Trojaner-Board - Istasurf eingefangen

So besser?

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 21.04.2015

Suchlauf-Zeit: 20:35:43

Logdatei: MAM.txt

Administrator: Ja
 

Version: 2.01.4.1018

Malware Datenbank: v2015.04.21.05

Rootkit Datenbank: v2015.04.20.01

Lizenz: Premium

Malware Schutz: Aktiviert

Bösartiger Webseiten Schutz: Aktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 7 Service Pack 1

CPU: x64

Dateisystem: NTFS

Benutzer: NAME GELOESCHT
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 440640

Verstrichene Zeit: 10 Min, 26 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(Keine schädliche Elemente gefunden)
 

Module: 0

(Keine schädliche Elemente gefunden)
 

Registrierungsschlüssel: 4

PUP.Adware.PicRec, HKLM\SOFTWARE\PicRec, , [cb6ef57a1278ca6cae695b86c63d18e8], 

PUP.Optional.Dregol.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, , [a990333c6d1dbd7968357d4808fb2bd5], 

PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, , [bf7a2946deac092ddbdf222633d22ed2], 

PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, , [aa8ff976dcae42f49d1c0345d530e21e], 
 

Registrierungswerte: 7

PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_mlvi_15_16&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0D0AzyyDyBzyyEyB0C0AtN0D0Tzu0StCtCzyzztN1L2XzutAtFzytFzztFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0EyCzz0BtCtCzztGyEzzyEzztGyDyDzz0CtG0E0CtC0FtGtC0AzztA0D0AyDyCtCyB0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0AtD0DyCzz0DzytG0Czy0B0FtGyE0EyBtCtGzz0C0F0DtGyC0BtCtCyDtCyDtA0DtAyDtA2QtN0A0LzutB&cr=1540083586&ir=, , [2e0b6b04622885b1a2a75ef5d23317e9]

PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_mlvi_15_16&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0D0AzyyDyBzyyEyB0C0AtN0D0Tzu0StCtCzyzztN1L2XzutAtFzytFzztFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0EyCzz0BtCtCzztGyEzzyEzztGyDyDzz0CtG0E0CtC0FtGtC0AzztA0D0AyDyCtCyB0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0AtD0DyCzz0DzytG0Czy0B0FtGyE0EyBtCtGzz0C0F0DtGyC0BtCtCyDtCyDtA0DtAyDtA2QtN0A0LzutB&cr=1540083586&ir=, , [0b2e88e76822a2946fda68eb09fc26da]

PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Users\NAME GELOESCHT\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, , [4dec145b107a1620044560f37f867789]

PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Dregol, , [0b2ecba4850590a66cdda0b3e421ff01]

PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Dregol, , [85b42d42a6e4b680ee5b93c04bba46ba]

PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1428928078&from=pcs&uid=ST1000DX001-1CM162_Z1DDDJCPXXXXZ1DDDJCP&q={searchTerms}, , [44f5bbb4c1c9f442a2ad3a192bdabc44]

PUP.Optional.Dregol.A, HKU\S-1-5-21-2242555042-2413310147-2121924782-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Dregol, , [8cadd798f694320491b70152bf46bf41]
 

Registrierungsdaten: 4

PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[1e1b353a1f6bbd797568df248482a35d]

PUP.Optional.Snapdo, HKU\S-1-5-21-2242555042-2413310147-2121924782-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=93c9ac0f-9150-4250-96be-e693e5533493&searchtype=hp&installDate=08/04/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=93c9ac0f-9150-4250-96be-e693e5533493&searchtype=hp&installDate=08/04/2013),,[13264c236b1f231386e25aa9fa0cf30d]

PUP.Optional.Snapdo, HKU\S-1-5-21-2242555042-2413310147-2121924782-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=93c9ac0f-9150-4250-96be-e693e5533493&searchtype=ds&q={searchTerms}&installDate=08/04/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=93c9ac0f-9150-4250-96be-e693e5533493&searchtype=ds&q={searchTerms}&installDate=08/04/2013),,[6ecb6d02e6a4ad895414689b2cdac937]

PUP.Optional.Snapdo, HKU\S-1-5-21-2242555042-2413310147-2121924782-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=93c9ac0f-9150-4250-96be-e693e5533493&searchtype=ds&q={searchTerms}&installDate=08/04/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=93c9ac0f-9150-4250-96be-e693e5533493&searchtype=ds&q={searchTerms}&installDate=08/04/2013),,[b188e8874b3f82b4d395a36044c2e51b]
 

Ordner: 33

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\include, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\en, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\en-US, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\es, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\es-419, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\it, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\pl, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\tr, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\vi, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\skin, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\defaults, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\defaults\preferences, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules, , [cf6a056ab4d6fd3940b017a53dc6dd23], 
 

Dateien: 66

PUP.Optional.Dregol.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\searchplugins\Dregol.xml, , [79c06708692172c4059c7352887b7d83], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome.manifest, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\install.rdf, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\index.html, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.xul, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\include\speed_dial.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\about_blank_hook.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\misc.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\popup_image_helper.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\urlrequestor.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\js.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\doT.min.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\hotSearch.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\mostgrid.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\search.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\stat.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\common.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\ga.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\xagainit.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\en\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\en-US\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\es\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\es-419\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\it\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\pl\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\tr\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\vi\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW\locale.properties, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\skin\default_logo.png, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\skin\googlelogo.png, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\skin\google_trends.png, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\skin\icon.png, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\skin\loading.gif, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\skin\logo.png, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\skin\newtab.ico, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\skin\simple.css, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\chrome\skin\style.css, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\defaults\preferences\fvd.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\defaults\preferences\preferences.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules\addonmanager.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules\aes.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules\config.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules\dialogs.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules\last_tab.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules\misc.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules\properties.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules\remoterequest.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules\restoreprefs.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.IStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\extensions\istart_ffnt@gmail.com\modules\settings.js, , [cf6a056ab4d6fd3940b017a53dc6dd23], 

PUP.Optional.HttpBreaker.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "?type=hppp");), ,[83b6abc40288cc6a3b0596aae323da26]

PUP.Optional.QuickStart.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), ,[2c0db9b6f892a78f4f3b6ad8e1251ee2]

PUP.Optional.Dregol.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\search.json, Gut: (), Schlecht: (dregol.com), ,[b18856192763c076b36ea59b22e4e917]

PUP.Optional.HttpBreaker.A, C:\Users\NAME GELOESCHT\AppData\Roaming\Mozilla\Firefox\Profiles\ub420qck.default\user.js, , [2d0c6708d8b223133ef4bd825ea86997], 
 

Physische Sektoren: 0

(Keine schädliche Elemente gefunden)
 
 

(end)

:lach:

Dank und Gruß

Mauli

Ich danke für die Geduld.

1. AWD:

Code:

# AdwCleaner v4.202 - Bericht erstellt 25/04/2015 um 02:30:07

# Aktualisiert 23/04/2015 von Xplode

# Datenbank : 2015-04-23.2 [Server]

# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)

# Benutzername : NAMEGELOESCHT- NAMEGELOESCHT-PC

# Gestarted von : D:\Downloads\AdwCleaner_4.202.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\PicRec

Ordner Gelöscht : C:\ProgramData\PC Drivers HeadQuarters

Ordner Gelöscht : C:\ProgramData\driver whiz

Ordner Gelöscht : C:\Program Files (x86)\PicRec (x86)

Ordner Gelöscht : C:\Program Files (x86)\DM

Ordner Gelöscht : C:\Program Files\DM

Ordner Gelöscht : C:\Users\NAMEGELOESCHT\SupTab

Datei Gelöscht : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb

Datei Gelöscht : C:\Users\NAMEGELOESCHT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.snapdo.com_0.localstorage

Datei Gelöscht : C:\Users\NAMEGELOESCHT\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.snapdo.com_0.localstorage-journal
 

***** [ Geplante Tasks ] *****
 
 

***** [ Verknüpfungen ] *****
 

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk

Verknüpfung Desinfiziert : C:\Users\NAME GELOESCHT\Desktop\Internet Explorer.lnk

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Abgesicherter Modus).lnk

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk

Verknüpfung Desinfiziert : C:\Users\NAMEGELOESCHT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Verknüpfung Desinfiziert : C:\Users\NAMEGELOESCHT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

Verknüpfung Desinfiziert : C:\Users\NAMEGELOESCHT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

Verknüpfung Desinfiziert : C:\Users\NAMEGELOESCHT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

Verknüpfung Desinfiziert : C:\Users\NAMEGELOESCHT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

Verknüpfung Desinfiziert : C:\Users\NAMEGELOESCHT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

Verknüpfung Desinfiziert : C:\Users\NAMEGELOESCHT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

Verknüpfung Desinfiziert : C:\Users\NAMEGELOESCHT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}

Schlüssel Gelöscht : HKCU\Software\Local AppWizard-Generated Applications

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\DF917BEA0BDE9E345B42099FC7E14699

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\DF917BEA0BDE9E345B42099FC7E14699

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF917BEA0BDE9E345B42099FC7E14699

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:54810;hxxps=127.0.0.1:54810

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>;127.0.0.1
 

***** [ Internetbrowser ] *****
 

-\\ Internet Explorer v11.0.9600.17728
 
 

-\\ Mozilla Firefox v26.0 (de)
 

[ub420qck.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.enable_search1", false);

[ub420qck.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
 

-\\ Google Chrome v42.0.2311.90
 

[C:\Users\NAMEGELOESCHT\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3318399&octid=EB_ORIGINAL_CTID&ISID=M9044EAF2-37CA-4F7B-833B-CF0F74FCB1EE&SearchSource=58&CUI=&UM=6&UP=SP2563CB12-A6B4-45DA-8842-798CA51025E6&q={searchTerms}&SSPV=

[C:\Users\NAMEGELOESCHT\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_mlvi_15_16&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0D0AzyyDyBzyyEyB0C0AtN0D0Tzu0StCtCzyzztN1L2XzutAtFzytFzztFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0EyCzz0BtCtCzztGyEzzyEzztGyDyDzz0CtG0E0CtC0FtGtC0AzztA0D0AyDyCtCyB0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0AtD0DyCzz0DzytG0Czy0B0FtGyE0EyBtCtGzz0C0F0DtGyC0BtCtCyDtCyDtA0DtAyDtA2QtN0A0LzutB&cr=1540083586&ir=

[C:\Users\NAMEGELOESCHT\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1428928078&from=pcs&uid=ST1000DX001-1CM162_Z1DDDJCPXXXXZ1DDDJCP&q={searchTerms}
 

-\\ Opera v0.0.0.0
 
 

*************************
 

AdwCleaner[R0].txt - [31601 Bytes] - [01/09/2013 19:28:56]

AdwCleaner[R1].txt - [6685 Bytes] - [31/07/2014 13:23:44]

AdwCleaner[R2].txt - [3443 Bytes] - [18/09/2014 22:02:57]

AdwCleaner[R3].txt - [7526 Bytes] - [15/04/2015 19:30:53]

AdwCleaner[R4].txt - [13397 Bytes] - [15/04/2015 19:47:26]

AdwCleaner[R5].txt - [7119 Bytes] - [19/04/2015 19:00:21]

AdwCleaner[R6].txt - [7857 Bytes] - [20/04/2015 22:24:31]

AdwCleaner[R7].txt - [7483 Bytes] - [22/04/2015 20:09:18]

AdwCleaner[R8].txt - [7261 Bytes] - [25/04/2015 02:27:36]

AdwCleaner[R9].txt - [7320 Bytes] - [25/04/2015 02:29:12]

AdwCleaner[S0].txt - [31295 Bytes] - [01/09/2013 19:29:32]

AdwCleaner[S1].txt - [3743 Bytes] - [18/09/2014 22:04:08]

AdwCleaner[S2].txt - [392 Bytes] - [15/04/2015 19:32:15]

AdwCleaner[S3].txt - [790 Bytes] - [15/04/2015 19:48:42]

AdwCleaner[S4].txt - [392 Bytes] - [19/04/2015 19:01:49]

AdwCleaner[S5].txt - [392 Bytes] - [20/04/2015 22:25:42]

AdwCleaner[S6].txt - [6976 Bytes] - [25/04/2015 02:30:07]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [7035  Bytes] ##########

2. JRT

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.6.2 (04.24.2015:1)

OS: Windows 7 Professional x64

Ran by NAME GELOESCHT on 25.04.2015 at  2:38:04,80

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Tasks
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 25.04.2015 at  2:41:56,02

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3. FRST

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.6.2 (04.24.2015:1)

OS: Windows 7 Professional x64

Ran by NAMEGELOESCHT on 25.04.2015 at  2:38:04,80

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Tasks
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 25.04.2015 at  2:41:56,02

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dank und Gruß

Mauli

PS: Istasurf scheint verschwunden zu sein :D