| Kischlan | 19.02.2015 20:27 |
Windows7 erkennt mein passwort nicht mehr und ich habe keinen Zugriff auf meinen Laptop
Hallo Schrauber,
alles ausgeführt. Ist ja ordentlich was gescannt worden.
Anbei die txt Dateien. Code:
# AdwCleaner v4.111 - Bericht erstellt 19/02/2015 um 19:53:43
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Jürgen - JÜRGEN-TOSH
# Gestarted von : C:\Users\Jürgen\Microsoftordner\Downloads\AdwCleaner_4.111.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : vToolbarUpdater18.1.9
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\AVG Security Toolbar
Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Jürgen\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Datei Gelöscht : C:\Windows\SysWOW64\conduitEngine.tmp
Datei Gelöscht : C:\Users\Jürgen\daemonprocess.txt
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Components\AskSearch.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\zor0s508.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\zor0s508.default\user.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{031B4CBA-9A81-4B15-A2CC-011B0290DF40}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6C4BB0DD-1EDD-468A-94D4-2A8F6FBF2693}
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\SearchProtectINT
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17631
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
-\\ Mozilla Firefox v35.0.1 (x86 en-US)
[zor0s508.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.xpiState", "{\"app-profile\":{\"support@graphon.com\":{\"d\":\"C:\\\\Users\\\\Jürgen\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\zor0s508.default\\\\extensions\\\\[...]
-\\ Google Chrome v40.0.2214.111
[C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
[C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Startup_URLs] : hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP38846B78-24C5-43AE-BD20-3EFDB82BEAF9&SSPV=
[C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Startup_URLs] : Search the web safely using the AVG Security Toolbar
*************************
AdwCleaner[R0].txt - [14165 Bytes] - [19/02/2015 19:51:01]
AdwCleaner[S0].txt - [12856 Bytes] - [19/02/2015 19:53:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12916 Bytes] ##########
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 19.02.2015
Suchlauf-Zeit: 19:06:36
Logdatei: suchlauf_mbam.txt
Administrator: Ja
Version: 2.00.4.1028
Malware Datenbank: v2015.02.19.07
Rootkit Datenbank: v2015.02.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Jürgen
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 407956
Verstrichene Zeit: 24 Min, 25 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 6
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3026183686-3233854659-1903953540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Keine Aktion durch Benutzer, [450e2bf56921a78fbf5b58b3c1425ea2],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, Keine Aktion durch Benutzer, [59faeb35b5d58aacdc14397f1be87f81],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3026183686-3233854659-1903953540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, Keine Aktion durch Benutzer, [b2a1041cfa903ff7713a8b1239ca8d73],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-3026183686-3233854659-1903953540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, Keine Aktion durch Benutzer, [c58e0818137740f6431e237ed0336e92],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3026183686-3233854659-1903953540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCHPROTECTINT, Keine Aktion durch Benutzer, [71e234eca7e3ec4a1addebf1ec17ed13],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-3026183686-3233854659-1903953540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, Keine Aktion durch Benutzer, [8dc6c65a9af0cd69a7485761a65d9868],
Registrierungswerte: 4
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Keine Aktion durch Benutzer, [ed66d24eb3d7e3536c33ab020ff452ae]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Keine Aktion durch Benutzer, [381b011f58328aac1b845e4fa26110f0]
PUP.Optional.NextLive.A, HKU\S-1-5-21-3026183686-3233854659-1903953540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\Jürgen\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, Keine Aktion durch Benutzer, [6ce7bd63d9b19b9b7bc1a935c83b1ee2]
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3026183686-3233854659-1903953540-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCHPROTECTINT|Install, 1, Keine Aktion durch Benutzer, [71e234eca7e3ec4a1addebf1ec17ed13]
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 11
PUP.Optional.NextLive.A, C:\Users\Jürgen\AppData\Roaming\newnext.me, Keine Aktion durch Benutzer, [a3b066ba1674082eba5399c110f3a060],
PUP.Optional.NextLive.A, C:\Users\Jürgen\AppData\Roaming\newnext.me\cache, Keine Aktion durch Benutzer, [a3b066ba1674082eba5399c110f3a060],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.SystemSpeedup, C:\Users\Jürgen\AppData\Roaming\Systweak\ssd, Keine Aktion durch Benutzer, [173c51cff89254e2be8985eb3bc8f709],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\CSS, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
Dateien: 89
PUP.Optional.NextLive.A, C:\Users\Jürgen\AppData\Roaming\newnext.me\nengine.cookie, Keine Aktion durch Benutzer, [a3b066ba1674082eba5399c110f3a060],
PUP.Optional.NextLive.A, C:\Users\Jürgen\AppData\Roaming\newnext.me\cache\spark.bin, Keine Aktion durch Benutzer, [a3b066ba1674082eba5399c110f3a060],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\1.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\a.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\b.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\c.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\d.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\e.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\f.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\g.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\h.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\i.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\J.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\k.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\l.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\m.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\mru.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\n.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\o.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\p.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\q.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\r.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\s.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\t.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\u.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\v.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\w.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\x.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\y.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.PriceGong.A, C:\Users\Jürgen\AppData\LocalLow\PriceGong\Data\z.xml, Keine Aktion durch Benutzer, [a1b2f52bee9c999d3b9ddc7fed1647b9],
PUP.Optional.SystemSpeedup, C:\Users\Jürgen\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, Keine Aktion durch Benutzer, [173c51cff89254e2be8985eb3bc8f709],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\bg.html, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\bg.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\manifest.json, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\options.htm, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\options.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\popup.html, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\popup.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\redirect.html, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\redirect.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\CSS\border.css, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-1.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-2.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-3.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\fb.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\fblike.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\gmail.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\google.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\googleplus.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-1.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-2.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-3.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\left.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-1.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-2.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-3.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\mgsplusvideo.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-1.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-2.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-3.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\PBShopop.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\pinit.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\right.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\searchBox.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-1.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-2.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-3.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\twitter.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-1.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-2.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-3.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\BackPageRemove.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\defaultBlockList.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\documentEvents.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\externalJS.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\FBImagePreview.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\InternalJS.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\jquery-1.9.0.min.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\PluginWrapper.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\publisherDefinitions.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\tabReload.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\TopFrameJS.js, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\Shopop.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\Shopop128.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\Shopop16.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.SmartBar.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\Shopop48.png, Keine Aktion durch Benutzer, [391a5ac6345684b2108d790d43c06c94],
PUP.Optional.Conduit.A, C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ({"apps":{"shortcuts_have_been_created":true},"backup":{"session":{"startup_urls":["hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP38846B78-24C5-43AE-BD20-3EFDB82BEAF9&SSPV="]}},"browser":{"last_known_google_url":"https://www.google.de/","last_prompted_google_url":"https://www.google.de/","show_home_button":true,"window_placement":{"bottom":710,"left":10,"maximized":false,"right":1060,"top":10,"work_area_bottom":720,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":17477,"default_apps_install_state":3,"default_search_provider":{"synced_guid":"7C6DA1F7-1924-4099-8A8C-56E49A7252C4"},"default_search_provider_data":{"template_url_data":{"enabled":true,"favicon_url":"hxxp://www.bing.com/favicon.ico","id":"4","input_encodings":"UTF-8","instant_url":"","keyword":"bing.com","prepopulate_id":"0","short_name":"Bing","suggestions_url":"hxxp://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&form=UP97DF&PC=UP97","synced_guid":"7C6DA1F7-1924-4099-8A8C-56E49A7252C4","url":"hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}"}},"distribution":{"create_all_shortcuts":true,"do_not_launch_chrome":true,"import_history":false,"import_search_engine":false,"make_chrome_default":false,"ping_delay":-60,"skip_first_run_ui":false,"verbose_logging":false},"dns_prefetching":{"host_referral_list":[2,["hxxp://ad.doubleclick.net/",["hxxp://ad.doubleclick.net/",2.27338020,"hxxp://cas.criteo.com/",2.27338020,"hxxp://cas.nl.eu.criteo.com/",2.27338020,"hxxp://d.startpagea.com/",2.27338020]],["hxxp://d.startpagea.com/",["hxxp://cdn.startpagea.com/",2.27338020,"hxxp://counter.d.startpagea.com/",2.27338020]],["hxxp://search.conduit.com/",["hxxp://ad.doubleclick.net/",2.27338020,"hxxp://resources.search.conduit.com/",3.594660999999999,"hxxp://storage.conduit.com/",2.27338020]],["hxxp://www.google.com/",["hxxp://www.google.de/",1.010424211242183]],["hxxp://www.google.de/",["hxxp://ssl.gstatic.com/",2.025335319191497,"hxxp://www.google.com/",2.025335319191497,"hxxp://www.google.de/",4.085291754950370]],["https://www.google.com/",["https://apis.google.com/",2.025335319191497,"https://fonts.googleapis.com/",2.025335319191497,"https://ssl.google-analytics.com/",2.025335319191497,"https://ssl.gstatic.com/",2.025335319191497,"https://www.google.com/",4.379571245773065]]],"startup_list":[1,"hxxp://ad.doubleclick.net/","hxxp://cas.criteo.com/","hxxp://cas.nl.eu.criteo.com/","hxxp://cdn.startpagea.com/","hxxp://d.startpagea.com/","hxxp://resources.search.conduit.com/","hxxp://search.conduit.com/","hxxp://storage.conduit.com/","https://clients2.google.com/","https://clients2.googleusercontent.com/"]},"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"13034875292505208","next_check":"13034891909247208"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"],"newtab":["chrome-extension://amfclgbdpgndipgoegfpkkgobahigbcl/redirect.html"]},"known_disabled":["ndibdjnfmopecpmkdieinmbadjfpblof"],"last_chrome_version":"32.0.1700.76","settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","webstorePrivate"]},"app_launcher_ordinal":"n","creation_flags":1,"from_bookmark":false,"from_webstore":false,"install_time":"13030369758299464","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Chrome Web Store","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Store","permissions":["webstorePrivate","management"],"version":"0.2"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\31.0.1650.57\\resources\\web_store","was_installed_by_default":false},"amfclgbdpgndipgoegfpkkgobahigbcl":{"ack_external":true,"active_permissions":{"explicit_host":["hxxp://*/*","https://*/*"],"scriptable_host":["<all_urls>","hxxp://*/*","https://*/*"]},"creation_flags":1,"from_bookmark":false,"from_webstore":false,"granted_permissions":{"api":["cookies","management","plugin","tabs","webNavigation"],"explicit_host":["hxxp://*/*","https://*/*"],"scriptable_host":["<all_urls>","hxxp://*/*","https://*/*"]},"install_time":"13011896408908791","lastpingday":"13034851201632040","location":1,"manifest":{"chrome_url_overrides":{"newtab":"redirect.html"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDt7DFf5JV3nSkEFOB8mTacUzbdeOPlqba3Pv+WJe5DLXzssFkS8ZrcgIs7J04d2LazhzE5czs4pESOPe0cuFQ0xc2fNx3I+csmRXaKJk7vpy8GSRHPKvqukFZQaiDp9XgU9mnpbBjrZekAqP/y+Uzy3pKyz1OtXX6PlOoFJqa8eQIDAQAB","manifest_version":2,"name":"New Tab Page","version":"1.4"},"path":"amfclgbdpgndipgoegfpkkgobahigbcl\\1.4_0","state":1,"was_installed_by_default":false},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"lastpingday":"13034160001937869"},"coobgpohoikkiipiblmjeljniedjpjpf":{"lastpingday":"13034160001937869"},"eemcgdkfndhakfknompkggombfjjjeno":{"active_permissions":{"api":["bookmarks","bookmarkManagerPrivate","metricsPrivate","systemPrivate","tabs"],"explicit_host":["chrome://favicon/*","chrome://resources/*"]},"creation_flags":1,"from_bookmark":false,"from_webstore":false,"initial_keybindings_set":true,"install_time":"13030369758297464","location":5,"manifest":{"chrome_url_overrides":{"bookmarks":"main.html"},"content_security_policy":"object-src 'none'; script-src chrome://resources 'self'","description":"Bookmark Manager","incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+eN9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB","manifest_version":2,"name":"Bookmark Manager","permissions":["bookmarks","bookmarkManagerPrivate","metricsPrivate","systemPrivate","tabs","chrome://favicon/","chrome://resources/"],"version":"0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\31.0.1650.57\\resources\\bookmark_manager","was_installed_by_default":false},"ennkphjdgehloodpbhlhldgbnhmacadg":{"active_permissions":{"api":["app.currentWindowInternal","app.runtime","app.window"],"explicit_host":["chrome://settings-frame/*"]},"creation_flags":1,"events":["app.runtime.onLaunched"],"from_bookmark":false,"from_webstore":false,"initial_keybindings_set":true,"install_time":"13030369758300464","location":5,"manifest":{"app":{"background":{"scripts":["settings_app.js"]}},"description":"Settings","display_in_launcher":false,"icons":{"128":"settings_app_icon_128.png","16":"settings_app_icon_16.png","32":"settings_app_icon_32.png","48":"settings_app_icon_48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoVDPGX6fvKPVVgc+gnkYlGqHuuapgFDyKhsy4z7UzRLO/95zXPv8h8e5EacqbAQJLUbP6DERH5jowyNEYVxq9GJyntJMwP1ejvoz/52hnY3CCGGCmttmKzzpp5zwLuq3iZf8bslwywfflNUYtaCFSDa0TtrBZz0aOPrAAd/AhNwIDAQAB","manifest_version":2,"name":"Settings","permissions":["chrome://settings-frame/"],"version":"0.2"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\31.0.1650.57\\resources\\settings_app","running":false,"was_installed_by_default":false},"gfdkimpbcpahaombhbimeihdjnejgicl":{"active_permissions":{"api":["app.currentWindowInternal","app.runtime","app.window","feedbackPrivate"],"explicit_host":["chrome://resources/*"]},"creation_flags":1,"events":["feedbackPrivate.onFeedbackRequested"],"from_bookmark":false,"from_webstore":false,"initial_keybindings_set":true,"install_time":"13030369758300464","location":5,"manifest":{"app":{"background":{"scripts":["js/event_handler.js"]},"content_security_policy":"default-src 'none'; script-src 'self' chrome://resources; style-src 'unsafe-inline' *; img-src *; media-src 'self'"},"description":"User feedback extension","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"32":"images/icon32.png","64":"images/icon64.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMZElzFX2J1g1nRQ/8S3rg/1CjFyDltWOxQg+9M8aVgNVxbutEWFQz+oQzIP9BB67mJifULgiv12ToFKsae4NpEUR8sPZjiKDIHumc6pUdixOm8SJ5Rs16SMR6+VYxFUjlVW+5CA3IILptmNBxgpfyqoK0qRpBDIhGk1KDEZ4zqQIDAQAB","manifest_version":2,"name":"Feedback","permissions":["feedbackPrivate","chrome://resources/"],"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\31.0.1650.57\\resources\\feedback","running":false,"was_installed_by_default":false},"mfehgcgbbipciphmccgaenjidiccnmng":{"active_permissions":{"api":["cloudPrintPrivate"]},"creation_flags":1,"from_bookmark":false,"from_webstore":false,"install_time":"13030369758298464","location":5,"manifest":{"app":{"launch":{"web_url":"https://www.google.com/cloudprint"},"urls":["https://www.google.com/cloudprint/enable_chrome_connector"]},"description":"Cloud Print","display_in_launcher":false,"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqOhnwk4+HXVfGyaNsAQdU/js1Na56diW08oF1MhZiwzSnJsEaeuMN9od9q9N4ZdK3o1xXOSARrYdE+syV7Dl31nf6qz3A6K+D5NHe6sSB9yvYlIiN37jdWdrfxxE0pRYEVYZNTe3bzq3NkcYJlOdt1UPcpJB+isXpAGUKUvt7EQIDAQAB","name":"Cloud Print","permissions":["cloudPrintPrivate"],"version":"0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\31.0.1650.57\\resources\\cloud_print","was_installed_by_default":false},"mgndgikekgjfcpckkfioiadnlibdjbkf":{"app_launcher_ordinal":"h","creation_flags":1,"from_bookmark":false,"from_webstore":false,"install_time":"13030369758299464","location":5,"manifest":{"app":{"launch":{"web_url":"hxxp://THIS-WILL-BE-REPLACED"}},"description":"Chrome as an app","display_in_launcher":true,"display_in_new_tab_page":false,"icons":{"128":"product_logo_128.png","16":"product_logo_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNuYLEQ1QPMcc5HfWI/9jiEf6FdJWqEtgRmIeI7qtjPLBM5oje+Ny2E2mTAhou5qdJiO2CHWdU1DQXY2F7Zu2gZaKZgHLfK4WimHxUT5Xd9/aro/R9PCzjguM1BLusiWYc9xlj1IsZpyiN1hcjU7SCnBhv1feQlv2WSB5KRiXwhQIDAQAB","name":"Chrome","version":"0.1"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\31.0.1650.57\\resources\\chrome_app","was_installed_by_default":false},"ndibdjnfmopecpmkdieinmbadjfpblof":{"ack_prompt_count":1,"active_permissions":{"api":["browsingData","cookies","history","management","nativeMessaging","tabs","unlimitedStorage","webNavigation","webRequest","webRequestBlocking","webRequestInternal"],"explicit_host":["<all_urls>","chrome://favicon/*","hxxp://dnt.cloud.avg.com/*","hxxp://dntf.cloud.avg.com/*"],"scriptable_host":["<all_urls>","hxxp://toolbar.avg.com/*"]},"creation_flags":1,"from_bookmark":false,"from_webstore":false,"initial_keybindings_set":true,"install_time":"13034874944190040","lastpingday":"13034851200763208","location":3,"manifest":{"background":{"page":"content/background.html"},"browser_action":{"default_icon":"content/icons/logoAVG.png","default_title":"AVG Do Not Track"},"content_scripts":[{"all_frames":false,"js":["content/js/content.js"],"matches":["<all_urls>"],"run_at":"document_end"},{"js":["content/js/ntinject.js"],"matches":["hxxp://toolbar.avg.com/*"]}],"content_security_policy":"script-src 'self' 'unsafe-eval'; object-src 'self'","current_locale":"de","default_locale":"en","description":"Search the web safely using the AVG Security Toolbar","icons":{"128":"content/icons/128-AVG-logo.png","16":"content/icons/16-AVG-logo.png","48":"content/icons/48-AVG-logo.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDaBhCcd8V6V8SwALoaT+A51wnypeg3PtHPFZ6/1OKPFykl5ejJUJj4iBdO6hwupZS9r69OFb9AF0NPAxXqMfuh/mVqguifgJiqVV7tLaQ5tGAIy0pACKYaTICVePngldEIu1VNSf8A+YoQIt0LL7arZL5E/0iIoqX4Yd04Q8X2HwIDAQAB","manifest_version":2,"name":"AVG Security Toolbar","permissions":["<all_urls>","tabs","webNavigation","unlimitedStorage","cookies","management","webRequest","webRequestBlocking","hxxp://dnt.cloud.avg.com/","hxxp://dntf.cloud.avg.com/","browsingData","history","nativeMessaging"],"version":"17.3.0.49"},"path":"ndibdjnfmopecpmkdieinmbadjfpblof\\17.3.0.49_0","state":0,"was_installed_by_default":false},"nkeimhogjdpnpccoofpliimaahmaaome":{"active_permissions":{"api":["desktopCapture","webConnectable","webrtcAudioPrivate","webrtcLoggingPrivate","system.cpu"]},"creation_flags":1,"from_bookmark":false,"from_webstore":false,"initial_keybindings_set":true,"install_time":"13034874936098434","location":5,"manifest":{"background":{"page":"background.html","persistent":false},"externally_connectable":{"matches":["https://*.google.com/hangouts*","*://localhost/*"]},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAQt2ZDdPfoSe/JI6ID5bgLHRCnCu9T36aYczmhw/tnv6QZB2I6WnOCMZXJZlRdqWc7w9jo4BWhYS50Vb4weMfh/I0On7VcRwJUgfAxW2cHB+EkmtI1v4v/OU24OqIa1Nmv9uRVeX0GjhQukdLNhAE6ACWooaf5kqKlCeK+1GOkQIDAQAB","manifest_version":2,"name":"Hangout Services","permissions":["desktopCapture","system.cpu","webrtcAudioPrivate","webrtcLoggingPrivate"],"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\32.0.1700.76\\resources\\hangout_services","was_installed_by_default":false},"nmmhkkegccagdldgiimedpiccmgmieda":{"ack_external":true,"active_permissions":{"api":["app.currentWindowInternal","app.runtime","app.window","identity","webRequestInternal","webview"],"explicit_host":["https://checkout.google.com/*","https://sandbox.google.com/*","https://www.google.com/*","https://www.googleapis.com/*"]},"creation_flags":137,"events":["app.runtime.onLaunched"],"from_bookmark":false,"from_webstore":true,"initial_keybindings_set":true,"install_time":"13034874944362040","lastpingday":"13034851201632040","location":10,"manifest":{"app":{"background":{"scripts":["craw_background.js"]}},"current_locale":"de","default_locale":"en","description":"Google Wallet für digitale Produkte","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"Google Wallet","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/sierra","https://www.googleapis.com/auth/sierrasandbox","https://www.googleapis.com/auth/chromewebstore","https://www.googleapis.com/auth/chromewebstore.readonly"]},"permissions":["identity","webview","https://checkout.google.com/","https://sandbox.google.com/checkout/","https://www.google.com/","https://www.googleapis.com/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.0.6.0"},"path":"nmmhkkegccagdldgiimedpiccmgmieda\\0.0.6.0_0","running":false,"state":1,"was_installed_by_default":true},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"]},"app_launcher_ordinal":"t","creation_flags":137,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"]},"install_time":"13030369765536514","lastpingday":"13034851201632040","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"de","default_locale":"en","description":"Schneller E-Mail-Dienst mit Suchfunktion und wenig Spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","name":"Google Mail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"7"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\7_1","state":1,"was_installed_by_default":true}},"toolbar":["ndibdjnfmopecpmkdieinmbadjfpblof"],"toolbarsize":-1},"first_run_tabs":["hxxp://www.google.com/","hxxp://welcome_page"],"gesture":{"config_is_trustworthy":true},"google":{"services":{"signin":{"LSID":"","SID":""}}},"homepage":"hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP","homepage_is_newtabpage":false,"intl":{"accept_languages":"de-DE,de,en-US,en"},"invalidator":{"client_id":"m3u1GXovgabbpSN35Gmamg=="},"net":{"http_server_properties":{"servers":{"ad.doubleclick.net:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"},"supports_spdy":false},"clients2.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"clients2.googleusercontent.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":69,"6":0},"supports_spdy":true}},"version":2}},"pinned_tabs":[],"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"migrated_to_pepper_flash":true,"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":2,"managed_user_id":"","name":"Erster Nutzer"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP38846B78-24C5-43AE-BD20-3EFDB82BEAF9&SSPV="],"startup_urls_migration_time":"13034874935989434"},"sync_promo":{"show_on_first_run_allowed":false,"user_skipped":true},"translate_blocked_languages":["de"]}), Keine Aktion durch Benutzer,[5201c7596f1bcb6ba7ecf60de6209e62]
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end)
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 19.02.2015 19:05:36, SYSTEM, JÃ?RGEN-TOSH, Protection, Malware Protection, Starting,
Protection, 19.02.2015 19:05:36, SYSTEM, JÃ?RGEN-TOSH, Protection, Malware Protection, Started,
Protection, 19.02.2015 19:05:36, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Starting,
Protection, 19.02.2015 19:05:37, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Started,
Update, 19.02.2015 19:05:39, SYSTEM, JÃ?RGEN-TOSH, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 19.02.2015 19:05:39, SYSTEM, JÃ?RGEN-TOSH, Manual, Rootkit Database, 2014.11.18.1, 2015.2.3.1,
Update, 19.02.2015 19:05:55, SYSTEM, JÃ?RGEN-TOSH, Manual, Malware Database, 2014.11.20.6, 2015.2.19.7,
Protection, 19.02.2015 19:05:55, SYSTEM, JÃ?RGEN-TOSH, Protection, Refresh, Starting,
Protection, 19.02.2015 19:05:55, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Stopping,
Protection, 19.02.2015 19:05:55, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Stopped,
Protection, 19.02.2015 19:06:00, SYSTEM, JÃ?RGEN-TOSH, Protection, Refresh, Success,
Protection, 19.02.2015 19:06:00, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Starting,
Protection, 19.02.2015 19:06:00, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Started,
Update, 19.02.2015 19:20:06, SYSTEM, JÃ?RGEN-TOSH, Scheduler, Malware Database, 2015.2.19.7, 2015.2.19.8,
Protection, 19.02.2015 19:20:06, SYSTEM, JÃ?RGEN-TOSH, Protection, Refresh, Starting,
Protection, 19.02.2015 19:20:06, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Stopping,
Protection, 19.02.2015 19:20:06, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Stopped,
Protection, 19.02.2015 19:21:36, SYSTEM, JÃ?RGEN-TOSH, Protection, Refresh, Success,
Protection, 19.02.2015 19:21:36, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Starting,
Protection, 19.02.2015 19:21:51, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Started,
Scan, 19.02.2015 19:35:22, SYSTEM, JÃ?RGEN-TOSH, Manual, Start: % 1 "% 2", Dauer: % 1 min 24 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 110-Malwareerkennung,
Protection, 19.02.2015 19:40:12, SYSTEM, JÃ?RGEN-TOSH, Protection, Malware Protection, Starting,
Protection, 19.02.2015 19:40:12, SYSTEM, JÃ?RGEN-TOSH, Protection, Malware Protection, Started,
Protection, 19.02.2015 19:40:12, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Starting,
Protection, 19.02.2015 19:43:27, SYSTEM, JÃ?RGEN-TOSH, Protection, Malicious Website Protection, Started,
(end)
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Jrgen on 19.02.2015 at 20:05:45,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ FireFox
Emptied folder: C:\Users\Jrgen\AppData\Roaming\mozilla\firefox\profiles\zor0s508.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.02.2015 at 20:10:28,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Jürgen (administrator) on JÜRGEN-TOSH on 19-02-2015 20:18:18
Running from C:\Users\Jürgen\Microsoftordner\Downloads
Loaded Profiles: Jürgen (Available profiles: Jürgen)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxeccoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BTSQLINSTANZ\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
() C:\Program Files (x86)\FSC\LASER MOUSE\1.0\GTGMouse.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
() C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Microsoft Corporation) C:\Windows\System32\wiawow64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Jürgen\Microsoftordner\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505768 2010-05-25] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1504608 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705432 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403656 2012-04-27] (Acronis)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [GTGMOUSE] => C:\Program Files (x86)\FSC\LASER MOUSE\1.0\GTGMouse.exe [483328 2007-01-22] ()
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5993136 2012-04-27] (Acronis)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [1173680 2012-04-27] (Acronis)
HKLM-x32\...\Run: [HTC Sync Loader] => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [659456 2013-09-03] ()
HKLM-x32\...\Run: [TOSDCR] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\TOSDCR.exe [169296 2007-08-28] ()
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252728 2010-04-01] (TOSHIBA)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\MountPoints2: {5c83799a-072d-11e4-ab64-0023186cf290} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\MountPoints2: {62ef8253-696e-11e4-8b75-0023186cf290} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\MountPoints2: {8295785c-37e7-11e4-8d48-0023186cf290} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\MountPoints2: {a293d87f-329c-11e0-9ba6-e839df8dc452} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\MountPoints2: {e7ada472-2399-11e0-9ad4-0023186cf290} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\MountPoints2: {e7ada47b-2399-11e0-9ad4-0023186cf290} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnk
ShortcutTarget: ScanSnap Manager.lnk -> C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe (PFU LIMITED)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
URLSearchHook: HKU\S-1-5-21-3026183686-3233854659-1903953540-1001 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
URLSearchHook: HKU\S-1-5-21-3026183686-3233854659-1903953540-1001 - (No Name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No File
SearchScopes: HKLM -> {6C129A2E-77BD-47D8-A6E3-D0C3B547864A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {B5D4FA2A-E352-43EC-93C6-211F7717F961} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3026183686-3233854659-1903953540-1001 -> {17B00150-D910-4061-9244-CB6709A5C32A} URL = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-3026183686-3233854659-1903953540-1001 -> {A2D2058D-26BE-4796-97B8-412BACD5CC8A} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - No Name - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {1241F20B-0688-45A5-ADB2-208AFE4A5DDC} https://goglobal4lic.maklersoftware.com/goglobal/plugins/gg-activex.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\zor0s508.default
FF NewTab: about:blank
FF SearchEngineOrder.3: Bing
FF Homepage: hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP|hxxp://www.t-online.de/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3026183686-3233854659-1903953540-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Jürgen\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: GraphOn GO-Global - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\zor0s508.default\Extensions\support@graphon.com [2014-09-17]
FF Extension: Adblock Plus - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\zor0s508.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-16]
FF HKU\S-1-5-21-3026183686-3233854659-1903953540-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
CHR Extension: (Gmail) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432592 2014-11-04] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4942384 2014-10-17] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 lxec_device; C:\Windows\system32\lxeccoms.exe [1052328 2010-04-14] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$BTSQLINSTANZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BTSQLINSTANZ\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S4 SQLAgent$BTSQLINSTANZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BTSQLINSTANZ\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2253112 2014-07-14] (AVG)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2014-07-14] (AVG)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [35640 2014-07-14] (AVG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-18] (AVG Technologies)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 20:10 - 2015-02-19 20:10 - 00000830 _____ () C:\Users\Jürgen\Desktop\JRT.txt
2015-02-19 20:00 - 2015-02-19 20:00 - 00013057 _____ () C:\Users\Jürgen\Desktop\AdwCleaner.txt
2015-02-19 19:50 - 2015-02-19 19:54 - 00000000 ____D () C:\AdwCleaner
2015-02-19 19:46 - 2015-02-19 19:46 - 00040563 _____ () C:\Users\Jürgen\Desktop\suchlauf_mbam.txt
2015-02-19 19:45 - 2015-02-19 19:45 - 00002718 _____ () C:\Users\Jürgen\Desktop\mbam.txt
2015-02-19 19:39 - 2015-02-19 19:39 - 00000950 _____ () C:\Windows\PFRO.log
2015-02-19 19:05 - 2015-02-19 20:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-19 19:05 - 2015-02-19 19:05 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-19 19:05 - 2015-02-19 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-19 19:05 - 2015-02-19 19:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-19 19:05 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-19 19:05 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-19 18:55 - 2015-02-19 18:55 - 00001235 _____ () C:\Users\Jürgen\Desktop\Revo Uninstaller.lnk
2015-02-19 18:55 - 2015-02-19 18:55 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-16 15:36 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-16 15:36 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-16 15:36 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-16 15:36 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-16 10:44 - 2015-02-19 20:18 - 00000000 ____D () C:\FRST
2015-02-16 10:19 - 2015-02-16 10:19 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-02-16 10:19 - 2015-02-16 10:19 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-02-16 08:35 - 2015-02-16 14:57 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-16 08:35 - 2015-02-16 14:57 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-16 08:35 - 2015-02-16 09:02 - 00000000 ____D () C:\Users\TEMP
2015-02-16 08:35 - 2012-12-13 07:57 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\TuneUp Software
2015-02-16 08:35 - 2010-06-08 14:07 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2015-02-11 08:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 08:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 08:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 08:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 08:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 08:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 08:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 08:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 08:17 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 08:17 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 08:17 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 08:17 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 08:17 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 08:17 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 08:17 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 08:17 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 08:17 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 08:17 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 08:17 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 08:17 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 08:17 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 08:17 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 08:16 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 08:16 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 08:16 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 08:16 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 08:16 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 08:16 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 08:16 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 08:16 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 08:16 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 08:16 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 08:16 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 08:16 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 08:16 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 08:16 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 08:16 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 08:16 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 08:16 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 08:16 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 08:16 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 08:16 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 08:16 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 08:16 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 08:16 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 08:16 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 08:16 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 08:16 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 08:16 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 08:16 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 08:16 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 08:16 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 08:16 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 08:16 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 08:16 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 08:16 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 08:16 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 08:16 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 08:16 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 08:16 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 08:16 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 08:16 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 08:16 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 08:16 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 08:16 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 08:16 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 08:16 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 08:16 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 08:16 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 08:16 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 08:16 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 08:16 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 08:16 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 08:16 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 08:16 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 08:16 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 08:16 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 08:16 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 08:16 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 08:16 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 08:16 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 08:16 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 08:16 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 08:16 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 08:16 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 08:16 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 08:16 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 08:16 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 08:16 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 08:16 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 08:16 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 08:16 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 08:16 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 08:16 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 08:15 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 08:15 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 08:15 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 08:15 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 08:15 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 08:15 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 08:15 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 08:15 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 08:15 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 08:15 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 08:15 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 08:14 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 08:14 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 08:14 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 08:14 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 08:14 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 08:14 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 08:14 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 08:14 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 08:14 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 08:11 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 07:48 - 2015-02-19 19:56 - 00000560 _____ () C:\Windows\setupact.log
2015-02-11 07:48 - 2015-02-11 07:48 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-06 16:20 - 2015-02-06 16:20 - 00002393 _____ () C:\Users\Jürgen\Desktop\KV_Handbuch_2015 - Verknüpfung.lnk
2015-01-27 08:09 - 2015-02-07 15:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 20:12 - 2014-07-18 12:57 - 00000568 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3026183686-3233854659-1903953540-1001.job
2015-02-19 20:11 - 2011-01-12 09:21 - 01834996 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-19 20:11 - 2009-07-14 18:58 - 00768968 _____ () C:\Windows\system32\perfh007.dat
2015-02-19 20:11 - 2009-07-14 18:58 - 00175586 _____ () C:\Windows\system32\perfc007.dat
2015-02-19 20:07 - 2012-03-29 13:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-19 20:05 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-19 20:05 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-19 20:02 - 2012-04-23 19:45 - 01277181 _____ () C:\Windows\WindowsUpdate.log
2015-02-19 20:00 - 2011-01-19 08:19 - 00000000 ____D () C:\Users\Jürgen\Documents\Bluetooth
2015-02-19 19:58 - 2014-01-01 13:21 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Htc
2015-02-19 19:58 - 2013-12-31 11:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\HTC MediaHub
2015-02-19 19:57 - 2014-05-10 10:02 - 00030862 _____ () C:\ProgramData\lxecscan.log
2015-02-19 19:57 - 2013-04-13 13:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-19 19:57 - 2013-01-24 18:16 - 00000354 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2015-02-19 19:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-19 19:54 - 2011-01-10 19:20 - 00000000 ____D () C:\Users\Jürgen
2015-02-19 19:36 - 2011-01-12 08:54 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-19 19:20 - 2013-04-13 13:37 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-19 19:05 - 2013-07-06 15:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-19 18:46 - 2011-01-13 11:39 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{142C1BD4-C66B-4BAB-9E3E-FCDEE8E43573}
2015-02-19 18:30 - 2011-01-13 10:34 - 00000480 _____ () C:\Windows\BRWMARK.INI
2015-02-18 18:46 - 2011-01-21 10:03 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\CutePDF Writer
2015-02-18 12:28 - 2014-07-18 12:57 - 00003602 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3026183686-3233854659-1903953540-1001
2015-02-17 11:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-16 14:57 - 2014-06-25 06:47 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-02-16 14:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-11 13:20 - 2009-07-14 05:45 - 00355264 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 13:16 - 2014-12-12 07:59 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 13:16 - 2014-07-10 18:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 11:36 - 2013-09-10 08:43 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 11:33 - 2013-08-14 14:44 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 11:28 - 2011-01-24 12:35 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-07 15:23 - 2010-06-08 12:58 - 00000000 ____D () C:\Windows\Panther
2015-02-07 15:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-02-05 12:07 - 2012-03-29 13:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 12:07 - 2012-03-29 13:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 12:07 - 2011-06-03 15:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 08:15 - 2013-04-13 13:37 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 08:15 - 2013-04-13 13:37 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 10:56 - 2014-05-10 10:34 - 00128908 _____ () C:\ProgramData\lxecJSW.log
2015-01-30 17:11 - 2013-12-31 12:13 - 00000000 ____D () C:\Windows\Minidump
2015-01-28 07:48 - 2014-01-09 09:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 19:54 - 2011-01-12 10:13 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Dr._Kriebel_Finanzinstitu
2015-01-27 16:47 - 2011-02-02 14:49 - 00000000 ____D () C:\Users\Jürgen\Documents\Beratungsrechner
==================== Files in the root of some directories =======
2014-03-03 09:17 - 2014-06-23 06:53 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-10-05 14:41 - 2014-10-05 14:41 - 0038475 _____ () C:\Users\Jürgen\AppData\Roaming\Microsoft Excel.ADR
2012-03-29 13:44 - 2012-04-02 08:44 - 0004608 _____ () C:\Users\Jürgen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-05 14:02 - 2014-10-05 14:02 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2014-05-10 10:05 - 2014-10-21 09:40 - 0001215 _____ () C:\ProgramData\Coinstaller.log
2014-05-10 10:34 - 2015-02-03 10:56 - 0128908 _____ () C:\ProgramData\lxecJSW.log
2014-05-10 10:02 - 2015-02-19 19:57 - 0030862 _____ () C:\ProgramData\lxecscan.log
2014-10-05 14:02 - 2014-10-05 14:02 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2014-12-29 17:47 - 2014-12-29 17:48 - 2741509 _____ () C:\ProgramData\SPL6DD4.tmp
2015-01-09 17:05 - 2015-01-09 17:05 - 0902604 _____ () C:\ProgramData\SPLA167.tmp
2014-10-05 14:02 - 2014-10-05 14:02 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt
Files to move or delete:
====================
C:\Users\Jürgen\pdfprint.dat
Some content of TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\pkvsetupupdate.exe
C:\Users\Jürgen\AppData\Local\Temp\Quarantine.exe
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 09:50
==================== End Of Log ============================
--- --- ---
das müsste alles gewesen sein.
Ich danke Dir schon mal.
Grüße Kischlan:applaus::applaus: |
+ R Taste und schreibe notepad in das Ausführen Fenster.
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
