils.exe, In Quarantäne, [3d89a0d07218cb6b878cbba0a060eb15], 
PUP.Optional.VeriBrowse.A, C:\Program Files (x86)\ver3SpeedCheck\Uninstall.exe, In Quarantäne, [ccfa442cd1b976c0c0ada98e11f1c739], 
PUP.Optional.CrossRider.A, C:\Windows\SysWOW64\4f8.exe, In Quarantäne, [16b0571965250036f0176fc6ff03d828], 
PUP.Optional.CrossRider.A, C:\Users\Muharrem\AppData\Local\Temp\5590.exe, In Quarantäne, [f7cf87e90e7c8da978c11823c73f3bc5], 
PUP.Optional.StrongSignal.SID.A, C:\Users\Muharrem\AppData\Local\Temp\is1488139799\5C01473A_stp.EXE, In Quarantäne, [14b2afc14941c5711538ff446b9bd52b], 
PUP.Optional.OptimizerPro, C:\Users\Muharrem\AppData\Local\Temp\is1488139799\64A5F2DE_stp\OptimizerPro.exe, In Quarantäne, [ab1ba3cd4b3f89ad92a6c567a75baa56], 
PUP.Optional.IStartsurf.A, C:\Users\Muharrem\AppData\Local\Temp\bd8799a9-5358-426d-96ed-05c161afee62\lly_istartsurf.exe, In Quarantäne, [0fb7f7793d4d2d09b7f255ec4fb70af6], 
PUP.Optional.VeriBrowse.A, C:\Users\Muharrem\AppData\Local\Temp\437d1c46-fb88-4f96-b355-f7793d52ec87\3333-2081_speedcheck.exe, In Quarantäne, [7254412f07834de9d19c6acd679bb050], 
PUP.Optional.StrongSignal.SID.A, C:\Users\Muharrem\AppData\Local\Temp\~nsu.tmp\Au_.exe, In Quarantäne, [e3e3363a0288d75f69e441022adc817f], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.167387\GoogleCrashHandler.exe, In Quarantäne, [ecda561a2367013587c16ddaf70b49b7], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.167387\GoogleUpdate.exe, In Quarantäne, [7650e987fa90d75fbc8c9daacd3526da], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.167387\GoogleUpdateBroker.exe, In Quarantäne, [b412115f62285fd772d666e18f733bc5], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.167387\GoogleUpdateOnDemand.exe, In Quarantäne, [4c7a8fe1fb8fec4a064265e2b34f3ec2], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.167387\goopdate.dll, In Quarantäne, [626407693d4d7bbb5cecb196b1514db3], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.167387\goopdateres_en.dll, In Quarantäne, [675f3d331b6f74c21830a2a550b2837d], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.167387\npGoogleUpdate4.dll, In Quarantäne, [aa1ce888e0aa9b9bdb6d75d21de516ea], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.167387\psmachine.dll, In Quarantäne, [20a63c34305a082ef256b592d929b54b], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.167387\psuser.dll, In Quarantäne, [596dd0a0b4d6e3536cdc57f05ca6fb05], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.349972\GoogleCrashHandler.exe, In Quarantäne, [883ee18f92f85bdb46021f2848baaa56], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.349972\GoogleUpdate.exe, In Quarantäne, [10b6a6ca84061224093fc4834eb45fa1], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.349972\GoogleUpdateBroker.exe, In Quarantäne, [e2e47cf48dfd181e7bcd82c550b240c0], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.349972\GoogleUpdateOnDemand.exe, In Quarantäne, [b90d86ea18720135390f3215818106fa], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.349972\goopdate.dll, In Quarantäne, [a4223b35800a46f0291f58ef8c764fb1], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.349972\goopdateres_en.dll, In Quarantäne, [6363650bb3d7e056c187d3745da5d729], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.349972\npGoogleUpdate4.dll, In Quarantäne, [1fa7e58b523886b07bcd63e4877bf10f], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.349972\psmachine.dll, In Quarantäne, [567082ee72186ccaad9bb49359a91ee2], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.349972\psuser.dll, In Quarantäne, [4185b6ba3d4dc86ecf79c0874db57d83], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.419383\GoogleCrashHandler.exe, In Quarantäne, [b70f86eabdcd3bfbf652bf88788a6c94], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.419383\GoogleUpdate.exe, In Quarantäne, [14b21a566525ae885debd1767a88b848], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.419383\GoogleUpdateBroker.exe, In Quarantäne, [facc452b3c4e7eb80741f7505da5669a], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.419383\GoogleUpdateOnDemand.exe, In Quarantäne, [2f9771ffcdbd1422c286fa4d867c28d8], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.419383\goopdate.dll, In Quarantäne, [e1e53c347515e35390b894b33ac8de22], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.419383\goopdateres_en.dll, In Quarantäne, [893ddb955436013553f548ff6b975aa6], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.419383\npGoogleUpdate4.dll, In Quarantäne, [a81ee38def9b04320048db6c669caa56], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.419383\psmachine.dll, In Quarantäne, [b412d8988cfe60d655f30146ae548779], 
PUP.Optional.ModGoog, C:\Users\Muharrem\AppData\Local\Temp\comh.419383\psuser.dll, In Quarantäne, [aa1c234d5e2c96a0e266ba8d9d65bd43], 
PUP.Optional.CrossRider.A, C:\Users\Muharrem\AppData\Local\Temp\1253c568-f802-4b5e-9b33-9dc9f017c461\setup.exe, In Quarantäne, [bd09650bd4b65bdbb6b41d10986abf41], 
PUP.Optional.CrossRider.A, C:\Users\Muharrem\AppData\Local\Temp\8d476903-cb65-4a83-bf77-34b55dd4330b\setup.exe, In Quarantäne, [9a2cc7a9afdba492a1c9a984f111946c], 
Trojan.Agent, C:\Windows\rcore.exe, In Quarantäne, [23a34c245535231330e63bf9c53e3dc3], 
PUP.Optional.StrongSignal.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_strongsignal-a.akamaihd.net_0.localstorage, In Quarantäne, [f6d0db95ef9bd6607f10fcc909fa14ec], 
PUP.Optional.StrongSignal.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_strongsignal-a.akamaihd.net_0.localstorage-journal, In Quarantäne, [f3d38ee234563bfb0887c9fc7d867c84], 
PUP.Optional.Tikotin.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_tikotin.com_0.localstorage, In Quarantäne, [3096c5abbad0eb4b6f8427a46b98a060], 
PUP.Optional.Tikotin.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_tikotin.com_0.localstorage-journal, In Quarantäne, [12b4a6ca038742f41ad90fbcf0136d93], 
PUP.Optional.WebTInst.A, C:\Windows\System32\drivers\Msft_Kernel_webTinstMK_01009.Wdf, In Quarantäne, [e0e66709e4a6b482ce576865df2410f0], 
PUP.Optional.WebTInst.A, C:\Windows\System32\drivers\webTinstMK.sys, In Quarantäne, [9f2739371b6f5bdb34f2309d41c2d828], 
PUP.Optional.SelectNGo.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage, In Quarantäne, [4c7a5c14e2a8ab8b32c3b8197291eb15], 
PUP.Optional.SelectNGo.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage-journal, In Quarantäne, [e0e629479cee48ee1fd6e5ec2fd4e31d], 
PUP.Optional.WebsSearches.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.webssearches.com_0.localstorage, In Quarantäne, [893d264a3c4ea98d8d5d963cf2117888], 
PUP.Optional.WebsSearches.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.webssearches.com_0.localstorage-journal, In Quarantäne, [5274b8b8afdba09679719141cc371ee2], 
PUP.Optional.Patsearch.A, C:\Windows\patsearch.bin, In Quarantäne, [893d93ddb9d167cf051cf1e2dd26c63a], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\uninstall.exe, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\CmdShell.exe, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\conf, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\IeWatchDog.dll, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\install.data, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\searchProvider.xml, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about_bk.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn_apply.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\close.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf.xml, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf_back.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\input_bk.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\logo.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\main.xml, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_1.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_2.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\rigth_arrow.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\settings.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\data.html, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE.html, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE8.html, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\main.css, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\ver.txt, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\arrow.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\default_add_logo.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\default_add_logo_hover.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\default_logo.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\googlelogo.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\googlelogo2.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\google_trends.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon128.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon16.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon48.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\loading.gif, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\logo32.ico, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\weather\0.png, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\common.js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ga.js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ie8.js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\js.js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\library.js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit.js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW\messages.json, In Quarantäne, [4d790b650684f93d3a68854fe1227888], 
PUP.Optional.BoostSaves.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage, In Quarantäne, [6363e28e9eec7abc7d694a8dfa09da26], 
PUP.Optional.BoostSaves.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal, In Quarantäne, [daecb2beccbee05685619d3a956e51af], 
PUP.Optional.SpeedCheck.A, C:\Windows\Tasks\SpeedCheck Update.job, In Quarantäne, [b90def813c4ed264e95bad37679c5aa6], 
PUP.Optional.Speedcheck.A, C:\Windows\System32\Tasks\SpeedCheck Update, In Quarantäne, [4482f57bc2c8ea4cfc49b034bb48d12f], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-1-6, In Quarantäne, [2e98ec84a7e3c472b25de01032d147b9], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-1-7, In Quarantäne, [33931858f09ada5c62ad29c750b38f71], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-5, In Quarantäne, [be088de3a3e749edb65928c84eb5ac54], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-5_user, In Quarantäne, [b70fd49c09815bdb030c3fb18281837d], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-1-6, In Quarantäne, [fcca452be6a4e254b35c0be5e320619f], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-1-7, In Quarantäne, [f9cd0e623b4ff54160af0be5847fc53b], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-5, In Quarantäne, [c8fe80f06c1ecf671cf3cb25679c52ae], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-5_user, In Quarantäne, [bb0b3d332d5dd066ad6225cb55ae60a0], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-6, In Quarantäne, [477f68081d6df046e827c729af54e020], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-7, In Quarantäne, [f0d6beb257331d1928e75799cd36c13f], 
PUP.Optional.SelectNGo.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, In Quarantäne, [794dec84f69469cd688a8575b3506c94], 
PUP.Optional.SelectNGo.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, In Quarantäne, [a71f4f21f9913402e210f604fd06de22], 
PUP.Optional.ShoppingGate.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, In Quarantäne, [0fb79bd5b4d6fd39ec7000fd00034fb1], 
PUP.Optional.ShoppingGate.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, In Quarantäne, [5373343c3753082e9dbf9964768de61a], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-1-6.job, In Quarantäne, [83434e2261292b0b31be8cbc887d25db], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-1-7.job, In Quarantäne, [fbcbee825d2d4cea1ed165e30cf9a15f], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-10_user.job, In Quarantäne, [56704a26fe8c48eeb73804445fa624dc], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-5.job, In Quarantäne, [695db9b73b4f0234737c3b0dcf3608f8], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\5e5d3ac5-bf0d-4903-b8b6-55531a9440ea-5_user.job, In Quarantäne, [774fdb957d0d82b4da15d96f50b527d9], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-1-6.job, In Quarantäne, [735392deddad9d996a85cf79dc2918e8], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-1-7.job, In Quarantäne, [854159170d7dc4726e816ddb54b109f7], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-10_user.job, In Quarantäne, [2a9c521ec3c7f4422ec15eea15f0be42], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-5.job, In Quarantäne, [c20400700a800e28915e37112ed7a060], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-5_user.job, In Quarantäne, [26a0284891f9db5b27c8272157ae9f61], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-6.job, In Quarantäne, [c501185898f2ea4c9f5095b32fd6a060], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\ddc42ef0-ad8a-43f9-a4af-31f800b4f546-7.job, In Quarantäne, [675f8fe12565c571db1452f66b9afd03], 
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, In Quarantäne, [1ea8195799f149ed54aa8fb9e223ca36], 
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, In Quarantäne, [f5d1551b4248a98d01fe6bdd5ea7cc34], 
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, In Quarantäne, [982e94dca0eaf640e917470291748779], 
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, In Quarantäne, [04c24d235c2ebd79728f301941c4e020], 
PUP.Optional.Binkiland.A, C:\Windows\Tasks\Binkiland.job, In Quarantäne, [76500c641a7069cd5f84262df0156f91], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage, In Quarantäne, [dee8313f3e4cf2440e21252fe0255ca4], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage-journal, In Quarantäne, [4c7aea8645454de96dc21c385fa6e41c], 
PUP.Optional.ReMarkable.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, In Quarantäne, [8541026e24660a2c53e6ec6b85809d63], 
PUP.Optional.ReMarkable.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, In Quarantäne, [794d2c446d1d1f171425c0978a7b31cf], 
PUP.Optional.Binkiland.A, C:\Users\Muharrem\AppData\Roaming\Binkiland\UpdateProc\bkup.dat, In Quarantäne, [695db8b8fc8e05319551332006ff6997], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, In Quarantäne, [0fb70b65058538fec2b214934eb513ed], 
PUP.Optional.GlobalUpdate.A, C:\Users\Muharrem\AppData\Local\Temp\comh.167387\GoogleUpdateHelper.msi, In Quarantäne, [507690e0b3d73ff7bad32d7ae71c857b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Muharrem\AppData\Local\Temp\comh.349972\GoogleUpdateHelper.msi, In Quarantäne, [dcea99d76b1faf878eff436490732bd5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Muharrem\AppData\Local\Temp\comh.419383\GoogleUpdateHelper.msi, In Quarantäne, [ba0ce18ff6946fc7256801a68182ba46], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\478.json, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\MessageBox.xml, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\uninstallDlg2.xml, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\bg.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\bg1.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\bk_shadow.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\button.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\button1.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\checkbox.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\checkbox_select.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\checked.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\close.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\loading_bg.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\loading_light.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\min.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\scrollbar.bmp, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\Thumbs.db, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\unchecked.png, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\code\code1.jpg, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\code\code2.jpg, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\code\code3.jpg, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\code\code4.jpg, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\code\code5.jpg, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\code\code6.jpg, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Roaming\istartsurf\images\code\Thumbs.db, In Quarantäne, [daec2848cbbf92a407cb6347986bd030], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\189.crx, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\189.dat, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\189.dll, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\189_x64.dll, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\189.xpi, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\i6SpeedCheckv60.dll, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\i6SpeedCheckv60.exe, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\SpeedCheck.exe, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\sqlite3.dll, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\x64\TandemRunner.exe, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\x64\WdfCoInstaller01009.dll, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\x64\webinstr.inf, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.SpeedCheck.A, C:\Program Files (x86)\ver3SpeedCheck\x64\webTinstMK.sys, In Quarantäne, [e6e058188ffb14226248614e50b311ef], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\Cinemax Plus 1.9cV21.02\bgNova.html, In Quarantäne, [784e333da5e5a98d5ac7842d27dcfc04], 
PUP.Optional.Binkiland.A, C:\Users\Muharrem\AppData\Roaming\Binkiland\UpdateProc\config.dat, In Quarantäne, [982eb8b8a9e1af8748a4caf47b8816ea], 
PUP.Optional.Binkiland.A, C:\Users\Muharrem\AppData\Roaming\Binkiland\UpdateProc\info.dat, In Quarantäne, [982eb8b8a9e1af8748a4caf47b8816ea], 
PUP.Optional.Binkiland.A, C:\Users\Muharrem\AppData\Roaming\Binkiland\UpdateProc\STTL.DAT, In Quarantäne, [982eb8b8a9e1af8748a4caf47b8816ea], 
PUP.Optional.Binkiland.A, C:\Users\Muharrem\AppData\Roaming\Binkiland\UpdateProc\TTL.DAT, In Quarantäne, [982eb8b8a9e1af8748a4caf47b8816ea], 
PUP.Optional.Binkiland.A, C:\Program Files (x86)\WSE_Binkiland\astcnfg.dat, In Quarantäne, [477f4b255f2bc4722ac3d6e8f90a3ec2], 
PUP.Optional.Binkiland.A, C:\Program Files (x86)\WSE_Binkiland\Sqlite3.dll, In Quarantäne, [477f4b255f2bc4722ac3d6e8f90a3ec2], 
PUP.Optional.Binkiland.A, C:\Program Files (x86)\WSE_Binkiland\uninst.dat, In Quarantäne, [477f4b255f2bc4722ac3d6e8f90a3ec2], 
PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\Mediaplayersversion2.4\bgNova.html, In Quarantäne, [15b1016f2d5d1c1ab0d6ead562a1cb35], 
PUP.Optional.IStartSurf.A, C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: (), Schlecht: (   "homepage": "hxxp://www.istartsurf.com/?type=hppp&ts=1424556737&from=tugs&uid=ST1000LM014-1EJ164-SSHD_W3825FDA",), Ersetzt,[299d0b658109d75f77e756f1cf3715eb]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Leider wusste ich nicht wie man eine Log-Datei bei AdwCleaner erstellt

Vielen Dank,
Furkan

Alt 25.04.2015, 17:05   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Buzzdock Adware entfernt (oder doch nicht?) - Standard

Buzzdock Adware entfernt (oder doch nicht?)



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 25.04.2015, 17:11   #3
furkan189
 
Buzzdock Adware entfernt (oder doch nicht?) - Standard

Buzzdock Adware entfernt (oder doch nicht?)



FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2015
Ran by Muharrem (administrator) on MEC-GAMER-PC on 25-04-2015 18:09:21
Running from C:\Users\Muharrem\Downloads
Loaded Profiles: Muharrem (Available profiles: Muharrem)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(bintec elmeg GmbH) C:\Program Files (x86)\elmeg WIN-Tools\Eumex 402 WIN-Tools V1.02\ControlCenter.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7642328 2015-01-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #7] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #5] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #4] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #1] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [349680 2014-05-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Control Center.lnk [2014-11-29]
ShortcutTarget: Control Center.lnk -> C:\Program Files (x86)\elmeg WIN-Tools\Eumex 402 WIN-Tools V1.02\ControlCenter.exe (bintec elmeg GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-08-05]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Muharrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk [2014-11-11]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {968885CA-6341-4FB8-9E60-BDFC47434B56} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {968885CA-6341-4FB8-9E60-BDFC47434B56} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-122386573-4026919766-2664048506-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-122386573-4026919766-2664048506-1001 -> {968885CA-6341-4FB8-9E60-BDFC47434B56} URL = 
SearchScopes: HKU\S-1-5-21-122386573-4026919766-2664048506-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-25] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\Firefox\Extensions: [{B8B670A8-DE15-E4E2-E31A-8FFA9C39E89D}] - C:\Program Files (x86)\ver3SpeedCheck\189.xpi

Chrome: 
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-22]
CHR Extension: (YouTube) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-22]
CHR Extension: (Google Search) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-22]
CHR Extension: (Bookmark Manager) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-25]
CHR Extension: (Google Wallet) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-22]
CHR Extension: (Adblock ) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbieggejclnbaidmjajaklpankjlabnp [2015-04-25]
CHR Extension: (Gmail) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-12-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-06-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2015-01-22] (Realtek Semiconductor)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [32768 2013-08-01] (Validity Sensors, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816656 2014-06-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [162512 2014-02-14] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Apple Inc.) [File not signed]
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3488744 2014-07-22] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [466136 2014-01-15] (Realsil Semiconductor Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-16] (Apple, Inc.) [File not signed]
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
U3 McAPExe; No ImagePath
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 McProxy; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath
S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-25 18:09 - 2015-04-25 18:09 - 02099712 _____ (Farbar) C:\Users\Muharrem\Downloads\FRST64.exe
2015-04-25 18:09 - 2015-04-25 18:09 - 00022429 _____ () C:\Users\Muharrem\Downloads\FRST.txt
2015-04-25 18:09 - 2015-04-25 18:09 - 00000000 ____D () C:\FRST
2015-04-25 17:42 - 2015-04-25 17:42 - 00083465 _____ () C:\Users\Muharrem\Desktop\malware.txt
2015-04-25 17:38 - 2015-04-25 17:38 - 00002326 _____ () C:\Users\Muharrem\Desktop\Chrome App Launcher.lnk
2015-04-25 17:38 - 2015-04-25 17:38 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-25 17:26 - 2015-04-25 17:26 - 00000000 ____D () C:\Users\Muharrem\Tracing
2015-04-25 17:03 - 2015-04-25 17:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-25 17:03 - 2015-04-25 17:43 - 00000000 ____D () C:\AdwCleaner
2015-04-25 17:03 - 2015-04-25 17:03 - 02224640 _____ () C:\Users\Muharrem\Downloads\adwcleaner_4.202.exe
2015-04-25 17:03 - 2015-04-25 17:03 - 02224640 _____ () C:\Users\Muharrem\Downloads\adwcleaner_4.202 (1).exe
2015-04-25 17:03 - 2015-04-25 17:03 - 00001121 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-25 17:03 - 2015-04-25 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-25 17:03 - 2015-04-25 17:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-25 17:03 - 2015-04-25 17:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-25 17:03 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-25 17:03 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-25 17:03 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-25 17:01 - 2015-04-25 17:01 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Muharrem\Downloads\mbam-setup-majorgeeks-2.1.6.1022 (1).exe
2015-04-25 16:57 - 2015-04-25 18:02 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-25 16:57 - 2015-04-25 17:45 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-25 16:57 - 2015-04-25 16:57 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-25 16:57 - 2015-04-25 16:57 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-25 16:57 - 2015-04-25 16:57 - 00002274 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-25 16:57 - 2015-04-25 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-25 18:05 - 2015-01-20 18:22 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\Skype
2015-04-25 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-25 17:57 - 2014-11-04 20:15 - 01732816 _____ () C:\Windows\WindowsUpdate.log
2015-04-25 17:51 - 2014-05-07 07:28 - 00801992 _____ () C:\Windows\system32\perfh007.dat
2015-04-25 17:51 - 2014-05-07 07:28 - 00174994 _____ () C:\Windows\system32\perfc007.dat
2015-04-25 17:51 - 2014-03-18 11:53 - 01924576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-25 17:50 - 2014-11-04 20:29 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-122386573-4026919766-2664048506-1001
2015-04-25 17:46 - 2014-11-04 20:25 - 00000000 ____D () C:\Users\Muharrem\Documents\Youcam
2015-04-25 17:45 - 2014-11-05 16:59 - 00000000 ____D () C:\Users\Muharrem\AppData\Local\CrashDumps
2015-04-25 17:45 - 2014-11-04 20:27 - 00000000 __RDO () C:\Users\Muharrem\OneDrive
2015-04-25 17:45 - 2013-08-22 16:46 - 00036703 _____ () C:\Windows\setupact.log
2015-04-25 17:44 - 2014-03-18 11:44 - 00098298 _____ () C:\Windows\PFRO.log
2015-04-25 17:44 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-25 17:43 - 2014-11-04 20:24 - 00001020 _____ () C:\Users\Muharrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-25 17:43 - 2014-08-05 07:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-25 17:32 - 2015-02-10 17:15 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-25 17:26 - 2014-11-04 20:23 - 00000000 ____D () C:\Users\Muharrem
2015-04-25 17:25 - 2015-01-06 19:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-25 17:25 - 2015-01-06 19:03 - 00000000 ____D () C:\ProgramData\Skype
2015-04-25 17:23 - 2015-03-19 14:00 - 00000370 _____ () C:\Windows\Tasks\HPCeeScheduleForMuharrem.job
2015-04-25 17:23 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-25 17:22 - 2015-02-22 00:20 - 00000000 ____D () C:\Program Files (x86)\0ba24292-afde-462a-b6c7-7003e2cdfdfe
2015-04-25 17:22 - 2014-11-11 16:30 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-04-25 17:14 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-25 17:06 - 2015-02-21 15:12 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-25 17:06 - 2015-02-21 15:12 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-25 17:05 - 2015-02-21 15:13 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-25 17:04 - 2015-02-21 16:04 - 00000133 _____ () C:\Users\Muharrem\AppData\Roaming\WB.CFG
2015-04-25 16:57 - 2015-02-22 00:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-25 16:57 - 2015-02-22 00:04 - 00000000 ____D () C:\Users\Muharrem\AppData\Local\Deployment
2015-04-25 16:47 - 2014-11-06 18:24 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-25 16:45 - 2014-11-04 20:30 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2128375C-5976-4D56-9CE7-E62948972281}
2015-04-25 16:45 - 2014-08-05 06:51 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-25 16:41 - 2015-03-19 14:00 - 00003190 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMuharrem
2015-04-13 14:18 - 2015-01-28 13:27 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\.minecraft
2015-04-13 14:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness

==================== Files in the root of some directories =======

2015-02-21 16:04 - 2015-04-25 17:04 - 0000133 _____ () C:\Users\Muharrem\AppData\Roaming\WB.CFG
2015-02-23 17:04 - 2015-02-23 17:04 - 0000001 _____ () C:\Users\Muharrem\AppData\Local\DSI.DAT
2014-11-11 17:53 - 2014-11-11 17:53 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Muharrem\AppData\Local\Temp\0B67B108-E23C-D3A0-7B76-8F1A8920784D.dll
C:\Users\Muharrem\AppData\Local\Temp\0B67B108-E23C-D3A0-7B76-8F1A8920784D.exe
C:\Users\Muharrem\AppData\Local\Temp\49396uninstall.exe
C:\Users\Muharrem\AppData\Local\Temp\4E466674-88D9-5ABB-9326-17AE5840B93C.exe
C:\Users\Muharrem\AppData\Local\Temp\Extract.exe
C:\Users\Muharrem\AppData\Local\Temp\Intel_Technology_Access_Software.exe
C:\Users\Muharrem\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Muharrem\AppData\Local\Temp\oct97F4.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\octD78A.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\octE293.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\octEBB2.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\optprosetup.exe
C:\Users\Muharrem\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Muharrem\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Muharrem\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Muharrem\AppData\Local\Temp\SP67263.exe
C:\Users\Muharrem\AppData\Local\Temp\SP67280.exe
C:\Users\Muharrem\AppData\Local\Temp\SP67743.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68117.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68120.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68421.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68630.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69229.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69393.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69401.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69404.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69406.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69559.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69616.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69618.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69718.exe
C:\Users\Muharrem\AppData\Local\Temp\SP70271.exe
C:\Users\Muharrem\AppData\Local\Temp\SP70439.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-22 03:38

==================== End Of Log ============================
         
--- --- ---


und:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2015
Ran by Muharrem at 2015-04-25 18:09:48
Running from C:\Users\Muharrem\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-122386573-4026919766-2664048506-500 - Administrator - Disabled)
Gast (S-1-5-21-122386573-4026919766-2664048506-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-122386573-4026919766-2664048506-1003 - Limited - Enabled)
Muharrem (S-1-5-21-122386573-4026919766-2664048506-1001 - Administrator - Enabled) => C:\Users\Muharrem

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
bintec elmeg Eumex 402 WIN-Tools V1.02 (HKLM-x32\...\InstallShield_{36992359-AB01-4242-BDFF-E207B3C739F1}) (Version: 1.02.0001 - hxxp://www.bintec-elmeg.com)
bintec elmeg Eumex 402 WIN-Tools V1.02 (x32 Version: 1.02.0001 - hxxp://www.bintec-elmeg.com) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3604 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4628 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Eumex RNDIS64 Driver V1.05 (HKLM\...\{293C4FDD-FB80-48F8-8B40-F085392FDAA1}) (Version: 1.05.0000 - Deutsche Telekom)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4BBA238C-9E5D-40F9-8AC6-FACB736752B9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{F58934BD-F483-43EB-B307-CFFD88B18455}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Hilfe (HKLM-x32\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{3EDAF5B5-0CA9-4967-B103-FBFF1162C336}) (Version: 1.2.10 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) PRO/Wireless Driver (HKLM\...\{ac7ad2d7-04b3-460c-b370-07e3d3e3aa4e}) (Version: 17.01.0000.1697 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{33AD9A5D-209C-4D2A-91BB-C1F3B4BF87A3}) (Version: 17.0.1407.02 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mediaplayersversion2.4 (HKLM-x32\...\Mediaplayersversion2.4) (Version: 1.36.01.22 - PlayMCVenture)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.24 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Studie zur Verbesserung von HP Officejet 6600 Produkten (HKLM\...\{E1A11879-5771-4E52-BA2E-CD5DD65BF970}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{21498212-1146-4540-8A81-6A1328BA19F2}) (Version: 4.5.228.0 - Validity Sensors, Inc.)
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows-Treiberpaket - T-Home Net  (04/13/2012 6.0.6000.16384) (HKLM\...\C7DD251F4B6025D69B6ACC9FD647E009517A6069) (Version: 04/13/2012 6.0.6000.16384 - T-Home)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-122386573-4026919766-2664048506-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

26-02-2015 16:00:29 HPSF Applying updates
13-03-2015 14:40:32 Windows Update
15-03-2015 18:06:36 Intel(R) Technology Access
15-03-2015 18:07:18 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
24-03-2015 15:58:18 Geplanter Prüfpunkt
25-04-2015 16:44:01 Intel(R) Technology Access

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03BC9899-3BD6-4C48-A42E-D0E62CE2EC12} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {0E2054EF-DE00-4071-B9F1-DA8B1ED7C53F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {15B4188F-6CCC-4BAE-A970-11274079678D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN44O8518J => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-03-10] (Hewlett-Packard)
Task: {3040D4D9-A39E-4F06-85EC-CC9A32E16692} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-03-10] (Hewlett-Packard)
Task: {342FAE16-29BF-4E94-86FF-0339428A8DF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-03-10] (Hewlett-Packard)
Task: {57F9C946-5F08-4AA4-B50B-B3EB127CB8D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {765D3AD2-3D25-4F5C-A2FB-B6B47A91097C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {8033DC90-81FA-409A-BB66-A87E556DD799} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {8E99DA4B-1530-4923-B850-4F9A8F8334B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {937D6576-1E5C-44E8-87AD-728E088FD8B3} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {9BC863BA-1249-4F51-B58D-475F9BFDDDD1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-13] (Microsoft Corporation)
Task: {AAB52224-7300-4AEB-AB54-23EF616936BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {B6BFFEBD-66FD-45A1-96BA-197DD4CFBFEB} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-10-28] (CyberLink Corp.)
Task: {B7516258-8E20-4542-8B57-E619BD6919CE} - System32\Tasks\HPCeeScheduleForMuharrem => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {B87CC07C-8301-40CB-9C83-AC96CFAFED26} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {E7ED8FA9-A693-4A36-B0A9-2D921F78282C} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMuharrem.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2014-08-05 06:47 - 2014-09-27 05:19 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-17 13:43 - 2015-03-17 13:43 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-02-08 12:20 - 2015-02-08 12:20 - 01793248 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-03-17 14:15 - 2015-03-17 14:15 - 00355040 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 08:44 - 2013-12-04 08:44 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-04-25 16:57 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-25 16:57 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2014-08-05 06:40 - 2013-12-10 17:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-25 16:57 - 2015-04-13 23:55 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Muharrem\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-122386573-4026919766-2664048506-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2015 05:45:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxTray.exe, Version: 6.15.10.3574, Zeitstempel: 0x535821b3
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17031, Zeitstempel: 0x53087867
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005fc4
ID des fehlerhaften Prozesses: 0x12d0
Startzeit der fehlerhaften Anwendung: 0xigfxTray.exe0
Pfad der fehlerhaften Anwendung: igfxTray.exe1
Pfad des fehlerhaften Moduls: igfxTray.exe2
Berichtskennung: igfxTray.exe3
Vollständiger Name des fehlerhaften Pakets: igfxTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxTray.exe5

Error: (04/25/2015 05:43:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DeviceAssociationService, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfe3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17668, Zeitstempel: 0x54c850f5
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f12a0
ID des fehlerhaften Prozesses: 0x160
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DeviceAssociationService0
Pfad der fehlerhaften Anwendung: svchost.exe_DeviceAssociationService1
Pfad des fehlerhaften Moduls: svchost.exe_DeviceAssociationService2
Berichtskennung: svchost.exe_DeviceAssociationService3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DeviceAssociationService4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DeviceAssociationService5

Error: (04/25/2015 05:24:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxTray.exe, Version: 6.15.10.3574, Zeitstempel: 0x535821b3
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17031, Zeitstempel: 0x53087867
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005fc4
ID des fehlerhaften Prozesses: 0x5b4
Startzeit der fehlerhaften Anwendung: 0xigfxTray.exe0
Pfad der fehlerhaften Anwendung: igfxTray.exe1
Pfad des fehlerhaften Moduls: igfxTray.exe2
Berichtskennung: igfxTray.exe3
Vollständiger Name des fehlerhaften Pakets: igfxTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxTray.exe5

Error: (04/25/2015 05:16:35 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (04/25/2015 05:16:35 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (04/25/2015 05:08:54 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (04/25/2015 04:38:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxTray.exe, Version: 6.15.10.3574, Zeitstempel: 0x535821b3
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17031, Zeitstempel: 0x53087867
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000005fc4
ID des fehlerhaften Prozesses: 0x13b0
Startzeit der fehlerhaften Anwendung: 0xigfxTray.exe0
Pfad der fehlerhaften Anwendung: igfxTray.exe1
Pfad des fehlerhaften Moduls: igfxTray.exe2
Berichtskennung: igfxTray.exe3
Vollständiger Name des fehlerhaften Pakets: igfxTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxTray.exe5

Error: (04/25/2015 04:32:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2877860

Error: (04/25/2015 04:32:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2877860

Error: (04/25/2015 04:32:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (04/25/2015 05:44:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (04/25/2015 05:44:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Technology Access Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (04/25/2015 05:43:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AudioEndpointBuilder erreicht.

Error: (04/25/2015 05:43:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (04/25/2015 05:43:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/25/2015 05:43:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1069

Error: (04/25/2015 05:43:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (04/25/2015 05:43:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/25/2015 05:43:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (04/25/2015 05:43:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/25/2015 05:45:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxTray.exe6.15.10.3574535821b3combase.dll6.3.9600.1703153087867c00000050000000000005fc412d001d07f6ed4b9169aC:\Windows\system32\igfxTray.exeC:\Windows\SYSTEM32\combase.dll181bbba0-eb62-11e4-8272-303a644c4969

Error: (04/25/2015 05:43:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DeviceAssociationService6.3.9600.163845215dfe3ntdll.dll6.3.9600.1766854c850f5c000037400000000000f12a016001d07f6bd215e825C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllcad1d306-eb61-11e4-8271-303a644c4969

Error: (04/25/2015 05:24:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxTray.exe6.15.10.3574535821b3combase.dll6.3.9600.1703153087867c00000050000000000005fc45b401d07f6bf09ad772C:\Windows\system32\igfxTray.exeC:\Windows\SYSTEM32\combase.dll39b9bf4a-eb5f-11e4-8271-303a644c4969

Error: (04/25/2015 05:16:35 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (04/25/2015 05:16:35 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (04/25/2015 05:08:54 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (04/25/2015 04:38:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxTray.exe6.15.10.3574535821b3combase.dll6.3.9600.1703153087867c00000050000000000005fc413b001d07f6585ed8ddfC:\Windows\system32\igfxTray.exeC:\Windows\SYSTEM32\combase.dllc96ec382-eb58-11e4-8270-303a644c4969

Error: (04/25/2015 04:32:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2877860

Error: (04/25/2015 04:32:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2877860

Error: (04/25/2015 04:32:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2015-03-22 02:38:07.643
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-02 15:31:58.952
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-22 08:58:47.479
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-21 23:12:23.595
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-21 23:12:23.466
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-21 23:12:22.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-21 23:12:22.752
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-02 05:18:27.599
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-30 17:24:54.602
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-30 17:24:54.526
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 20%
Total physical RAM: 12218.15 MB
Available physical RAM: 9728.91 MB
Total Pagefile: 14074.15 MB
Available Pagefile: 11135.27 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:910.44 GB) (Free:842.11 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.05 GB) (Free:2.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E1B0F7F4)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 26.04.2015, 06:38   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Buzzdock Adware entfernt (oder doch nicht?) - Standard

Buzzdock Adware entfernt (oder doch nicht?)



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.04.2015, 07:17   #5
furkan189
 
Buzzdock Adware entfernt (oder doch nicht?) - Standard

Buzzdock Adware entfernt (oder doch nicht?)



Code:
ATTFilter
# AdwCleaner v4.202 - Bericht erstellt 26/04/2015 um 08:08:23
# Aktualisiert 23/04/2015 von Xplode
# Datenbank : 2015-04-23.2 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Muharrem - MEC-GAMER-PC
# Gestarted von : C:\Users\Muharrem\Downloads\AdwCleaner_4.202 (2).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{B8B670A8-DE15-E4E2-E31A-8FFA9C39E89D}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v


-\\ Google Chrome v42.0.2311.90

[C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : flliilndjeohchalpbbcdekjklbdgfkk

*************************

AdwCleaner[R0].txt - [23198 Bytes] - [25/04/2015 17:15:29]
AdwCleaner[R1].txt - [7500 Bytes] - [25/04/2015 17:42:52]
AdwCleaner[R2].txt - [1589 Bytes] - [26/04/2015 08:07:08]
AdwCleaner[S0].txt - [701 Bytes] - [25/04/2015 17:15:59]
AdwCleaner[S1].txt - [7098 Bytes] - [25/04/2015 17:43:17]
AdwCleaner[S2].txt - [1505 Bytes] - [26/04/2015 08:08:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1564  Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.3 (04.25.2015:1)
OS: Windows 8.1 x64
Ran by Muharrem on 26.04.2015 at  8:12:02,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-122386573-4026919766-2664048506-1001
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-122386573-4026919766-2664048506-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1295999415-312637518-2842970913-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1725350855-1927001909-1276192757-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-54553023-3633133686-2488693604-500



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\Muharrem\documents\optimizer pro





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.04.2015 at  8:13:35,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2015
Ran by Muharrem (administrator) on MEC-GAMER-PC on 26-04-2015 08:14:50
Running from C:\Users\Muharrem\Downloads
Loaded Profiles: Muharrem (Available profiles: Muharrem)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7642328 2015-01-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [130048 2015-04-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [726320 2015-03-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #7] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #5] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #4] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #1] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [349680 2014-05-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Control Center.lnk [2014-11-29]
ShortcutTarget: Control Center.lnk -> C:\Program Files (x86)\elmeg WIN-Tools\Eumex 402 WIN-Tools V1.02\ControlCenter.exe (bintec elmeg GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-08-05]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Muharrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk [2014-11-11]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {968885CA-6341-4FB8-9E60-BDFC47434B56} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {968885CA-6341-4FB8-9E60-BDFC47434B56} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-122386573-4026919766-2664048506-1001 -> {968885CA-6341-4FB8-9E60-BDFC47434B56} URL = 
SearchScopes: HKU\S-1-5-21-122386573-4026919766-2664048506-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Muharrem\AppData\Roaming\Mozilla\Firefox\Profiles\0EnJYoAN.default
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-25] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Extension: Avira Browser Safety - C:\Users\Muharrem\AppData\Roaming\Mozilla\Firefox\Profiles\0EnJYoAN.default\Extensions\abs@avira.com [2015-04-25]

Chrome: 
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-22]
CHR Extension: (YouTube) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-22]
CHR Extension: (Google Search) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-22]
CHR Extension: (Bookmark Manager) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-25]
CHR Extension: (Adblock Super) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-04-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-25]
CHR Extension: (Google Wallet) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-22]
CHR Extension: (Gmail) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [815920 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [434424 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [434424 2015-03-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1004280 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [205104 2015-04-10] (Avira Operations GmbH & Co. KG)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
S2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Development Company, L.P.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-12-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-06-18] ()
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2015-01-22] (Realtek Semiconductor)
S2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [32768 2013-08-01] (Validity Sensors, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816656 2014-06-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-24] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [162512 2014-02-14] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3488744 2014-07-22] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [466136 2014-01-15] (Realsil Semiconductor Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
U3 McAPExe; No ImagePath
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 McProxy; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath
S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 08:14 - 2015-04-26 08:14 - 02099712 _____ (Farbar) C:\Users\Muharrem\Downloads\FRST64 (1).exe
2015-04-26 08:13 - 2015-04-26 08:13 - 00001629 _____ () C:\Users\Muharrem\Desktop\JRT.txt
2015-04-26 08:12 - 2015-04-26 08:12 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MEC-GAMER-PC-Windows-8.1-(64-bit).dat
2015-04-26 08:12 - 2015-04-26 08:12 - 00000000 ____D () C:\RegBackup
2015-04-26 08:07 - 2015-04-26 08:07 - 02686590 _____ (Thisisu) C:\Users\Muharrem\Downloads\JRT.exe
2015-04-26 08:06 - 2015-04-26 08:06 - 02224640 _____ () C:\Users\Muharrem\Downloads\AdwCleaner_4.202 (2).exe
2015-04-25 21:03 - 2015-04-25 21:03 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\OpenOffice
2015-04-25 20:53 - 2015-04-25 20:53 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-04-25 20:53 - 2015-04-25 20:53 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-04-25 20:53 - 2015-04-25 20:53 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-04-25 20:52 - 2015-04-25 21:14 - 00000733 _____ () C:\Users\Muharrem\Desktop\Was ich gemacht habe_Furkan_.txt
2015-04-25 20:52 - 2015-04-25 20:52 - 164858324 _____ () C:\Users\Muharrem\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2015-04-25 20:52 - 2015-04-25 20:52 - 00000000 ____D () C:\Users\Muharrem\Documents\OpenOffice 4.1.1 (de) Installation Files
2015-04-25 20:14 - 2015-04-25 20:14 - 00001772 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\Program Files\iTunes
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\Program Files\iPod
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-25 20:14 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-04-25 20:13 - 2015-04-25 20:14 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-25 20:13 - 2015-04-25 20:13 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-04-25 20:13 - 2015-04-25 20:13 - 00000000 ____D () C:\Program Files\Bonjour
2015-04-25 20:13 - 2015-04-25 20:13 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-04-25 20:12 - 2015-04-25 20:13 - 152362800 _____ (Apple Inc.) C:\Users\Muharrem\Downloads\iTunes6464Setup.exe
2015-04-25 20:05 - 2015-04-25 20:05 - 00001870 _____ () C:\Users\Public\Desktop\GeoGebra.lnk
2015-04-25 20:05 - 2015-04-25 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 5
2015-04-25 20:04 - 2015-04-25 20:05 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 5.0
2015-04-25 20:04 - 2015-04-25 20:04 - 58972232 _____ (International GeoGebra Institute) C:\Users\Muharrem\Downloads\GeoGebra-Windows-Installer-5-0-82-0.exe
2015-04-25 19:34 - 2015-04-25 19:34 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\Mozilla
2015-04-25 19:34 - 2015-04-25 19:34 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\Avira
2015-04-25 19:32 - 2015-03-24 14:59 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-04-25 19:32 - 2015-03-24 14:59 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-04-25 19:32 - 2015-03-24 14:59 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-04-25 19:32 - 2015-03-24 14:59 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-04-25 19:31 - 2015-04-25 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-25 19:31 - 2015-04-25 19:32 - 00000000 ____D () C:\ProgramData\Avira
2015-04-25 19:31 - 2015-04-25 19:32 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-25 19:31 - 2015-04-25 19:31 - 00001230 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-04-25 19:28 - 2015-04-25 19:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-25 19:28 - 2015-04-25 19:28 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-25 19:27 - 2015-04-25 19:27 - 04636584 _____ (Avira Operations GmbH & Co. KG) C:\Users\Muharrem\Downloads\avira_de_av_553bcf773667a__ws.exe
2015-04-25 19:04 - 2015-04-25 19:04 - 00638976 _____ () C:\Users\Muharrem\Downloads\Detection (1).msi
2015-04-25 19:01 - 2015-04-25 19:01 - 00638976 _____ () C:\Users\Muharrem\Downloads\Detection.msi
2015-04-25 18:49 - 2015-04-25 18:49 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-25 18:49 - 2015-04-25 18:49 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-25 18:25 - 2015-04-25 18:25 - 00000424 _____ () C:\Users\Muharrem\Desktop\Arbeitsplatz.lnk
2015-04-25 18:25 - 2015-04-25 18:25 - 00000366 _____ () C:\Users\Muharrem\Desktop\Alle Systemsteuerungselemente.lnk
2015-04-25 18:24 - 2015-04-25 18:24 - 04441861 _____ ((c) 2006-2011, Tom Thielicke IT Solutions ) C:\Users\Muharrem\Downloads\tipp10_win_v2-1-0.exe
2015-04-25 18:24 - 2015-04-25 18:24 - 00000998 _____ () C:\Users\Muharrem\Desktop\TIPP10.lnk
2015-04-25 18:24 - 2015-04-25 18:24 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\TIPP10
2015-04-25 18:24 - 2015-04-25 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TIPP10
2015-04-25 18:24 - 2015-04-25 18:24 - 00000000 ____D () C:\Program Files (x86)\Tipp10
2015-04-25 18:09 - 2015-04-26 08:14 - 00020476 _____ () C:\Users\Muharrem\Downloads\FRST.txt
2015-04-25 18:09 - 2015-04-26 08:14 - 00000000 ____D () C:\FRST
2015-04-25 18:09 - 2015-04-25 18:10 - 00031182 _____ () C:\Users\Muharrem\Downloads\Addition.txt
2015-04-25 18:09 - 2015-04-25 18:09 - 02099712 _____ (Farbar) C:\Users\Muharrem\Downloads\FRST64.exe
2015-04-25 17:42 - 2015-04-25 17:42 - 00083465 _____ () C:\Users\Muharrem\Desktop\malware.txt
2015-04-25 17:38 - 2015-04-25 17:38 - 00002326 _____ () C:\Users\Muharrem\Desktop\Chrome App Launcher.lnk
2015-04-25 17:38 - 2015-04-25 17:38 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-25 17:26 - 2015-04-25 17:26 - 00000000 ____D () C:\Users\Muharrem\Tracing
2015-04-25 17:14 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-25 17:14 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-25 17:14 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-25 17:14 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-25 17:03 - 2015-04-26 08:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-25 17:03 - 2015-04-26 08:08 - 00000000 ____D () C:\AdwCleaner
2015-04-25 17:03 - 2015-04-25 17:03 - 02224640 _____ () C:\Users\Muharrem\Downloads\adwcleaner_4.202.exe
2015-04-25 17:03 - 2015-04-25 17:03 - 02224640 _____ () C:\Users\Muharrem\Downloads\adwcleaner_4.202 (1).exe
2015-04-25 17:03 - 2015-04-25 17:03 - 00001121 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-25 17:03 - 2015-04-25 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-25 17:03 - 2015-04-25 17:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-25 17:03 - 2015-04-25 17:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-25 17:03 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-25 17:03 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-25 17:03 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-25 17:01 - 2015-04-25 17:01 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Muharrem\Downloads\mbam-setup-majorgeeks-2.1.6.1022 (1).exe
2015-04-25 16:57 - 2015-04-26 08:09 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-25 16:57 - 2015-04-25 21:02 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-25 16:57 - 2015-04-25 16:57 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-25 16:57 - 2015-04-25 16:57 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-25 16:57 - 2015-04-25 16:57 - 00002274 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-25 16:57 - 2015-04-25 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-25 16:50 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-25 16:50 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-25 16:50 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-25 16:50 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-25 16:50 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-25 16:50 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-25 16:50 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-25 16:50 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-25 16:50 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-25 16:50 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-25 16:50 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-25 16:50 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-25 16:50 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-25 16:50 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-25 16:50 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-25 16:50 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-25 16:50 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-25 16:50 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-25 16:50 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-25 16:50 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-25 16:50 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-25 16:50 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-25 16:50 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-25 16:50 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-25 16:50 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-25 16:50 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-25 16:50 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-25 16:50 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-25 16:50 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-25 16:50 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-25 16:50 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-25 16:50 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-25 16:50 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-25 16:50 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-25 16:50 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-25 16:50 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-25 16:50 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-25 16:50 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-25 16:50 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-25 16:50 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-25 16:50 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-25 16:50 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-25 16:50 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-25 16:50 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-25 16:50 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-25 16:50 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-25 16:50 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-25 16:50 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-25 16:50 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-25 16:50 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-25 16:50 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-25 16:50 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-25 16:50 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-25 16:50 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-25 16:50 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-25 16:50 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-25 16:50 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-25 16:50 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-25 16:50 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-25 16:50 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-25 16:50 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-25 16:50 - 2014-10-29 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2015-04-25 16:50 - 2014-10-29 04:43 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-04-25 16:50 - 2014-10-29 04:17 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-04-25 16:50 - 2014-10-29 03:58 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-04-25 16:50 - 2014-10-29 03:38 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-04-25 16:50 - 2014-10-29 03:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-04-25 16:50 - 2014-10-29 03:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-04-25 16:50 - 2014-10-29 03:04 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-04-25 16:50 - 2014-10-29 03:04 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 08:13 - 2014-05-07 07:28 - 00801992 _____ () C:\Windows\system32\perfh007.dat
2015-04-26 08:13 - 2014-05-07 07:28 - 00174994 _____ () C:\Windows\system32\perfc007.dat
2015-04-26 08:13 - 2014-03-18 11:53 - 01924576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-26 08:11 - 2015-01-20 18:22 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\Skype
2015-04-26 08:11 - 2014-11-04 20:25 - 00000000 ____D () C:\Users\Muharrem\Documents\Youcam
2015-04-26 08:11 - 2014-11-04 20:15 - 01178951 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 08:10 - 2014-11-04 20:27 - 00000000 __RDO () C:\Users\Muharrem\OneDrive
2015-04-26 08:09 - 2013-08-22 16:46 - 00038531 _____ () C:\Windows\setupact.log
2015-04-26 08:09 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-26 08:09 - 2013-08-22 16:44 - 00369560 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-26 08:08 - 2014-03-18 11:44 - 00235598 _____ () C:\Windows\PFRO.log
2015-04-26 08:08 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-26 08:05 - 2014-11-05 16:59 - 00000000 ____D () C:\Users\Muharrem\AppData\Local\CrashDumps
2015-04-26 08:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-25 20:38 - 2014-11-04 20:23 - 00000000 ____D () C:\Users\Muharrem\AppData\Local\NVIDIA Corporation
2015-04-25 20:30 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-25 20:13 - 2014-11-11 16:30 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-04-25 20:13 - 2014-08-05 06:54 - 00000000 ____D () C:\ProgramData\Apple
2015-04-25 19:27 - 2014-08-05 06:51 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-25 18:50 - 2014-11-11 16:27 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-25 18:49 - 2014-11-11 16:27 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-25 18:30 - 2015-02-22 14:49 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\TS3Client
2015-04-25 17:43 - 2014-11-04 20:24 - 00001020 _____ () C:\Users\Muharrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-25 17:43 - 2014-08-05 07:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-25 17:26 - 2014-11-04 20:23 - 00000000 ____D () C:\Users\Muharrem
2015-04-25 17:25 - 2015-01-06 19:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-25 17:25 - 2015-01-06 19:03 - 00000000 ____D () C:\ProgramData\Skype
2015-04-25 17:23 - 2015-03-19 14:00 - 00000370 _____ () C:\Windows\Tasks\HPCeeScheduleForMuharrem.job
2015-04-25 17:22 - 2015-02-22 00:20 - 00000000 ____D () C:\Program Files (x86)\0ba24292-afde-462a-b6c7-7003e2cdfdfe
2015-04-25 17:06 - 2015-02-21 15:12 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-25 17:06 - 2015-02-21 15:12 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-25 17:05 - 2015-02-21 15:13 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-25 17:04 - 2015-02-21 16:04 - 00000133 _____ () C:\Users\Muharrem\AppData\Roaming\WB.CFG
2015-04-25 16:57 - 2015-02-22 00:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-25 16:57 - 2015-02-22 00:04 - 00000000 ____D () C:\Users\Muharrem\AppData\Local\Deployment
2015-04-25 16:47 - 2014-11-06 18:24 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-25 16:45 - 2014-11-04 20:30 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2128375C-5976-4D56-9CE7-E62948972281}
2015-04-25 16:41 - 2015-03-19 14:00 - 00003190 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMuharrem
2015-04-14 01:24 - 2014-11-11 22:38 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-11-11 22:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 14:18 - 2015-01-28 13:27 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\.minecraft
2015-04-13 14:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-28 05:44 - 2015-01-20 18:47 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-08-05 06:48 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2015-01-20 18:47 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-08-05 06:48 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

==================== Files in the root of some directories =======

2015-02-21 16:04 - 2015-04-25 17:04 - 0000133 _____ () C:\Users\Muharrem\AppData\Roaming\WB.CFG
2015-02-23 17:04 - 2015-02-23 17:04 - 0000001 _____ () C:\Users\Muharrem\AppData\Local\DSI.DAT
2014-11-11 17:53 - 2014-11-11 17:53 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Muharrem\AppData\Local\Temp\0B67B108-E23C-D3A0-7B76-8F1A8920784D.dll
C:\Users\Muharrem\AppData\Local\Temp\0B67B108-E23C-D3A0-7B76-8F1A8920784D.exe
C:\Users\Muharrem\AppData\Local\Temp\49396uninstall.exe
C:\Users\Muharrem\AppData\Local\Temp\4E466674-88D9-5ABB-9326-17AE5840B93C.exe
C:\Users\Muharrem\AppData\Local\Temp\avgnt.exe
C:\Users\Muharrem\AppData\Local\Temp\Extract.exe
C:\Users\Muharrem\AppData\Local\Temp\Intel_Technology_Access_Software.exe
C:\Users\Muharrem\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Muharrem\AppData\Local\Temp\oct97F4.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\octD78A.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\octE293.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\octEBB2.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\optprosetup.exe
C:\Users\Muharrem\AppData\Local\Temp\Quarantine.exe
C:\Users\Muharrem\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Muharrem\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Muharrem\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Muharrem\AppData\Local\Temp\SP67263.exe
C:\Users\Muharrem\AppData\Local\Temp\SP67280.exe
C:\Users\Muharrem\AppData\Local\Temp\SP67743.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68117.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68120.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68421.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68630.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69229.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69393.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69401.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69404.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69406.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69559.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69616.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69618.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69718.exe
C:\Users\Muharrem\AppData\Local\Temp\SP70271.exe
C:\Users\Muharrem\AppData\Local\Temp\SP70439.exe
C:\Users\Muharrem\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-25 18:47

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Alt 26.04.2015, 18:11   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Buzzdock Adware entfernt (oder doch nicht?) - Standard

Buzzdock Adware entfernt (oder doch nicht?)




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Buzzdock Adware entfernt (oder doch nicht?)

Alt 26.04.2015, 19:56   #7
furkan189
 
Buzzdock Adware entfernt (oder doch nicht?) - Standard

Buzzdock Adware entfernt (oder doch nicht?)



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3b1969b462fe7f4d8432bdbc6d243219
# engine=23570
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-26 06:26:14
# local_time=2015-04-26 08:26:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 99304 7155166 0 0
# scanned=247231
# found=15
# cleaned=15
# scan_time=3631
sh=0641D63D85DA4259B27FA455972E762B6FC04092 ft=1 fh=b7e7d2287abcc02c vn="Variante von Win32/ELEX.BH evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=E4C51103D6527150021A7A50CC34E34E537E915C ft=1 fh=7300db18e9b1ec0e vn="Win32/ReImageRepair.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Muharrem\AppData\Local\Temp\ReimageRepair.exe.vir"
sh=237C114350FB88969CFAF5F800B74F9CE2606D85 ft=1 fh=c44df78671649048 vn="Variante von Win32/ReImageRepair.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Microsoft\Windows\INetCache\IE\1B99E7K7\ReimagePackage1811x64a[1].exe"
sh=82903410CD8F52A0D6DF311EB4CD780190818F4D ft=1 fh=3531f32c7f98c281 vn="Variante von Win32/ReImageRepair.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Microsoft\Windows\INetCache\IE\36PI9G7E\ReimageRepair.exe"
sh=F965B6E946F9451EE1DD562375B8FEED47EAA860 ft=1 fh=7a5f561a9ef0363f vn="Variante von Win32/ReImageRepair.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Microsoft\Windows\INetCache\IE\7TTLR6HS\ReimagePackage1808x64e[1].exe"
sh=E4C51103D6527150021A7A50CC34E34E537E915C ft=1 fh=7300db18e9b1ec0e vn="Win32/ReImageRepair.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Microsoft\Windows\INetCache\IE\UXQ3RN0T\ReimageRepair[1].exe"
sh=F46C959BD22A47EC34B578DBE21B17E692A76F8D ft=1 fh=c71c0011b0d00539 vn="Variante von Win32/Adware.AddLyrics.DR Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Temp\0B67B108-E23C-D3A0-7B76-8F1A8920784D.exe"
sh=4713AB4E96C0B41EBA9D83B616AEBEE111FE3922 ft=1 fh=b75cd5027ef91744 vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Temp\49396uninstall.exe"
sh=F5550589158F72492509AD2AE6DBDFC7FBE0B4A9 ft=1 fh=c71c0011b0566c79 vn="Variante von Win32/Adware.AddLyrics.DQ Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Temp\4E466674-88D9-5ABB-9326-17AE5840B93C.exe"
sh=8B02740E091D6DF14B947545CBC9E46DE914A549 ft=1 fh=a1c13e38a961154a vn="Variante von Win32/OptimizerEliteMax.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Temp\optprosetup.exe"
sh=237C114350FB88969CFAF5F800B74F9CE2606D85 ft=1 fh=c44df78671649048 vn="Variante von Win32/ReImageRepair.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Temp\ReimagePackage.exe"
sh=4C7FF09DBA96C9BDD54E3CB26736E72266FB8A4A ft=1 fh=e82afa3eac52d223 vn="Variante von Win32/InstallCore.WQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Temp\331980515.Uninstall\uninstaller.exe"
sh=4C7FF09DBA96C9BDD54E3CB26736E72266FB8A4A ft=1 fh=e82afa3eac52d223 vn="Variante von Win32/InstallCore.WQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Temp\702500.Uninstall\uninstaller.exe"
sh=045E7922FED9CAB4D9A99D6669D850B216A03091 ft=1 fh=c848713468f5e9d3 vn="Win32/UniBlue.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Temp\is-QKG1J.tmp\pm-standalone-setup.exe"
sh=4C7FF09DBA96C9BDD54E3CB26736E72266FB8A4A ft=1 fh=e82afa3eac52d223 vn="Variante von Win32/InstallCore.WQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Muharrem\AppData\Local\Temp\is1488139799\5D4B7A38_stp\uninstaller.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.00  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus    
Windows Defender   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 45  
 Java version 32-bit out of Date! 
 Google Chrome (42.0.2311.90) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Avira Antivirus sched.exe  
 Avira Antivirus avshadow.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by Muharrem (administrator) on MEC-GAMER-PC on 26-04-2015 20:56:44
Running from C:\Users\Muharrem\Downloads
Loaded Profiles: Muharrem (Available profiles: Muharrem)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(bintec elmeg GmbH) C:\Program Files (x86)\elmeg WIN-Tools\Eumex 402 WIN-Tools V1.02\ControlCenter.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Muharrem\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7642328 2015-01-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [130048 2015-04-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [726320 2015-03-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #7] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #5] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #4] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #1] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [349680 2014-05-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Control Center.lnk [2014-11-29]
ShortcutTarget: Control Center.lnk -> C:\Program Files (x86)\elmeg WIN-Tools\Eumex 402 WIN-Tools V1.02\ControlCenter.exe (bintec elmeg GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-08-05]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Muharrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk [2014-11-11]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {968885CA-6341-4FB8-9E60-BDFC47434B56} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {968885CA-6341-4FB8-9E60-BDFC47434B56} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-122386573-4026919766-2664048506-1001 -> {968885CA-6341-4FB8-9E60-BDFC47434B56} URL = 
SearchScopes: HKU\S-1-5-21-122386573-4026919766-2664048506-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Muharrem\AppData\Roaming\Mozilla\Firefox\Profiles\0EnJYoAN.default
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-25] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Extension: Avira Browser Safety - C:\Users\Muharrem\AppData\Roaming\Mozilla\Firefox\Profiles\0EnJYoAN.default\Extensions\abs@avira.com [2015-04-25]

Chrome: 
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-22]
CHR Extension: (YouTube) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-22]
CHR Extension: (Google Search) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-22]
CHR Extension: (Bookmark Manager) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-25]
CHR Extension: (Adblock Super) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-04-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-25]
CHR Extension: (Google Wallet) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-22]
CHR Extension: (Gmail) - C:\Users\Muharrem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [815920 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [434424 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [434424 2015-03-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1004280 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [205104 2015-04-10] (Avira Operations GmbH & Co. KG)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-12-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-06-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2015-01-22] (Realtek Semiconductor)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [32768 2013-08-01] (Validity Sensors, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816656 2014-06-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-24] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [162512 2014-02-14] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3488744 2014-07-22] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [466136 2014-01-15] (Realsil Semiconductor Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U3 McAPExe; No ImagePath
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 McProxy; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath
S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 20:56 - 2015-04-26 20:56 - 00023615 _____ () C:\Users\Muharrem\Downloads\FRST.txt
2015-04-26 20:55 - 2015-04-26 20:55 - 02101248 _____ (Farbar) C:\Users\Muharrem\Downloads\FRST64.exe
2015-04-26 20:54 - 2015-04-26 20:54 - 01140736 _____ (Farbar) C:\Users\Muharrem\Downloads\FRST.exe
2015-04-26 20:50 - 2015-04-26 20:50 - 00852616 _____ () C:\Users\Muharrem\Downloads\SecurityCheck.exe
2015-04-26 19:22 - 2015-04-26 19:22 - 02347384 _____ (ESET) C:\Users\Muharrem\Downloads\esetsmartinstaller_deu.exe
2015-04-26 19:22 - 2015-04-26 19:22 - 02347384 _____ (ESET) C:\Users\Muharrem\Downloads\esetsmartinstaller_deu (1).exe
2015-04-26 19:22 - 2015-04-26 19:22 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-26 10:35 - 2015-04-26 10:43 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-122386573-4026919766-2664048506-1001
2015-04-26 08:13 - 2015-04-26 08:13 - 00001629 _____ () C:\Users\Muharrem\Desktop\JRT.txt
2015-04-26 08:12 - 2015-04-26 08:12 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MEC-GAMER-PC-Windows-8.1-(64-bit).dat
2015-04-26 08:12 - 2015-04-26 08:12 - 00000000 ____D () C:\RegBackup
2015-04-25 21:03 - 2015-04-25 21:03 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\OpenOffice
2015-04-25 20:53 - 2015-04-25 20:53 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-04-25 20:53 - 2015-04-25 20:53 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-04-25 20:53 - 2015-04-25 20:53 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-04-25 20:52 - 2015-04-25 20:52 - 00000000 ____D () C:\Users\Muharrem\Documents\OpenOffice 4.1.1 (de) Installation Files
2015-04-25 20:14 - 2015-04-25 20:14 - 00001772 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\Program Files\iTunes
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\Program Files\iPod
2015-04-25 20:14 - 2015-04-25 20:14 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-25 20:14 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-04-25 20:13 - 2015-04-25 20:14 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-25 20:13 - 2015-04-25 20:13 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-04-25 20:13 - 2015-04-25 20:13 - 00000000 ____D () C:\Program Files\Bonjour
2015-04-25 20:13 - 2015-04-25 20:13 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-04-25 19:34 - 2015-04-25 19:34 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\Mozilla
2015-04-25 19:34 - 2015-04-25 19:34 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\Avira
2015-04-25 19:32 - 2015-03-24 14:59 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-04-25 19:32 - 2015-03-24 14:59 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-04-25 19:32 - 2015-03-24 14:59 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-04-25 19:32 - 2015-03-24 14:59 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-04-25 19:31 - 2015-04-25 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-25 19:31 - 2015-04-25 19:32 - 00000000 ____D () C:\ProgramData\Avira
2015-04-25 19:31 - 2015-04-25 19:32 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-25 19:31 - 2015-04-25 19:31 - 00001230 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-04-25 19:28 - 2015-04-25 19:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-25 19:28 - 2015-04-25 19:28 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-25 19:04 - 2015-04-25 19:04 - 00638976 _____ () C:\Users\Muharrem\Downloads\Detection (1).msi
2015-04-25 19:01 - 2015-04-25 19:01 - 00638976 _____ () C:\Users\Muharrem\Downloads\Detection.msi
2015-04-25 18:49 - 2015-04-25 18:49 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-25 18:49 - 2015-04-25 18:49 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-25 18:25 - 2015-04-25 18:25 - 00000424 _____ () C:\Users\Muharrem\Desktop\Arbeitsplatz.lnk
2015-04-25 18:25 - 2015-04-25 18:25 - 00000366 _____ () C:\Users\Muharrem\Desktop\Alle Systemsteuerungselemente.lnk
2015-04-25 18:24 - 2015-04-25 18:24 - 00000998 _____ () C:\Users\Muharrem\Desktop\TIPP10.lnk
2015-04-25 18:24 - 2015-04-25 18:24 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\TIPP10
2015-04-25 18:24 - 2015-04-25 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TIPP10
2015-04-25 18:24 - 2015-04-25 18:24 - 00000000 ____D () C:\Program Files (x86)\Tipp10
2015-04-25 18:09 - 2015-04-26 20:56 - 00000000 ____D () C:\FRST
2015-04-25 18:09 - 2015-04-25 18:10 - 00031182 _____ () C:\Users\Muharrem\Downloads\Addition.txt
2015-04-25 17:42 - 2015-04-25 17:42 - 00083465 _____ () C:\Users\Muharrem\Desktop\malware.txt
2015-04-25 17:38 - 2015-04-25 17:38 - 00002326 _____ () C:\Users\Muharrem\Desktop\Chrome App Launcher.lnk
2015-04-25 17:38 - 2015-04-25 17:38 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-25 17:26 - 2015-04-25 17:26 - 00000000 ____D () C:\Users\Muharrem\Tracing
2015-04-25 17:14 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-25 17:14 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-25 17:14 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-25 17:14 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-25 17:14 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-25 17:03 - 2015-04-26 08:08 - 00000000 ____D () C:\AdwCleaner
2015-04-25 17:03 - 2015-04-25 17:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-25 17:01 - 2015-04-25 17:01 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Muharrem\Downloads\mbam-setup-majorgeeks-2.1.6.1022 (1).exe
2015-04-25 16:57 - 2015-04-26 20:02 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-25 16:57 - 2015-04-26 10:16 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-25 16:57 - 2015-04-25 16:57 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-25 16:57 - 2015-04-25 16:57 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-25 16:57 - 2015-04-25 16:57 - 00002274 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-25 16:57 - 2015-04-25 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-25 16:50 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-25 16:50 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-25 16:50 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-25 16:50 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-25 16:50 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-25 16:50 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-25 16:50 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-25 16:50 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-25 16:50 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-25 16:50 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-25 16:50 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-25 16:50 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-25 16:50 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-25 16:50 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-25 16:50 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-25 16:50 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-25 16:50 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-25 16:50 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-25 16:50 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-25 16:50 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-25 16:50 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-25 16:50 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-25 16:50 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-25 16:50 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-25 16:50 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-25 16:50 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-25 16:50 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-25 16:50 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-25 16:50 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-25 16:50 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-25 16:50 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-25 16:50 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-25 16:50 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-25 16:50 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-25 16:50 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-25 16:50 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-25 16:50 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-25 16:50 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-25 16:50 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-25 16:50 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-25 16:50 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-25 16:50 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-25 16:50 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-25 16:50 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-25 16:50 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-25 16:50 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-25 16:50 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-25 16:50 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-25 16:50 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-25 16:50 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-25 16:50 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-25 16:50 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-25 16:50 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-25 16:50 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-25 16:50 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-25 16:50 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-25 16:50 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-25 16:50 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-25 16:50 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-25 16:50 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-25 16:50 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-25 16:50 - 2014-10-29 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2015-04-25 16:50 - 2014-10-29 04:43 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-04-25 16:50 - 2014-10-29 04:17 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-04-25 16:50 - 2014-10-29 03:58 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-04-25 16:50 - 2014-10-29 03:38 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-04-25 16:50 - 2014-10-29 03:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-04-25 16:50 - 2014-10-29 03:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-04-25 16:50 - 2014-10-29 03:04 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-04-25 16:50 - 2014-10-29 03:04 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 20:55 - 2015-01-20 18:22 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\Skype
2015-04-26 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-26 19:38 - 2014-11-04 20:15 - 01707008 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-26 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-26 10:27 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-26 10:20 - 2014-05-07 07:28 - 00801992 _____ () C:\Windows\system32\perfh007.dat
2015-04-26 10:20 - 2014-05-07 07:28 - 00174994 _____ () C:\Windows\system32\perfc007.dat
2015-04-26 10:20 - 2014-03-18 11:53 - 01924576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-26 10:17 - 2014-11-04 20:25 - 00000000 ____D () C:\Users\Muharrem\Documents\Youcam
2015-04-26 10:16 - 2014-11-05 16:59 - 00000000 ____D () C:\Users\Muharrem\AppData\Local\CrashDumps
2015-04-26 10:16 - 2014-11-04 20:27 - 00000000 __RDO () C:\Users\Muharrem\OneDrive
2015-04-26 08:26 - 2013-08-22 16:46 - 00039020 _____ () C:\Windows\setupact.log
2015-04-26 08:26 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-26 08:25 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-26 08:09 - 2013-08-22 16:44 - 00369560 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-26 08:08 - 2014-03-18 11:44 - 00235598 _____ () C:\Windows\PFRO.log
2015-04-25 20:38 - 2014-11-04 20:23 - 00000000 ____D () C:\Users\Muharrem\AppData\Local\NVIDIA Corporation
2015-04-25 20:30 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-25 20:13 - 2014-11-11 16:30 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-04-25 20:13 - 2014-08-05 06:54 - 00000000 ____D () C:\ProgramData\Apple
2015-04-25 19:27 - 2014-08-05 06:51 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-25 18:50 - 2014-11-11 16:27 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-25 18:49 - 2014-11-11 16:27 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-25 18:30 - 2015-02-22 14:49 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\TS3Client
2015-04-25 17:43 - 2014-11-04 20:24 - 00001020 _____ () C:\Users\Muharrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-25 17:43 - 2014-08-05 07:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-25 17:26 - 2014-11-04 20:23 - 00000000 ____D () C:\Users\Muharrem
2015-04-25 17:25 - 2015-01-06 19:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-25 17:25 - 2015-01-06 19:03 - 00000000 ____D () C:\ProgramData\Skype
2015-04-25 17:23 - 2015-03-19 14:00 - 00000370 _____ () C:\Windows\Tasks\HPCeeScheduleForMuharrem.job
2015-04-25 17:22 - 2015-02-22 00:20 - 00000000 ____D () C:\Program Files (x86)\0ba24292-afde-462a-b6c7-7003e2cdfdfe
2015-04-25 17:06 - 2015-02-21 15:12 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-25 17:06 - 2015-02-21 15:12 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-25 17:05 - 2015-02-21 15:13 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-25 17:04 - 2015-02-21 16:04 - 00000133 _____ () C:\Users\Muharrem\AppData\Roaming\WB.CFG
2015-04-25 16:57 - 2015-02-22 00:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-25 16:57 - 2015-02-22 00:04 - 00000000 ____D () C:\Users\Muharrem\AppData\Local\Deployment
2015-04-25 16:47 - 2014-11-06 18:24 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-25 16:45 - 2014-11-04 20:30 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2128375C-5976-4D56-9CE7-E62948972281}
2015-04-25 16:41 - 2015-03-19 14:00 - 00003190 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMuharrem
2015-04-14 01:24 - 2014-11-11 22:38 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-11-11 22:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 14:18 - 2015-01-28 13:27 - 00000000 ____D () C:\Users\Muharrem\AppData\Roaming\.minecraft
2015-03-28 05:44 - 2015-01-20 18:47 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-08-05 06:48 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2015-01-20 18:47 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-08-05 06:48 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

==================== Files in the root of some directories =======

2015-02-21 16:04 - 2015-04-25 17:04 - 0000133 _____ () C:\Users\Muharrem\AppData\Roaming\WB.CFG
2015-02-23 17:04 - 2015-02-23 17:04 - 0000001 _____ () C:\Users\Muharrem\AppData\Local\DSI.DAT
2014-11-11 17:53 - 2014-11-11 17:53 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Muharrem\AppData\Local\Temp\0B67B108-E23C-D3A0-7B76-8F1A8920784D.dll
C:\Users\Muharrem\AppData\Local\Temp\avgnt.exe
C:\Users\Muharrem\AppData\Local\Temp\Extract.exe
C:\Users\Muharrem\AppData\Local\Temp\Intel_Technology_Access_Software.exe
C:\Users\Muharrem\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Muharrem\AppData\Local\Temp\oct97F4.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\octD78A.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\octE293.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\octEBB2.tmp.exe
C:\Users\Muharrem\AppData\Local\Temp\Quarantine.exe
C:\Users\Muharrem\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Muharrem\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Muharrem\AppData\Local\Temp\SP67263.exe
C:\Users\Muharrem\AppData\Local\Temp\SP67280.exe
C:\Users\Muharrem\AppData\Local\Temp\SP67743.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68117.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68120.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68421.exe
C:\Users\Muharrem\AppData\Local\Temp\SP68630.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69229.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69393.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69401.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69404.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69406.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69559.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69616.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69618.exe
C:\Users\Muharrem\AppData\Local\Temp\SP69718.exe
C:\Users\Muharrem\AppData\Local\Temp\SP70271.exe
C:\Users\Muharrem\AppData\Local\Temp\SP70439.exe
C:\Users\Muharrem\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-25 18:47

==================== End Of Log ============================
         
--- --- ---

Alt 27.04.2015, 14:54   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Buzzdock Adware entfernt (oder doch nicht?) - Standard

Buzzdock Adware entfernt (oder doch nicht?)



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #7] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #5] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #4] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-21-122386573-4026919766-2664048506-1001\...\RunOnce: [Application Restart #1] => C:\Users\Muharrem\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (the data entry has 577 more characters).
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [349680 2014-05-07] (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Buzzdock Adware entfernt (oder doch nicht?)
install.exe, installmanager.exe, pup.optional.binkiland.a, pup.optional.binkiland.c, pup.optional.browserapps.a, pup.optional.crossrider.a, pup.optional.crossrider.c, pup.optional.dynconie.a, pup.optional.globalupdate.a, pup.optional.globalupdate.c, pup.optional.globalupdate.t, pup.optional.hometab.a, pup.optional.ihprotect.a, pup.optional.iminent.a, pup.optional.installcore.c, pup.optional.istartsurf.a, pup.optional.mediaplayer.a, pup.optional.modgoog, pup.optional.multiie.a, pup.optional.searchprotect.a, pup.optional.strongsignal.a, pup.optional.suptab.a, pup.optional.veribrowse.a, pup.optional.vosteran, pup.optional.wajam.a, pup.optional.windowsmangerprotect.a, pup.optional.wpm.a, refresh



Ähnliche Themen: Buzzdock Adware entfernt (oder doch nicht?)


  1. Frage zu Adware (oder doch Trojaner?)
    Plagegeister aller Art und deren Bekämpfung - 08.04.2014 (6)
  2. Sicherheitslücke oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 23.02.2014 (1)
  3. Alles ok oder doch nicht?
    Log-Analyse und Auswertung - 11.01.2014 (11)
  4. BKA Virus - oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 24.10.2013 (23)
  5. TrojanDropper:Win32/Sirefef.B -oder doch nicht
    Plagegeister aller Art und deren Bekämpfung - 19.10.2013 (3)
  6. Qv06 enfternt oder doch nicht?
    Log-Analyse und Auswertung - 22.08.2013 (9)
  7. Infiziert oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 25.05.2013 (23)
  8. Pud.Adware.Agent entfernt oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (2)
  9. System Sauber oder doch nicht?
    Log-Analyse und Auswertung - 26.10.2012 (16)
  10. VIRUS oder doch nicht
    Plagegeister aller Art und deren Bekämpfung - 06.08.2011 (1)
  11. Virus oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 21.07.2011 (44)
  12. System Tool (doch nicht?) entfernt - Google Chrome startet nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 15.03.2011 (16)
  13. Antimalware Doctor ist weg oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 17.06.2010 (27)
  14. Zlob weg..oder doch nicht??
    Log-Analyse und Auswertung - 03.08.2006 (1)
  15. Net Sky, oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 19.12.2005 (3)
  16. Alles im grünen bereich, oder doch nicht ?
    Log-Analyse und Auswertung - 19.08.2004 (5)
  17. Offene Ports.. Na und? Oder doch nicht?
    Antiviren-, Firewall- und andere Schutzprogramme - 22.06.2004 (5)

Zum Thema Buzzdock Adware entfernt (oder doch nicht?) - Hallo alle zusammen, ich habe mir einen gebrauchten Laptop erworben, der leider voll ist mit Adware wie z. B. Buzzdock. Ich habe versucht mit Malwarebytes und den AdwCleaner das Problem - Buzzdock Adware entfernt (oder doch nicht?)...
Archiv
Du betrachtest: Buzzdock Adware entfernt (oder doch nicht?) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.