|
Plagegeister aller Art und deren Bekämpfung: Ständige Werbung in allen BrowsernWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.06.2014, 22:25 | #1 |
| Ständige Werbung in allen Browsern Hallo, mein Problem sieht folgendermaßen aus: - in allen Browsern, die ich benutze (Firefox und Chrome) taucht plötzlich eine Vielzahl an Werbung auf. Es sind meistens nur so kleine Fenster, die auf der Seite sind und die man mit einfachen Klicks wieder entfernen kann, dennoch sind sie nervig - als nächstes öffnen sich meistens, wenn ich Sachen anklicke neue Internetseiten mit verschiedenen Werbungen - die Schnelligkeit des Laptops ist seitdem extrem gering und es dauert sehr lange, bis Seiten geladen sind. Downloadgeschwindigkeiten sind dagegen relativ konstant wie vorher auch. Vielleicht kann mir jemand helfen und mir sagen was ich machen kann, bevor ich ein neues Betriebssystem installieren muss. Vielen Dank |
28.06.2014, 22:36 | #2 |
Ruhe in Frieden † 2019 | Ständige Werbung in allen BrowsernMein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
28.06.2014, 22:53 | #3 |
| Ständige Werbung in allen BrowsernFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02 Ran by Julian (administrator) on JULIAN-PC on 28-06-2014 23:48:45 Running from C:\Users\Julian\DOWNLOADS Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe () C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfg.exe (Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Simplygen) C:\Program Files (x86)\Protected Search\ProtectedSearch.exe (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe (Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe () C:\Users\Julian\AppData\Roaming\VOPackage\VOsrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Revizer) C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe ( ) C:\Program Files (x86)\LockKey\LockKey.exe (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe (Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe () C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoUpdateCheck.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE () C:\Program Files (x86)\Privacy Dr\Splash.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TUDefragBackend64.exe (Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe () C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfdc171.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2012-03-01] (Conexant Systems, Inc.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2809856 2012-01-16] (ELAN Microelectronics Corp.) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-19] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-19] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-08-19] (Lenovo) HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296 2012-11-09] (Crawler.com) HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation) HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-08-19] (Lenovo) HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( ) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1573584 2012-10-29] (Ask) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [SMART Floating Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe [9024304 2013-11-20] (SMART Technologies ULC) HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe [204592 2013-11-22] (SMART Technologies) HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe [743728 2013-11-22] (SMART Technologies) HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [1933104 2013-11-22] (SMART Technologies) HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62768 2013-08-22] (SMART Technologies) HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [147248 2013-10-31] (SMART Technologies) HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761536 2014-01-02] () HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [522752 2014-05-06] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-05-18] (Electronic Arts) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-19] (Google Inc.) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Julian\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [lollipop] => lollipop HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [PrivacyDr] => C:\Program Files (x86)\Privacy Dr\PrivacyDr.exe [2920384 2013-11-13] () HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [BlockNSurf] => C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe [131584 2014-05-22] (Revizer) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\MountPoints2: {61b469da-e9ed-11e1-ac5f-806e6f6e6963} - F:\Autorun.exe HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\MountPoints2: {9ff9f46d-94bb-11e3-9a60-c0143dc3fd0c} - E:\LaunchU3.exe -a AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-30] (Conduit) AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050400 2014-03-30] (Conduit) Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec) ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:49423;https=127.0.0.1:49423 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir= HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= URLSearchHook: HKCU - &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms} SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir= SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir= SearchScopes: HKCU - {193DDDE3-3F56-48EC-8085-549FD9F026DB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=09599e60-d3a6-4fb0-946d-ff4c0fa54d5f&apn_sauid=46E449BC-4F3E-4556-9110-102CBC7E6CD9 SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60747 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} SearchScopes: HKCU - {44594F6D-AD20-45F6-8766-FBB35DB5C317} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=7ac7ee6a000000000000c0143dc3fd0b&r=392 SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPF7CFA909-731C-4EE5-B9E9-2B4AE0B75CBD&q={searchTerms}&SSPV= SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms} BHO: Weather It Up - {11111111-1111-1111-1111-110411911136} - C:\Program Files (x86)\Weather It Up\Weather It Up-bho64.dll (Phoenix Media) BHO: Plus-HD-9.3 - {11111111-1111-1111-1111-110511301198} - C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-bho64.dll (Plus HD) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) BHO-x32: Weather It Up - {11111111-1111-1111-1111-110411911136} - C:\Program Files (x86)\Weather It Up\Weather It Up-bho.dll (Phoenix Media) BHO-x32: Plus-HD-9.3 - {11111111-1111-1111-1111-110511301198} - C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-bho.dll (Plus HD) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com) BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) BHO-x32: BlockAndSurf - {D5B592B1-D572-EF9F-EF4F-05BF14D59119} - C:\Program Files (x86)\BlockAndSurf-soft\171.dll () BHO-x32: DownTango Launcher - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Julian\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll (Simplytech Ltd.) BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com) BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM-x32 - &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com) Toolbar: HKLM-x32 - DownTango Launcher - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Julian\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll (Simplytech Ltd.) Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - No File Handler-x32: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com) Tcpip\Parameters: [DhcpNameServer] 192.168.192.1 FireFox: ======== FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default FF NewTab: chrome://quick_start/content/index.html FF SearchEngineOrder.1: Mysearchdial FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir= FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=09599e60-d3a6-4fb0-946d-ff4c0fa54d5f&apn_ptnrs=%5EAGS&apn_sauid=46E449BC-4F3E-4556-9110-102CBC7E6CD9&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\user.js FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\searchplugins\Mysearchdial.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qone8.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Plus-HD-9.3 - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\120b8567-cef7-4a3f-bc74-951746209d5b@e3f0d12e-110a-4dac-a277-22ad73cee452.com [2014-04-01] FF Extension: Weather It Up - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\18c3bc7a-b2aa-43c1-885a-665d2f25cf89@d6802e59-3519-4428-bef7-bce888d550bb.com [2014-04-01] FF Extension: mysearchdial.com - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\ffxtlbr@mysearchdial.com [2014-04-01] FF Extension: Quick Start - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\quick_start@gmail.com [2014-04-01] FF Extension: PriceGong - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2014-04-01] FF Extension: MySearchDial - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2014-06-01] FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-12-09] FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\extensions\quick_start@gmail.com FF Extension: Quick Start - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\extensions\quick_start@gmail.com [2014-04-01] FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi FF Extension: Browser Guard - C:\Program Files (x86)\Browser Guard\browserguard.xpi [2014-02-24] FF HKCU\...\Firefox\Extensions: [{A7CB7E6E-035E-B31C-D7CC-50F8151A4100}] - C:\Program Files (x86)\BlockAndSurf-soft\171.xpi FF Extension: BlockAndSurf - C:\Program Files (x86)\BlockAndSurf-soft\171.xpi [2014-05-22] Chrome: ======= CHR HomePage: hxxp://google.de/ CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=", "hxxp://start.qone8.com/?type=hp&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467" CHR DefaultSearchKeyword: mysearchdial.com CHR DefaultSearchProvider: Mysearchdial CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir= CHR DefaultNewTabURL: CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\McChPlg.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File CHR Plugin: (Default Plug-in) - default_plugin No File CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-06] CHR Extension: (Weather It Up) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakgmemkflciahncfpgaebpnknhejeja [2014-04-01] CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10] CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10] CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-12-09] CHR Extension: (BlockAndSurf) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fclfdhclgpnocgnailhbcaeplhjhemlj [2014-05-22] CHR Extension: (DownTango Launcher) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gladcbhcbkdeddbidiblppadjdjalidb [2012-11-26] CHR Extension: (Plus-HD-9.3) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak [2014-04-01] CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29] CHR Extension: (Quick start) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-04-01] CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-10] CHR Extension: (Extutil) - C:\Users\Julian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-01-24] CHR Extension: (Managera) - C:\Users\Julian\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-01-02] CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Julian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-12-28] CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Julian\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.11.0.crx [2012-11-10] CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11] CHR HKLM-x32\...\Chrome\Extension: [gladcbhcbkdeddbidiblppadjdjalidb] - C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx [2012-11-26] CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-04-01] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-11] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-11] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-06-11] (Avira Operations GmbH & Co. KG) S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-20] (Just Develop It) R2 BlockAndSurf; C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfdc171.exe [178688 2014-05-22] () [File not signed] R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.) S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2466080 2014-03-30] (Conduit) R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation) R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [538416 2013-11-22] (SMART Technologies) R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148664 2012-11-09] (Crawler.com) R2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [2100024 2013-08-30] (TuneUp Software) R2 vosr; C:\Users\Julian\AppData\Roaming\VOPackage\VOsrv.exe [355328 2014-04-01] () [File not signed] R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-04-01] (Cherished Technololgy LIMITED) [File not signed] ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-11] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-11] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-04] (Avira Operations GmbH & Co. KG) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.) R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-11-04] (SMART Technologies) R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-11-04] (SMART Technologies) S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-11-04] (SMART Technologies ULC) R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2012-11-10] (Windows (R) Win 7 DDK provider) R3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation) U3 BcmSqlStartupSvc; U2 CLKMSVC10_3A60B698; U2 CLKMSVC10_C3B3B687; U2 DriverService; U2 iATAgentService; U2 idealife Update Service; U3 IGRS; U2 IviRegMgr; U2 nvUpdatusService; U2 Oasis2Service; U2 PCCarerService; U2 ReadyComm.DirectRouter; U2 RichVideo; U2 RtLedService; U2 SeaPort; U2 SoftwareService; U3 SQLWriter; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-28 23:48 - 2014-06-28 23:49 - 00044428 _____ () C:\Users\Julian\Downloads\FRST.txt 2014-06-28 23:47 - 2014-06-28 23:49 - 00000000 ____D () C:\FRST 2014-06-28 23:44 - 2014-06-28 23:44 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe 2014-06-27 09:29 - 2014-06-27 09:29 - 00001107 _____ () C:\Users\Julian\Desktop\Continue VuuPC Installation.lnk 2014-06-24 12:18 - 2014-06-24 12:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-06-24 11:25 - 2014-06-24 11:25 - 00290320 _____ () C:\Users\Julian\Downloads\Java.exe 2014-06-18 11:50 - 2014-06-24 11:14 - 00005630 _____ () C:\Users\Julian\Desktop\Lufthnsa Motivationsschreiben.odt 2014-06-18 10:26 - 2014-06-18 11:50 - 00005704 _____ () C:\Users\Julian\Documents\Lufthnsa MOtivationsschreiben.odt 2014-06-11 15:53 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-11 15:53 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-11 15:53 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 15:53 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 15:53 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 15:53 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 15:53 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 15:53 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-11 15:53 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-11 15:53 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 15:53 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-11 15:53 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 15:53 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 15:53 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-11 15:53 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-11 15:53 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 15:53 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 15:53 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 15:53 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 15:53 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 15:53 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 15:53 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-11 15:53 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 15:53 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 15:53 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 15:53 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 15:53 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 15:53 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 15:53 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-11 15:53 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 15:53 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 15:53 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 15:53 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 15:53 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 15:53 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 15:53 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-11 15:53 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 15:53 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 15:53 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 15:53 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 15:53 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 15:53 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 15:53 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 15:53 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 15:53 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 15:53 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 15:53 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 15:53 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 15:53 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 15:53 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 15:53 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 15:53 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 15:53 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-11 15:53 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 15:53 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 15:53 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 15:53 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 15:53 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 15:53 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 15:53 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 15:53 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-11 15:53 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-11 15:53 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 15:53 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 15:53 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 15:53 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-06 12:47 - 2014-06-06 12:47 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr 2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\Documents\Bus Simulator 2012 2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\AppData\Local\Bus Simulator 2012 2014-06-01 15:14 - 2014-06-18 15:24 - 00005937 _____ () C:\Users\Julian\Desktop\Motivationsschreiben Ausbildung.odt 2014-06-01 15:01 - 2014-06-28 15:01 - 00001426 _____ () C:\Users\Julian\Desktop\Registry kostenlos entrümpeln!.lnk 2014-06-01 14:58 - 2014-06-01 14:58 - 00000000 ____D () C:\Users\Julian\Desktop\Programme 2014-06-01 14:56 - 2014-06-24 12:18 - 00000000 ____D () C:\Users\Julian\Desktop\Games 2014-06-01 12:22 - 2014-06-01 12:23 - 02002656 _____ (Driver Restore) C:\Users\Julian\Downloads\DriverRestore.exe 2014-06-01 12:10 - 2014-06-11 21:07 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-01 12:10 - 2014-06-11 21:05 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-01 11:58 - 2014-06-01 11:58 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-01 11:57 - 2014-06-01 11:57 - 00283144 _____ (Mozilla) C:\Users\Julian\Downloads\Firefox Setup Stub 29.0.1.exe ==================== One Month Modified Files and Folders ======= 2014-06-28 23:49 - 2014-06-28 23:48 - 00044428 _____ () C:\Users\Julian\Downloads\FRST.txt 2014-06-28 23:49 - 2014-06-28 23:47 - 00000000 ____D () C:\FRST 2014-06-28 23:44 - 2014-06-28 23:44 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe 2014-06-28 23:08 - 2014-04-01 12:47 - 00003102 _____ () C:\Windows\Tasks\Weather It Up-chromeinstaller.job 2014-06-28 23:05 - 2012-08-19 13:46 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-28 23:04 - 2013-12-18 21:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-28 23:04 - 2012-11-07 23:20 - 00984569 _____ () C:\FaceProv.log 2014-06-28 23:04 - 2012-08-19 13:46 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-28 23:04 - 2012-08-19 13:44 - 00000000 ____D () C:\ProgramData\VeriFace 2014-06-28 23:03 - 2014-04-01 13:02 - 00000296 _____ () C:\Windows\Tasks\MySearchDial.job 2014-06-28 23:03 - 2014-04-01 12:49 - 00001588 _____ () C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-5.job 2014-06-28 23:03 - 2014-04-01 12:48 - 00003116 _____ () C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-3.job 2014-06-28 23:03 - 2014-04-01 12:48 - 00002378 _____ () C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-4.job 2014-06-28 23:03 - 2014-04-01 12:48 - 00001494 _____ () C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-1.job 2014-06-28 23:03 - 2014-04-01 12:48 - 00001432 _____ () C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-2.job 2014-06-28 23:03 - 2014-04-01 12:47 - 00002436 _____ () C:\Windows\Tasks\Weather It Up-firefoxinstaller.job 2014-06-28 23:03 - 2014-04-01 12:47 - 00001520 _____ () C:\Windows\Tasks\Weather It Up-updater.job 2014-06-28 23:03 - 2014-04-01 12:47 - 00001474 _____ () C:\Windows\Tasks\Weather It Up-codedownloader.job 2014-06-28 23:03 - 2014-04-01 12:47 - 00001354 _____ () C:\Windows\Tasks\Weather It Up-enabler.job 2014-06-28 23:03 - 2014-01-02 15:26 - 00054470 _____ () C:\Users\Julian\daemonprocess.txt 2014-06-28 23:03 - 2012-08-19 13:05 - 01340271 _____ () C:\Windows\WindowsUpdate.log 2014-06-28 15:03 - 2014-01-02 15:25 - 00000278 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job 2014-06-28 15:01 - 2014-06-01 15:01 - 00001426 _____ () C:\Users\Julian\Desktop\Registry kostenlos entrümpeln!.lnk 2014-06-28 15:01 - 2014-01-14 02:27 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro 2014-06-28 14:30 - 2012-11-10 21:04 - 00000000 ____D () C:\ProgramData\Spyware Terminator 2014-06-27 18:24 - 2014-04-01 13:02 - 00000426 _____ () C:\Windows\Tasks\BlockAndSurf Update.job 2014-06-27 18:23 - 2014-04-01 13:02 - 00000406 _____ () C:\Windows\Tasks\BlockAndSurf_wd.job 2014-06-27 09:29 - 2014-06-27 09:29 - 00001107 _____ () C:\Users\Julian\Desktop\Continue VuuPC Installation.lnk 2014-06-27 09:28 - 2013-12-22 14:06 - 00000000 ____D () C:\Users\Julian\AppData\Local\Deployment 2014-06-27 09:15 - 2009-07-14 06:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-27 09:15 - 2009-07-14 06:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-27 09:10 - 2013-12-28 18:12 - 00000000 ___RD () C:\Users\Julian\Google Drive 2014-06-27 09:06 - 2012-08-19 22:47 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2014-06-27 09:06 - 2012-08-19 22:47 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2014-06-27 09:06 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-27 09:04 - 2014-01-02 15:27 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup 2014-06-27 09:01 - 2013-07-10 16:59 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-06-27 08:59 - 2014-01-02 15:26 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\newnext.me 2014-06-27 08:59 - 2012-08-19 13:48 - 00466209 _____ () C:\Windows\system32\fastboot.set 2014-06-27 08:56 - 2010-11-21 05:47 - 00383106 _____ () C:\Windows\PFRO.log 2014-06-27 08:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-27 08:56 - 2009-07-14 06:51 - 00072347 _____ () C:\Windows\setupact.log 2014-06-24 12:18 - 2014-06-24 12:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-06-24 12:18 - 2014-06-01 14:56 - 00000000 ____D () C:\Users\Julian\Desktop\Games 2014-06-24 12:18 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-24 12:17 - 2014-05-22 17:43 - 00000000 ____D () C:\Program Files (x86)\Der Planer 5 2014-06-24 11:25 - 2014-06-24 11:25 - 00290320 _____ () C:\Users\Julian\Downloads\Java.exe 2014-06-24 11:14 - 2014-06-18 11:50 - 00005630 _____ () C:\Users\Julian\Desktop\Lufthnsa Motivationsschreiben.odt 2014-06-21 15:31 - 2014-01-02 15:25 - 00000286 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job 2014-06-19 18:48 - 2012-08-19 13:46 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-19 18:48 - 2012-08-19 13:46 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-18 15:24 - 2014-06-01 15:14 - 00005937 _____ () C:\Users\Julian\Desktop\Motivationsschreiben Ausbildung.odt 2014-06-18 11:50 - 2014-06-18 10:26 - 00005704 _____ () C:\Users\Julian\Documents\Lufthnsa MOtivationsschreiben.odt 2014-06-18 11:17 - 2013-04-16 08:04 - 00000454 ____H () C:\Windows\Tasks\Norton Security Scan for Julian.job 2014-06-18 10:01 - 2013-12-28 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-06-17 18:44 - 2012-08-19 13:37 - 00045512 _____ () C:\Windows\DirectX.log 2014-06-17 18:26 - 2013-07-10 16:59 - 00000000 ____D () C:\ProgramData\Origin 2014-06-13 07:14 - 2012-08-19 13:46 - 00002380 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-12 12:58 - 2014-01-27 11:38 - 00000000 ____D () C:\Program Files (x86)\TP-LINK 2014-06-12 12:08 - 2014-02-17 11:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-12 12:08 - 2014-01-02 15:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-11 21:07 - 2014-06-01 12:10 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-11 21:05 - 2014-06-01 12:10 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-11 21:04 - 2012-11-17 16:53 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-11 21:03 - 2014-05-11 19:45 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-11 15:45 - 2013-04-03 12:07 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-11 15:45 - 2013-04-03 12:07 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-08 11:13 - 2014-06-11 15:53 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-11 15:53 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-06 12:47 - 2014-06-06 12:47 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr 2014-06-03 10:57 - 2014-03-25 15:29 - 00000000 ____D () C:\Users\Julian\Documents\Euro Truck Simulator 2 2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\Documents\Bus Simulator 2012 2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\AppData\Local\Bus Simulator 2012 2014-06-01 15:06 - 2014-04-01 12:47 - 00000000 ____D () C:\Program Files (x86)\Weather It Up 2014-06-01 14:58 - 2014-06-01 14:58 - 00000000 ____D () C:\Users\Julian\Desktop\Programme 2014-06-01 14:09 - 2013-12-09 21:54 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-06-01 12:23 - 2014-06-01 12:22 - 02002656 _____ (Driver Restore) C:\Users\Julian\Downloads\DriverRestore.exe 2014-06-01 12:15 - 2014-04-01 12:48 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.3 2014-06-01 11:58 - 2014-06-01 11:58 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-01 11:58 - 2014-01-02 15:36 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-01 11:57 - 2014-06-01 11:57 - 00283144 _____ (Mozilla) C:\Users\Julian\Downloads\Firefox Setup Stub 29.0.1.exe 2014-05-30 12:21 - 2014-06-11 15:53 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 12:02 - 2014-06-11 15:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 12:02 - 2014-06-11 15:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 11:45 - 2014-06-11 15:53 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 11:39 - 2014-06-11 15:53 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 11:39 - 2014-06-11 15:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 11:38 - 2014-06-11 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 11:28 - 2014-06-11 15:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 11:27 - 2014-06-11 15:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 11:24 - 2014-06-11 15:53 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 11:21 - 2014-06-11 15:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 11:21 - 2014-06-11 15:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 11:20 - 2014-06-11 15:53 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-11 15:53 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 11:11 - 2014-06-11 15:53 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 11:08 - 2014-06-11 15:53 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-11 15:53 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 11:02 - 2014-06-11 15:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 10:55 - 2014-06-11 15:53 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 10:49 - 2014-06-11 15:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 10:46 - 2014-06-11 15:53 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-11 15:53 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 10:44 - 2014-06-11 15:53 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-11 15:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 10:42 - 2014-06-11 15:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 10:38 - 2014-06-11 15:53 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-11 15:53 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 10:34 - 2014-06-11 15:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 10:33 - 2014-06-11 15:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 10:30 - 2014-06-11 15:53 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 10:29 - 2014-06-11 15:53 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 10:28 - 2014-06-11 15:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 10:27 - 2014-06-11 15:53 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 10:24 - 2014-06-11 15:53 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 10:23 - 2014-06-11 15:53 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-11 15:53 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 10:10 - 2014-06-11 15:53 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 10:06 - 2014-06-11 15:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 10:04 - 2014-06-11 15:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-11 15:53 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-11 15:53 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-11 15:53 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 09:54 - 2014-06-11 15:53 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 09:50 - 2014-06-11 15:53 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 09:49 - 2014-06-11 15:53 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-11 15:53 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-11 15:53 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-11 15:53 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-11 15:53 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-11 15:53 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-11 15:53 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-11 15:53 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll Some content of TEMP: ==================== C:\Users\Julian\AppData\Local\Temp\6_Offer_15.exe C:\Users\Julian\AppData\Local\Temp\avgnt.exe C:\Users\Julian\AppData\Local\Temp\BackupSetup.exe C:\Users\Julian\AppData\Local\Temp\DownloadManager.exe C:\Users\Julian\AppData\Local\Temp\DownTangoSetup20130408213950.exe C:\Users\Julian\AppData\Local\Temp\GetCC.dll C:\Users\Julian\AppData\Local\Temp\installer.exe C:\Users\Julian\AppData\Local\Temp\Mobogenie_Setup_INT.exe C:\Users\Julian\AppData\Local\Temp\nscD6E.exe C:\Users\Julian\AppData\Local\Temp\nsr103C.exe C:\Users\Julian\AppData\Local\Temp\nsrC803.exe C:\Users\Julian\AppData\Local\Temp\nswCA93.exe C:\Users\Julian\AppData\Local\Temp\ose00000.exe C:\Users\Julian\AppData\Local\Temp\RegClean10.exe C:\Users\Julian\AppData\Local\Temp\SearchProtectINT.exe C:\Users\Julian\AppData\Local\Temp\SendMsg.dll C:\Users\Julian\AppData\Local\Temp\SPSetup.exe C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite10636.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite11538.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite13076.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite13167.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14296.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14320.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14692.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16002.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16712.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16736.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite17398.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18006.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18241.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18803.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite19003.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite19128.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite21542.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite23399.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite23779.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite24821.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite26681.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29469.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29631.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29738.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite30640.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite30887.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31130.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31309.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31540.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31591.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite33108.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite34256.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite34470.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite35057.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite36438.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite36736.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite37732.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite37863.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite39949.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40089.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40143.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40173.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42094.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42426.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42736.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite43265.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite45714.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite46079.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite46143.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite48451.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite50387.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite51230.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite52270.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite53244.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite53291.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite55408.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite57620.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite57693.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite58099.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite58126.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite60758.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite61462.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62073.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62586.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62860.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite64753.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite65354.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite65640.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68189.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68303.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68456.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68485.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68490.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite69387.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite69569.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite71648.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite72697.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite72922.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite74683.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite74968.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite75926.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite77555.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite78275.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite80301.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite81027.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite82686.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite83095.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite85021.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite86184.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite87614.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite88124.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite88466.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite91859.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite92227.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite93212.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite96672.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite98100.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite98744.dll C:\Users\Julian\AppData\Local\Temp\vbmz10.exe C:\Users\Julian\AppData\Local\Temp\vcredist_x64.exe C:\Users\Julian\AppData\Local\Temp\_BnSup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-01-11 16:23 ==================== End Of Log ============================ |
28.06.2014, 22:54 | #4 |
| Ständige Werbung in allen BrowsernCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02 Ran by Julian at 2014-06-28 23:50:09 Running from C:\Users\Julian\DOWNLOADS Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 11 ActiveX (HKLM-x32\...\{EFC4BB62-CD01-4F63-9165-FC5DEB350469}) (Version: 11.9.900.152 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (HKLM-x32\...\{91A605E2-0372-4198-B64D-FA4D7E9FC851}) (Version: 11.9.900.152 - Adobe Systems Incorporated) Adobe Reader X (10.1.1) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.) Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12150 - Systweak Software) <==== ATTENTION AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.11.0 - Ask.com) <==== ATTENTION Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.) Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira) Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.3.30498 - Ask.com) <==== ATTENTION Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden BlockAndSurf (HKLM-x32\...\40799A39-9C1F-BC9A-1E9F-6800FD3B1623) (Version: - BlockAndSurf-software) <==== ATTENTION Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Browser Guard (HKLM-x32\...\Browser Guard) (Version: - ) BrowserSafeguard with RocketTab (HKLM-x32\...\BrowserSafeguard) (Version: - BrowserSafeguard with RocketTab) <==== ATTENTION ClipGrab 3.3.0.4 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - Philipp Schmieder Medien) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.34.0 - Conexant) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft) Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc) DownTango (HKLM-x32\...\DownTango) (Version: 1.1.1022 - Red Sky Sp. z o.o.) <==== ATTENTION DownTango Launcher 1.6 (HKLM-x32\...\{4a505538-f48f-412e-9b69-dbac7e3149c3}_is1) (Version: 1.6 - DownTango Launcher) <==== ATTENTION Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.4.1 - Lenovo) Energy Management (x32 Version: 7.0.4.1 - Lenovo) Hidden Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.5.2 - SCS Software) Free YouTube to MP3 Converter version 3.12.17.1125 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1125 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2778 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation) Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.11.1206.1 - Vimicro) Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.9 - Lenovo) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 7.0.0.3712 - CyberLink Corp.) Hidden Lenovo pointing device (HKLM\...\Elantech) (Version: 10.4.2.8 - ELAN Microelectronic Corp.) Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.) Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo) LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 1.38.1.2 - Lenovo) LockKey (x32 Version: 1.38.1.2 - Lenovo) Hidden Lollipop (HKCU\...\lollipop) (Version: - Lollipop Network, S.L.) <==== ATTENTION Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation) Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MyPC Backup (HKLM\...\MyPC Backup) (Version: - MyPC Backup) <==== ATTENTION Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.0.3.24 - Symantec Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.0.11.77 - Electronic Arts, Inc.) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Plus-HD-9.3 (HKLM-x32\...\Plus-HD-9.3) (Version: 1.34.3.28 - Plus HD) <==== ATTENTION Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.) PriceGong 2.6.11 (HKLM-x32\...\PriceGong) (Version: 2.6.11 - PriceGong) <==== ATTENTION Privacy Dr (HKLM-x32\...\{2FD6906C-AC7B-4D51-AFC3-DC6A2E1DCB03}) (Version: 2.1.2 - EuroTrade A.L. Ltd) Protected Search 1.1 (HKLM-x32\...\Protected Search_is1) (Version: - Protected Search) <==== ATTENTION qone8 uninstaller (HKLM-x32\...\qone8 uninstaller) (Version: - qone8) <==== ATTENTION Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39016 - Realtek Semiconductor Corp.) RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.11.11 - Conduit) <==== ATTENTION Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden simplitec simplicheck (HKLM-x32\...\{328ADEEA-4B1D-4B37-87D5-E3718E1CDB01}) (Version: 1.2.6.0 - simplitec GmbH) SMART Common Files (HKLM-x32\...\{26A95DBF-A866-4838-A8C9-FA219FCBD22E}) (Version: 11.5.159.0 - SMART Technologies ULC) SMART German Language Pack (HKLM-x32\...\{8F98EED9-2AB7-4B92-B37F-70C6877C1783}) (Version: 11.4.19.0 - SMART Technologies ULC) SMART Ink (HKLM-x32\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.721.0 - SMART Technologies ULC) SMART Notebook (HKLM-x32\...\{79660EE7-9C0B-4962-B566-2693FE34719D}) (Version: 11.4.564.0 - SMART Technologies ULC) SMART Produkttreiber (HKLM-x32\...\{53330A17-78DE-458E-9997-292A2D6D3ADD}) (Version: 11.4.479.0 - SMART Technologies ULC) Softonic toolbar on IE and Chrome (HKLM-x32\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ATTENTION Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.80 - Crawler.com) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TP-LINK TL-WDN4200 Driver (HKLM-x32\...\{76E22E5B-B0E7-49B5-9B9A-2112EB41D1EA}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities 2014) (Version: 14.0.1000.89 - TuneUp Software) TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.1230 - Lenovo) VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com) VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION Weather It Up (HKLM-x32\...\Weather It Up) (Version: 1.34.3.6 - Phoenix Media) Web Security Guard with Crawler Toolbar (HKLM-x32\...\CToolbar_UNINSTALL) (Version: - Crawler, LLC) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo) WinRAR 5.00 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) WPM17.8.0.3442 (HKLM-x32\...\WPM) (Version: 17.8.0.3442 - Cherished Technololgy LIMITED) <==== ATTENTION ==================== Restore Points ========================= 25-05-2014 17:01:02 Windows-Sicherung 26-05-2014 17:26:13 Installed TP-LINK Wireless Configuration Utility and Driver 01-06-2014 10:09:28 Windows Update 01-06-2014 17:03:52 Windows-Sicherung 09-06-2014 10:49:45 Windows-Sicherung 11-06-2014 19:01:09 Windows Update 12-06-2014 10:56:58 Installed PowerLine Utility 17-06-2014 16:41:40 DirectX wurde installiert 17-06-2014 19:26:58 Windows-Sicherung 24-06-2014 09:17:22 Windows-Sicherung ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {068082D9-0CF7-498A-842A-C9B65DB826D1} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2013-10-04] (Systweak) <==== ATTENTION Task: {150EF0BF-A738-44C0-B1FB-E7B5C7992C8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-19] (Google Inc.) Task: {15150AC7-DFB6-495F-AA49-F7A18EE12FFC} - System32\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-5 => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-5.exe <==== ATTENTION Task: {170B39E8-2942-45C7-8825-F905F6C592AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-18] (Adobe Systems Incorporated) Task: {18496993-2143-41B6-97E3-0FB175748A27} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {2170E350-C7F3-4CEF-BFE3-C2C238EE2594} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-11] (Systweak Inc) <==== ATTENTION Task: {22047AD4-F249-455C-9948-B8406AF32233} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-11] (Systweak Inc) <==== ATTENTION Task: {255AF57D-67E3-4FC5-8CC8-37B873D52942} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {33535263-5917-4D7B-9337-F6B02A8BA43E} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-10-29] () <==== ATTENTION Task: {3770834E-1FD4-4A19-BC76-9CC46DF88091} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\OneClick.exe [2013-08-30] (TuneUp Software) Task: {3D4D3CF7-BD80-45E4-91CA-2FC80DED067C} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-01] (AnyProtect by CMI) <==== ATTENTION Task: {3DAB6028-F884-4B51-9D26-AB9D750CB8A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-19] (Google Inc.) Task: {5EED5FCC-AE50-4459-85C9-374E501DA4E8} - System32\Tasks\Weather It Up-updater => C:\Program Files (x86)\Weather It Up\Weather It Up-updater.exe [2014-04-01] (Phoenix Media) Task: {6023D30E-9302-4225-A4E9-D42AAF71AECE} - System32\Tasks\MySearchDial => C:\Users\Julian\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION Task: {652C1272-9EAF-4C21-96CA-8315C82B4B8D} - System32\Tasks\Weather It Up-codedownloader => C:\Program Files (x86)\Weather It Up\Weather It Up-codedownloader.exe [2014-04-01] (Phoenix Media) Task: {6B402D9F-9393-4F3E-843E-BF6893FF5FA0} - System32\Tasks\Weather It Up-firefoxinstaller => C:\Program Files (x86)\Weather It Up\Weather It Up-firefoxinstaller.exe [2014-04-01] (Phoenix Media) Task: {7D3E29F6-EE2B-43C0-8A37-B727D11383E0} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-01] (AnyProtect by CMI) <==== ATTENTION Task: {7E9166AF-4D60-4400-BF30-1DAF66F6D3B4} - System32\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-4 => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-4.exe <==== ATTENTION Task: {83512CF7-3FCA-4468-A9D9-86C3525FA26A} - System32\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-1 => C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-codedownloader.exe <==== ATTENTION Task: {84CB915E-AE22-40B5-AB60-F42D4D5D79FF} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-28] (CyberLink) Task: {8C3619FD-04CC-4C1E-A238-0AE50B0FB679} - System32\Tasks\PrivacyDr_Splash => C:\Program Files (x86)\Privacy Dr\Splash.exe [2013-11-13] () Task: {9FC8F7AE-9B71-4879-A6EE-66ACB6EDF6AE} - System32\Tasks\Norton Security Scan for Julian => C:\Program Files (x86)\Norton Security Scan\Engine\4.0.3.24\Nss.exe [2013-08-19] (Symantec Corporation) Task: {A0761E70-70B8-4035-8186-B5936C708B52} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\Protected Search\ProtectedSearch.exe [2012-10-11] (Simplygen) <==== ATTENTION Task: {C28CD781-E211-4712-87B4-B5C86054EFD9} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-01] (AnyProtect by CMI) <==== ATTENTION Task: {D85A7E85-4BE6-4315-9CDA-2F54596AE661} - System32\Tasks\Weather It Up-chromeinstaller => C:\Program Files (x86)\Weather It Up\Weather It Up-chromeinstaller.exe [2014-04-01] (Phoenix Media) Task: {DC07BF9B-D977-458A-9CB9-B6909D9FF560} - System32\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-2 => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-2.exe <==== ATTENTION Task: {DEC5D467-DD9F-4808-B0C9-B260D02FA63A} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-05-17] () <==== ATTENTION Task: {E21AABE7-D8DA-41A7-B9BA-BD61FB31DE09} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfA98.exe [2014-05-22] () <==== ATTENTION Task: {E8395618-29D9-4798-B7BB-204170A87627} - System32\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-3 => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-3.exe <==== ATTENTION Task: {F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC} - System32\Tasks\Weather It Up-enabler => C:\Program Files (x86)\Weather It Up\Weather It Up-enabler.exe [2014-04-01] (Phoenix Media) <==== ATTENTION Task: {F4E93B22-4DD6-4695-A9F6-6FCACC89C174} - System32\Tasks\BlockAndSurf_wd => C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfg.exe [2014-05-22] () <==== ATTENTION Task: {FF3CE8BE-D5A8-463C-A845-D0A680C9B0B1} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-11] (Systweak Inc) <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-1.job => C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-2.job => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-2.exe <==== ATTENTION Task: C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-3.job => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-3.exe <==== ATTENTION Task: C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-4.job => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-4.exe <==== ATTENTION Task: C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-5.job => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-5.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfA98.exe <==== ATTENTION Task: C:\Windows\Tasks\BlockAndSurf_wd.job => C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfg.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\Julian\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\Windows\Tasks\Norton Security Scan for Julian.job => C:\PROGRA~2\NORTON~2\Engine\403~1.24\Nss.exe Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION Task: C:\Windows\Tasks\Weather It Up-chromeinstaller.job => C:\Program Files (x86)\Weather It Up\Weather It Up-chromeinstaller.exe Task: C:\Windows\Tasks\Weather It Up-codedownloader.job => C:\Program Files (x86)\Weather It Up\Weather It Up-codedownloader.exe Task: C:\Windows\Tasks\Weather It Up-enabler.job => C:\Program Files (x86)\Weather It Up\Weather It Up-enabler.exe <==== ATTENTION Task: C:\Windows\Tasks\Weather It Up-firefoxinstaller.job => C:\Program Files (x86)\Weather It Up\Weather It Up-firefoxinstaller.exe Task: C:\Windows\Tasks\Weather It Up-updater.job => C:\Program Files (x86)\Weather It Up\Weather It Up-updater.exe ==================== Loaded Modules (whitelisted) ============= 2012-08-19 13:44 - 2012-08-19 13:43 - 01508192 _____ () C:\Windows\system32\IcnOvrly.dll 2014-05-22 12:52 - 2014-05-22 12:52 - 00104960 _____ () C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfg.exe 2013-08-30 10:51 - 2013-08-30 10:51 - 00757048 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\avgrepliba.dll 2014-04-01 11:28 - 2014-04-01 11:28 - 00355328 _____ () C:\USERS\JULIAN\APPDATA\ROAMING\VOPACKAGE\VOSRV.EXE 2012-07-11 03:48 - 2012-06-07 03:51 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2008-12-20 03:20 - 2012-08-19 13:47 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2012-04-19 16:22 - 2012-08-19 13:47 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll 2012-03-10 16:31 - 2012-08-19 13:47 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll 2008-12-20 03:20 - 2012-08-19 13:47 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2014-01-27 11:38 - 2013-05-21 10:53 - 00846848 _____ () C:\PROGRAM FILES (X86)\TP-LINK\TP-LINK WIRELESS CONFIGURATION UTILITY\TWCU.EXE 2013-09-20 00:37 - 2013-09-20 00:37 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll 2013-09-20 00:32 - 2013-09-20 00:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll 2014-01-02 15:26 - 2014-01-02 15:28 - 00761536 _____ () C:\PROGRAM FILES (X86)\MOBOGENIE\DAEMONPROCESS.EXE 2014-03-31 17:02 - 2014-05-06 16:16 - 00522752 _____ () C:\PROGRAM FILES (X86)\BROWSERSAFEGUARD\BROWSERSAFEGUARD.EXE 2013-11-13 23:22 - 2013-11-13 23:22 - 00199104 _____ () C:\PROGRAM FILES (X86)\PRIVACY DR\SPLASH.EXE 2014-05-22 12:52 - 2014-05-22 12:52 - 00178688 _____ () C:\PROGRAM FILES (X86)\BLOCKANDSURF-SOFT\BLOCKANDSURFDC171.EXE 2014-05-22 12:52 - 2014-05-22 12:52 - 00172544 _____ () C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfdc171.dll 2014-01-02 15:25 - 2012-07-25 13:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll 2014-01-02 15:25 - 2013-10-04 19:20 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll 2014-01-02 15:25 - 2012-07-25 13:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-04-01 11:28 - 2014-04-01 11:28 - 00355328 _____ () C:\Users\Julian\AppData\Roaming\VOPackage\VOsrv.exe 2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2014-01-27 11:38 - 2013-05-21 10:53 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe 2014-01-27 11:38 - 2013-05-21 10:53 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll 2014-01-27 11:38 - 2013-05-21 10:53 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll 2012-08-19 13:43 - 2012-08-19 13:43 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll 2013-08-22 20:43 - 2013-08-22 20:43 - 00272688 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node 2013-08-22 20:44 - 2013-08-22 20:44 - 00039216 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node 2013-08-22 20:44 - 2013-08-22 20:44 - 00053040 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node 2013-08-22 20:44 - 2013-08-22 20:44 - 00057648 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node 2013-08-22 20:44 - 2013-08-22 20:44 - 00014848 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node 2014-01-02 15:26 - 2014-01-02 15:28 - 00761536 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe 2014-03-31 17:02 - 2014-05-06 16:16 - 00522752 _____ () C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe 2014-02-13 17:11 - 2014-02-13 17:11 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll 2012-08-19 13:14 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-08-19 13:15 - 2012-02-21 06:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-11-13 23:22 - 2013-11-13 23:22 - 00199104 _____ () C:\Program Files (x86)\Privacy Dr\Splash.exe 2013-08-30 17:47 - 2013-08-30 17:47 - 00007168 _____ () C:\Program Files (x86)\Privacy Dr\Setup.dll 2014-05-22 12:52 - 2014-05-22 12:52 - 00178688 _____ () C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfdc171.exe 2014-06-13 07:14 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll 2014-06-13 07:14 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll 2014-06-13 07:14 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll 2014-06-13 07:14 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll 2014-06-13 07:14 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll 2013-06-11 04:27 - 2013-06-11 04:27 - 00237568 _____ () C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ctb.dll 2014-06-13 07:14 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: SMART Virtual TabletPC Description: SMART Virtual TabletPC Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: SMART Technologies ULC Service: SMARTVTabletPCx64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 28220940 Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 28220940 Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6489 Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6489 Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5475 Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5475 Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/28/2014 03:12:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4461 System errors: ============= Error: (06/28/2014 11:02:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst netprofm erreicht. Error: (06/28/2014 11:02:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107. Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107. Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT) Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung. Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT) Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung. Error: (06/27/2014 09:07:41 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Windows Update" wurde nicht richtig gestartet. Error: (06/27/2014 09:02:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht. Error: (06/27/2014 09:02:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht. Error: (06/27/2014 08:57:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 28220940 Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 28220940 Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6489 Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6489 Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5475 Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5475 Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/28/2014 03:12:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4461 ==================== Memory info =========================== Percentage of memory in use: 54% Total physical RAM: 3996.36 MB Available physical RAM: 1810.42 MB Total Pagefile: 7990.9 MB Available Pagefile: 3979.39 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (Windows7_OS) (Fixed) (Total:420.56 GB) (Free:330.15 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:0 GB) NTFS Drive f: (MANAGER13) (CDROM) (Total:5.73 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7F8E0386) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=421 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=20 GB) - (Type=12) ==================== End Of Log ============================ |
28.06.2014, 23:10 | #5 | |
Ruhe in Frieden † 2019 | Ständige Werbung in allen Browsern Hallo, das ist ja mal eine imposante Anhäufung an Krams Kein Wunder, dass dein Rechner schwer beschäftigt ist. Hast du diesen Proxy gesetzt? Zitat:
Bitte deinstalliere folgende Programme (falls vorhanden) : Advanced System Protector AnyProtect Ask Toolbar BlockAndSurf Browser Guard BrowserSafeguard with RocketTab DownTango DownTango Launcher 1.6 Java 7 Update 51 Lollipop Mobogenie MyPC Backup Mysearchdial Norton Security Scan Plus-HD-9.3 PriceGong 2.6.11 Protected Search 1.1 qone8 uninstaller RegClean Pro Search Protect Softonic toolbar on IE and Chrome Spyware Terminator 2012 VO Package Weather It Up Web Security Guard with Crawler Toolbar ( WPM17.8.0.3442 Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus. Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 4 Starte noch einmal FRST.
|
29.06.2014, 00:52 | #6 | |
| Ständige Werbung in allen Browsern Hahahaha, ja, ich habe auch recht lange gebraucht, um solch eine Sammlung anzuhäufen. Zitat:
Code:
ATTFilter # AdwCleaner v3.213 - Bericht erstellt am 29/06/2014 um 01:02:25 # Aktualisiert 23/06/2014 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : Julian - JULIAN-PC # Gestartet von : C:\Users\Julian\Downloads\adwcleaner_3.213.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma ***** [ Verknüpfungen ] ***** Verknüpfung Desinfiziert : C:\Users\Julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Verknüpfung Desinfiziert : C:\Users\Julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Verknüpfung Desinfiziert : C:\Users\Julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk Verknüpfung Desinfiziert : C:\Users\Julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ***** [ Registrierungsdatenbank ] ***** Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [lollipop] Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ctbcommon.Buttons Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ctbr.R404Pro Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CToolbar.TB4Client Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CToolbar.TB4Script Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CToolbar.TB4Server Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411911136} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511301198} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422912236} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522302298} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455915536} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555305598} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466916636} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566306698} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444914436} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544304498} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411911136} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511301198} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411911136} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511301198} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422912236} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522302298} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455915536} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555305598} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466916636} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566306698} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411911136} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511301198} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command Schlüssel Gelöscht : HKCU\Software\AnyProtect Schlüssel Gelöscht : HKCU\Software\Ask.com Schlüssel Gelöscht : HKCU\Software\CToolbar Schlüssel Gelöscht : HKCU\Software\InstallCore Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions Schlüssel Gelöscht : HKCU\Software\mysearchdial Schlüssel Gelöscht : HKCU\Software\mysearchdial.com Schlüssel Gelöscht : HKCU\Software\Optimizer Pro Schlüssel Gelöscht : HKCU\Software\ProtectedSearch Schlüssel Gelöscht : HKCU\Software\SearchProtectINT Schlüssel Gelöscht : HKCU\Software\visualbee Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\blockAndSurf Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech Schlüssel Gelöscht : HKLM\Software\AskToolbar Schlüssel Gelöscht : HKLM\Software\CToolbar Schlüssel Gelöscht : HKLM\Software\IePlugin Schlüssel Gelöscht : HKLM\Software\InstallCore Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions Schlüssel Gelöscht : HKLM\Software\qone8Software Schlüssel Gelöscht : HKLM\Software\simplitec Schlüssel Gelöscht : HKLM\Software\SupTab Schlüssel Gelöscht : HKLM\Software\supWPM Schlüssel Gelöscht : HKLM\Software\systweak Schlüssel Gelöscht : HKLM\Software\visualbee Schlüssel Gelöscht : HKLM\Software\Wpm Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.17126 Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] -\\ Mozilla Firefox v29.0.1 (de) [ Datei : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\prefs.js ] Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD[...] Zeile gelöscht : user_pref("extensions.a120b8567cef74a3fbc74951746209d5be3f0d12e110a4daca27722ad73cee452com53098.53098.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...] Zeile gelöscht : user_pref("extensions.a18c3bc7ab2aa43c1885a665d2f25cf89d6802e5935194428bef7bce888d550bbcom49136.49136.internaldb.Resources_meta.value", "%7B%22html/popup.html%22%3A%7B%22id%22%3A526988%2C%22ver%22%3A6[...] Zeile gelöscht : user_pref("extensions.a18c3bc7ab2aa43c1885a665d2f25cf89d6802e5935194428bef7bce888d550bbcom49136.49136.internaldb.Resources_resource_526988.value", "%22%3C%21DOCTYPE%20HTML%3E%5Cn%3Chtml%20lang%3D%5C%2[...] Zeile gelöscht : user_pref("extensions.a18c3bc7ab2aa43c1885a665d2f25cf89d6802e5935194428bef7bce888d550bbcom49136.49136.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...] Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", ""); Zeile gelöscht : user_pref("extensions.crossrider.bic", "1451ce799a78efbbb5a3ccebfc68ebb1"); Zeile gelöscht : user_pref("extensions.enabledAddons", "ffxtlbr%40mysearchdial.com:1.6.0,120b8567-cef7-4a3f-bc74-951746209d5b%40e3f0d12e-110a-4dac-a277-22ad73cee452.com:0.94.51,18c3bc7a-b2aa-43c1-885a-665d2f25cf89%40d[...] Zeile gelöscht : user_pref("extensions.irmysearch.aflt", "cmi_14_14_ff"); Zeile gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0Et[...] Zeile gelöscht : user_pref("extensions.irmysearch.cr", "1707376684"); Zeile gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_b"); Zeile gelöscht : user_pref("extensions.mysearchdial.AL", 2); Zeile gelöscht : user_pref("extensions.mysearchdial.aflt", "cmi_14_14_ff"); Zeile gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); Zeile gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0[...] Zeile gelöscht : user_pref("extensions.mysearchdial.cntry", "DE"); Zeile gelöscht : user_pref("extensions.mysearchdial.cr", "1707376684"); Zeile gelöscht : user_pref("extensions.mysearchdial.dfltLng", ""); Zeile gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true); Zeile gelöscht : user_pref("extensions.mysearchdial.dnsErr", true); Zeile gelöscht : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...] Zeile gelöscht : user_pref("extensions.mysearchdial.dspFFXOld", ""); Zeile gelöscht : user_pref("extensions.mysearchdial.excTlbr", false); Zeile gelöscht : user_pref("extensions.mysearchdial.hdrMd5", "2036F02F64C8F55B2B89C5184AFE60B0"); Zeile gelöscht : user_pref("extensions.mysearchdial.hmpg", true); Zeile gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEt[...] Zeile gelöscht : user_pref("extensions.mysearchdial.id", "C0143DC3FD0CEE6A"); Zeile gelöscht : user_pref("extensions.mysearchdial.instlDay", "16161"); Zeile gelöscht : user_pref("extensions.mysearchdial.instlRef", "140305_b"); Zeile gelöscht : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDt[...] Zeile gelöscht : user_pref("extensions.mysearchdial.lastVrsnTs", ""); Zeile gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCy[...] Zeile gelöscht : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"96\",\"lastVrsn\":\"96\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}"); Zeile gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial"); Zeile gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); Zeile gelöscht : user_pref("extensions.mysearchdial.sg", "{smplGrp}"); Zeile gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base"); Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1Czut[...] Zeile gelöscht : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0"); Zeile gelöscht : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0"); Zeile gelöscht : user_pref("extensions.mysearchdial_i.newTab", false); Zeile gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none"); Zeile gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.013:2:19"); -\\ Google Chrome v35.0.1916.153 [ Datei : C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\preferences ] Gelöscht [Search Provider] : hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms} Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir= Gelöscht [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir= Gelöscht [Startup_urls] : hxxp://start.qone8.com/?type=hp&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467 Gelöscht [Extension] : aaaaabfjnbeinlpljodiajipidiompfl Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb Gelöscht [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma ************************* AdwCleaner[R0].txt - [45119 octets] - [29/06/2014 00:49:23] AdwCleaner[R1].txt - [45119 octets] - [29/06/2014 00:52:41] AdwCleaner[R2].txt - [67941 octets] - [29/06/2014 00:55:30] AdwCleaner[R3].txt - [39722 octets] - [29/06/2014 01:01:56] AdwCleaner[S0].txt - [8265 octets] - [29/06/2014 00:58:36] AdwCleaner[S1].txt - [32993 octets] - [29/06/2014 01:02:25] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [33054 octets] ########## Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 29.06.2014 01:12:09, SYSTEM, JULIAN-PC, Protection, Malware Protection, Starting, Protection, 29.06.2014 01:12:09, SYSTEM, JULIAN-PC, Protection, Malware Protection, Started, Protection, 29.06.2014 01:12:09, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Starting, Update, 29.06.2014 01:12:38, SYSTEM, JULIAN-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.6.23.2, Update, 29.06.2014 01:12:41, SYSTEM, JULIAN-PC, Manual, Malware Database, 2014.3.4.9, 2014.6.28.5, Protection, 29.06.2014 01:12:42, SYSTEM, JULIAN-PC, Protection, Refresh, Starting, Protection, 29.06.2014 01:13:06, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Started, Protection, 29.06.2014 01:13:06, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Stopping, Protection, 29.06.2014 01:13:06, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Stopped, Protection, 29.06.2014 01:13:10, SYSTEM, JULIAN-PC, Protection, Refresh, Success, Protection, 29.06.2014 01:13:10, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Starting, Protection, 29.06.2014 01:13:11, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Started, Detection, 29.06.2014 01:13:46, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, IP, 46.21.150.117, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe, Detection, 29.06.2014 01:13:46, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, IP, 46.21.150.117, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe, Detection, 29.06.2014 01:33:16, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, IP, 195.174.111.176, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe, Detection, 29.06.2014 01:33:17, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, IP, 195.174.111.176, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe, Protection, 29.06.2014 01:35:37, SYSTEM, JULIAN-PC, Protection, Malware Protection, Starting, Protection, 29.06.2014 01:35:37, SYSTEM, JULIAN-PC, Protection, Malware Protection, Started, Protection, 29.06.2014 01:35:37, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Starting, Protection, 29.06.2014 01:37:33, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Started, (end) FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02 Ran by Julian (administrator) on JULIAN-PC on 29-06-2014 01:45:58 Running from C:\Users\Julian\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe ( ) C:\Program Files (x86)\LockKey\LockKey.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe (SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2012-03-01] (Conexant Systems, Inc.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2809856 2012-01-16] (ELAN Microelectronics Corp.) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-19] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-19] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-08-19] (Lenovo) HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation) HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-08-19] (Lenovo) HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( ) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [SMART Floating Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe [9024304 2013-11-20] (SMART Technologies ULC) HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe [204592 2013-11-22] (SMART Technologies) HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe [743728 2013-11-22] (SMART Technologies) HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [1933104 2013-11-22] (SMART Technologies) HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62768 2013-08-22] (SMART Technologies) HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [147248 2013-10-31] (SMART Technologies) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-05-18] (Electronic Arts) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-19] (Google Inc.) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google) HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [PrivacyDr] => C:\Program Files (x86)\Privacy Dr\PrivacyDr.exe [2920384 2013-11-13] () HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\MountPoints2: {61b469da-e9ed-11e1-ac5f-806e6f6e6963} - F:\Autorun.exe HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\MountPoints2: {9ff9f46d-94bb-11e3-9a60-c0143dc3fd0c} - E:\LaunchU3.exe -a Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {193DDDE3-3F56-48EC-8085-549FD9F026DB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=09599e60-d3a6-4fb0-946d-ff4c0fa54d5f&apn_sauid=46E449BC-4F3E-4556-9110-102CBC7E6CD9 SearchScopes: HKCU - {44594F6D-AD20-45F6-8766-FBB35DB5C317} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=7ac7ee6a000000000000c0143dc3fd0b&r=392 BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.192.1 FireFox: ======== FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default FF NewTab: chrome://quick_start/content/index.html FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\staged [2014-06-29] Chrome: ======= CHR HomePage: hxxp://google.de/ CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\McChPlg.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File CHR Plugin: (Default Plug-in) - default_plugin No File CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-06] CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10] CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10] CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29] CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-10] CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Julian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-12-28] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-11] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-11] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-06-11] (Avira Operations GmbH & Co. KG) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [538416 2013-11-22] (SMART Technologies) R2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [2100024 2013-08-30] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-11] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-11] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-04] (Avira Operations GmbH & Co. KG) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-29] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-11-04] (SMART Technologies) R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-11-04] (SMART Technologies) S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-11-04] (SMART Technologies ULC) R3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation) U3 BcmSqlStartupSvc; U2 CLKMSVC10_3A60B698; U2 CLKMSVC10_C3B3B687; U2 DriverService; U2 iATAgentService; U2 idealife Update Service; U3 IGRS; U2 IviRegMgr; U2 nvUpdatusService; U2 Oasis2Service; U2 PCCarerService; U2 ReadyComm.DirectRouter; U2 RichVideo; U2 RtLedService; U2 SeaPort; U2 SoftwareService; U3 SQLWriter; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-29 01:45 - 2014-06-29 01:45 - 00002466 _____ () C:\Users\Julian\Desktop\mbam.txt 2014-06-29 01:12 - 2014-06-29 01:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-29 01:11 - 2014-06-29 01:11 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-29 01:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-29 01:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-29 01:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-29 01:10 - 2014-06-29 01:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-29 01:10 - 2014-06-29 01:10 - 00033299 _____ () C:\Users\Julian\Desktop\AdwCleaner[S1].txt 2014-06-29 01:04 - 2014-06-29 01:04 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2014-06-29 00:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-06-29 00:48 - 2014-06-29 01:02 - 00000000 ____D () C:\AdwCleaner 2014-06-29 00:48 - 2014-06-29 00:48 - 01342659 _____ () C:\Users\Julian\Downloads\adwcleaner_3.213.exe 2014-06-29 00:38 - 2014-06-29 00:38 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Julian\Downloads\revosetup95.exe 2014-06-29 00:38 - 2014-06-29 00:38 - 00001279 _____ () C:\Users\Julian\Desktop\Revo Uninstaller.lnk 2014-06-29 00:38 - 2014-06-29 00:38 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-06-29 00:34 - 2014-06-29 00:34 - 00000000 ____D () C:\ProgramData\Spyware Terminator 2014-06-29 00:20 - 2014-06-29 00:20 - 00003100 _____ () C:\Windows\System32\Tasks\{9E50DF3D-63D7-48F6-BBC0-F330D1315084} 2014-06-28 23:51 - 2014-06-28 23:51 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64 (1).exe 2014-06-28 23:50 - 2014-06-28 23:51 - 00046633 _____ () C:\Users\Julian\Downloads\Addition.txt 2014-06-28 23:48 - 2014-06-29 01:46 - 00024845 _____ () C:\Users\Julian\Downloads\FRST.txt 2014-06-28 23:47 - 2014-06-29 01:46 - 00000000 ____D () C:\FRST 2014-06-28 23:44 - 2014-06-28 23:44 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe 2014-06-24 12:18 - 2014-06-24 12:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-06-18 11:50 - 2014-06-24 11:14 - 00005630 _____ () C:\Users\Julian\Desktop\Lufthnsa Motivationsschreiben.odt 2014-06-18 10:26 - 2014-06-18 11:50 - 00005704 _____ () C:\Users\Julian\Documents\Lufthnsa MOtivationsschreiben.odt 2014-06-11 15:53 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-11 15:53 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-11 15:53 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 15:53 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 15:53 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 15:53 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 15:53 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 15:53 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-11 15:53 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-11 15:53 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 15:53 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-11 15:53 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 15:53 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 15:53 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-11 15:53 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-11 15:53 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 15:53 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 15:53 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 15:53 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 15:53 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 15:53 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 15:53 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-11 15:53 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 15:53 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 15:53 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 15:53 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 15:53 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 15:53 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 15:53 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-11 15:53 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 15:53 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 15:53 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 15:53 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 15:53 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 15:53 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 15:53 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-11 15:53 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 15:53 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 15:53 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 15:53 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 15:53 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 15:53 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 15:53 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 15:53 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 15:53 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 15:53 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 15:53 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 15:53 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 15:53 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 15:53 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 15:53 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 15:53 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 15:53 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-11 15:53 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 15:53 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 15:53 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 15:53 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 15:53 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 15:53 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 15:53 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 15:53 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-11 15:53 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-11 15:53 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 15:53 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 15:53 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 15:53 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-06 12:47 - 2014-06-06 12:47 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr 2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\Documents\Bus Simulator 2012 2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\AppData\Local\Bus Simulator 2012 2014-06-01 15:14 - 2014-06-18 15:24 - 00005937 _____ () C:\Users\Julian\Desktop\Motivationsschreiben Ausbildung.odt 2014-06-01 14:58 - 2014-06-01 14:58 - 00000000 ____D () C:\Users\Julian\Desktop\Programme 2014-06-01 14:56 - 2014-06-24 12:18 - 00000000 ____D () C:\Users\Julian\Desktop\Games 2014-06-01 12:22 - 2014-06-01 12:23 - 02002656 _____ (Driver Restore) C:\Users\Julian\Downloads\DriverRestore.exe 2014-06-01 12:10 - 2014-06-11 21:07 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-01 12:10 - 2014-06-11 21:05 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-01 11:58 - 2014-06-01 11:58 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-01 11:57 - 2014-06-01 11:57 - 00283144 _____ (Mozilla) C:\Users\Julian\Downloads\Firefox Setup Stub 29.0.1.exe ==================== One Month Modified Files and Folders ======= 2014-06-29 01:46 - 2014-06-28 23:48 - 00024845 _____ () C:\Users\Julian\Downloads\FRST.txt 2014-06-29 01:46 - 2014-06-28 23:47 - 00000000 ____D () C:\FRST 2014-06-29 01:45 - 2014-06-29 01:45 - 00002466 _____ () C:\Users\Julian\Desktop\mbam.txt 2014-06-29 01:45 - 2009-07-14 06:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-29 01:45 - 2009-07-14 06:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-29 01:42 - 2012-08-19 13:05 - 01365649 _____ () C:\Windows\WindowsUpdate.log 2014-06-29 01:39 - 2013-12-28 18:12 - 00000000 ___RD () C:\Users\Julian\Google Drive 2014-06-29 01:39 - 2012-08-19 13:44 - 00000000 ____D () C:\ProgramData\VeriFace 2014-06-29 01:38 - 2014-06-29 01:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-29 01:38 - 2012-08-19 13:48 - 00485047 _____ () C:\Windows\system32\fastboot.set 2014-06-29 01:35 - 2012-11-07 23:20 - 00991774 _____ () C:\FaceProv.log 2014-06-29 01:35 - 2012-08-19 13:46 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-29 01:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-29 01:35 - 2009-07-14 06:51 - 00072515 _____ () C:\Windows\setupact.log 2014-06-29 01:34 - 2010-11-21 05:47 - 00461508 _____ () C:\Windows\PFRO.log 2014-06-29 01:11 - 2014-06-29 01:11 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-29 01:10 - 2014-06-29 01:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-29 01:10 - 2014-06-29 01:10 - 00033299 _____ () C:\Users\Julian\Desktop\AdwCleaner[S1].txt 2014-06-29 01:04 - 2014-06-29 01:04 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2014-06-29 01:02 - 2014-06-29 00:48 - 00000000 ____D () C:\AdwCleaner 2014-06-29 01:00 - 2012-11-07 23:20 - 00000000 ____D () C:\Users\Julian 2014-06-29 01:00 - 2012-08-19 13:46 - 00001293 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-29 01:00 - 2012-08-19 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-29 00:53 - 2012-08-19 13:46 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-29 00:48 - 2014-06-29 00:48 - 01342659 _____ () C:\Users\Julian\Downloads\adwcleaner_3.213.exe 2014-06-29 00:38 - 2014-06-29 00:38 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Julian\Downloads\revosetup95.exe 2014-06-29 00:38 - 2014-06-29 00:38 - 00001279 _____ () C:\Users\Julian\Desktop\Revo Uninstaller.lnk 2014-06-29 00:38 - 2014-06-29 00:38 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-06-29 00:34 - 2014-06-29 00:34 - 00000000 ____D () C:\ProgramData\Spyware Terminator 2014-06-29 00:34 - 2012-11-10 20:53 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator 2014-06-29 00:23 - 2013-04-16 08:04 - 00000000 ____D () C:\ProgramData\Symantec 2014-06-29 00:23 - 2013-04-16 08:03 - 00000000 ____D () C:\ProgramData\Norton 2014-06-29 00:20 - 2014-06-29 00:20 - 00003100 _____ () C:\Windows\System32\Tasks\{9E50DF3D-63D7-48F6-BBC0-F330D1315084} 2014-06-29 00:16 - 2014-04-01 13:02 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-06-29 00:04 - 2013-12-18 21:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-28 23:51 - 2014-06-28 23:51 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64 (1).exe 2014-06-28 23:51 - 2014-06-28 23:50 - 00046633 _____ () C:\Users\Julian\Downloads\Addition.txt 2014-06-28 23:44 - 2014-06-28 23:44 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe 2014-06-27 09:28 - 2013-12-22 14:06 - 00000000 ____D () C:\Users\Julian\AppData\Local\Deployment 2014-06-27 09:06 - 2012-08-19 22:47 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2014-06-27 09:06 - 2012-08-19 22:47 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2014-06-27 09:06 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-27 09:01 - 2013-07-10 16:59 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-06-24 12:18 - 2014-06-24 12:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-06-24 12:18 - 2014-06-01 14:56 - 00000000 ____D () C:\Users\Julian\Desktop\Games 2014-06-24 12:18 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-24 12:17 - 2014-05-22 17:43 - 00000000 ____D () C:\Program Files (x86)\Der Planer 5 2014-06-24 11:14 - 2014-06-18 11:50 - 00005630 _____ () C:\Users\Julian\Desktop\Lufthnsa Motivationsschreiben.odt 2014-06-19 18:48 - 2012-08-19 13:46 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-19 18:48 - 2012-08-19 13:46 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-18 15:24 - 2014-06-01 15:14 - 00005937 _____ () C:\Users\Julian\Desktop\Motivationsschreiben Ausbildung.odt 2014-06-18 11:50 - 2014-06-18 10:26 - 00005704 _____ () C:\Users\Julian\Documents\Lufthnsa MOtivationsschreiben.odt 2014-06-18 10:01 - 2013-12-28 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-06-17 18:44 - 2012-08-19 13:37 - 00045512 _____ () C:\Windows\DirectX.log 2014-06-17 18:26 - 2013-07-10 16:59 - 00000000 ____D () C:\ProgramData\Origin 2014-06-12 12:58 - 2014-01-27 11:38 - 00000000 ____D () C:\Program Files (x86)\TP-LINK 2014-06-12 12:08 - 2014-02-17 11:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-12 12:08 - 2014-01-02 15:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-11 21:07 - 2014-06-01 12:10 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-11 21:05 - 2014-06-01 12:10 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-11 21:04 - 2012-11-17 16:53 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-11 21:03 - 2014-05-11 19:45 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-11 15:45 - 2013-04-03 12:07 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-11 15:45 - 2013-04-03 12:07 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-08 11:13 - 2014-06-11 15:53 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-11 15:53 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-06 12:47 - 2014-06-06 12:47 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr 2014-06-03 10:57 - 2014-03-25 15:29 - 00000000 ____D () C:\Users\Julian\Documents\Euro Truck Simulator 2 2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\Documents\Bus Simulator 2012 2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\AppData\Local\Bus Simulator 2012 2014-06-01 14:58 - 2014-06-01 14:58 - 00000000 ____D () C:\Users\Julian\Desktop\Programme 2014-06-01 14:09 - 2013-12-09 21:54 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-06-01 12:23 - 2014-06-01 12:22 - 02002656 _____ (Driver Restore) C:\Users\Julian\Downloads\DriverRestore.exe 2014-06-01 11:58 - 2014-06-01 11:58 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-01 11:58 - 2014-01-02 15:36 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-01 11:57 - 2014-06-01 11:57 - 00283144 _____ (Mozilla) C:\Users\Julian\Downloads\Firefox Setup Stub 29.0.1.exe 2014-05-30 12:21 - 2014-06-11 15:53 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 12:02 - 2014-06-11 15:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 12:02 - 2014-06-11 15:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 11:45 - 2014-06-11 15:53 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 11:39 - 2014-06-11 15:53 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 11:39 - 2014-06-11 15:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 11:38 - 2014-06-11 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 11:28 - 2014-06-11 15:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 11:27 - 2014-06-11 15:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 11:24 - 2014-06-11 15:53 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 11:21 - 2014-06-11 15:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 11:21 - 2014-06-11 15:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 11:20 - 2014-06-11 15:53 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-11 15:53 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 11:11 - 2014-06-11 15:53 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 11:08 - 2014-06-11 15:53 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-11 15:53 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 11:02 - 2014-06-11 15:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 10:55 - 2014-06-11 15:53 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 10:49 - 2014-06-11 15:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 10:46 - 2014-06-11 15:53 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-11 15:53 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 10:44 - 2014-06-11 15:53 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-11 15:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 10:42 - 2014-06-11 15:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 10:38 - 2014-06-11 15:53 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-11 15:53 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 10:34 - 2014-06-11 15:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 10:33 - 2014-06-11 15:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 10:30 - 2014-06-11 15:53 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 10:29 - 2014-06-11 15:53 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 10:28 - 2014-06-11 15:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 10:27 - 2014-06-11 15:53 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 10:24 - 2014-06-11 15:53 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 10:23 - 2014-06-11 15:53 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-11 15:53 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 10:10 - 2014-06-11 15:53 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 10:06 - 2014-06-11 15:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 10:04 - 2014-06-11 15:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-11 15:53 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-11 15:53 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-11 15:53 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 09:54 - 2014-06-11 15:53 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 09:50 - 2014-06-11 15:53 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 09:49 - 2014-06-11 15:53 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-11 15:53 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-11 15:53 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-11 15:53 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-11 15:53 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-11 15:53 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-11 15:53 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-11 15:53 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll Some content of TEMP: ==================== C:\Users\Julian\AppData\Local\Temp\6_Offer_15.exe C:\Users\Julian\AppData\Local\Temp\avgnt.exe C:\Users\Julian\AppData\Local\Temp\BackupSetup.exe C:\Users\Julian\AppData\Local\Temp\DownTangoSetup20130408213950.exe C:\Users\Julian\AppData\Local\Temp\installer.exe C:\Users\Julian\AppData\Local\Temp\ose00000.exe C:\Users\Julian\AppData\Local\Temp\Quarantine.exe C:\Users\Julian\AppData\Local\Temp\SendMsg.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite10636.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite11538.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite13076.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite13167.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14296.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14320.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14692.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16002.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16712.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16736.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite17398.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18006.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18241.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18803.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite19003.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite19128.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite21542.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite23399.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite23779.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite24821.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite26681.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29469.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29631.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29738.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite30640.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite30887.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31130.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31309.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31540.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31591.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite33108.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite34256.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite34470.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite35057.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite36438.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite36736.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite37732.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite37863.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite39949.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40089.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40143.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40173.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42094.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42426.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42736.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite43265.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite45714.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite46079.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite46143.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite48451.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite50387.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite51230.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite52270.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite53244.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite53291.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite55408.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite57620.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite57693.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite58099.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite58126.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite60758.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite61462.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62073.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62586.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62860.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite64753.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite65354.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite65640.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68189.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68303.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68456.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68485.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68490.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite69387.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite69569.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite71648.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite72697.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite72922.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite73653.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite74683.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite74968.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite75926.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite77555.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite78275.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite80301.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite81027.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite82686.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite83095.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite85021.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite86184.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite87614.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite88124.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite88466.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite91859.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite92227.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite93212.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite96672.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite98100.dll C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite98744.dll C:\Users\Julian\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-01-11 16:23 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02 Ran by Julian at 2014-06-29 01:47:12 Running from C:\Users\Julian\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.34.0 - Conexant) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation) Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.9 - Lenovo) Lenovo OneKey Recovery (Version: 7.0.0.3712 - CyberLink Corp.) Hidden Lenovo pointing device (HKLM\...\Elantech) (Version: 10.4.2.8 - ELAN Microelectronic Corp.) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation) VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Restore Points ========================= 01-06-2014 17:03:52 Windows-Sicherung 09-06-2014 10:49:45 Windows-Sicherung 11-06-2014 19:01:09 Windows Update 12-06-2014 10:56:58 Installed PowerLine Utility 17-06-2014 16:41:40 DirectX wurde installiert 17-06-2014 19:26:58 Windows-Sicherung 24-06-2014 09:17:22 Windows-Sicherung 28-06-2014 22:18:41 Removed Java 7 Update 51 (64-bit) 28-06-2014 22:40:22 Revo Uninstaller's restore point - Lollipop ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {150EF0BF-A738-44C0-B1FB-E7B5C7992C8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-19] (Google Inc.) Task: {15150AC7-DFB6-495F-AA49-F7A18EE12FFC} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-5 No Task File <==== ATTENTION Task: {170B39E8-2942-45C7-8825-F905F6C592AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-18] (Adobe Systems Incorporated) Task: {18496993-2143-41B6-97E3-0FB175748A27} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {255AF57D-67E3-4FC5-8CC8-37B873D52942} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {33535263-5917-4D7B-9337-F6B02A8BA43E} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION Task: {3770834E-1FD4-4A19-BC76-9CC46DF88091} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\OneClick.exe [2013-08-30] (TuneUp Software) Task: {3D4D3CF7-BD80-45E4-91CA-2FC80DED067C} - \APSnotifierPP3 No Task File <==== ATTENTION Task: {3DAB6028-F884-4B51-9D26-AB9D750CB8A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-19] (Google Inc.) Task: {5EED5FCC-AE50-4459-85C9-374E501DA4E8} - \Weather It Up-updater No Task File <==== ATTENTION Task: {6023D30E-9302-4225-A4E9-D42AAF71AECE} - \MySearchDial No Task File <==== ATTENTION Task: {652C1272-9EAF-4C21-96CA-8315C82B4B8D} - \Weather It Up-codedownloader No Task File <==== ATTENTION Task: {6B402D9F-9393-4F3E-843E-BF6893FF5FA0} - \Weather It Up-firefoxinstaller No Task File <==== ATTENTION Task: {7D3E29F6-EE2B-43C0-8A37-B727D11383E0} - \APSnotifierPP1 No Task File <==== ATTENTION Task: {7E9166AF-4D60-4400-BF30-1DAF66F6D3B4} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-4 No Task File <==== ATTENTION Task: {83512CF7-3FCA-4468-A9D9-86C3525FA26A} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-1 No Task File <==== ATTENTION Task: {84CB915E-AE22-40B5-AB60-F42D4D5D79FF} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-28] (CyberLink) Task: {8C3619FD-04CC-4C1E-A238-0AE50B0FB679} - System32\Tasks\PrivacyDr_Splash => C:\Program Files (x86)\Privacy Dr\Splash.exe [2013-11-13] () Task: {C28CD781-E211-4712-87B4-B5C86054EFD9} - \APSnotifierPP2 No Task File <==== ATTENTION Task: {D85A7E85-4BE6-4315-9CDA-2F54596AE661} - \Weather It Up-chromeinstaller No Task File <==== ATTENTION Task: {DC07BF9B-D977-458A-9CB9-B6909D9FF560} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-2 No Task File <==== ATTENTION Task: {E8395618-29D9-4798-B7BB-204170A87627} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-3 No Task File <==== ATTENTION Task: {F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC} - \Weather It Up-enabler No Task File <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-08-19 13:44 - 2012-08-19 13:43 - 01508192 _____ () C:\Windows\system32\IcnOvrly.dll 2013-08-30 10:51 - 2013-08-30 10:51 - 00757048 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\avgrepliba.dll 2012-07-11 03:48 - 2012-06-07 03:51 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2008-12-20 03:20 - 2012-08-19 13:47 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2012-04-19 16:22 - 2012-08-19 13:47 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll 2012-03-10 16:31 - 2012-08-19 13:47 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll 2008-12-20 03:20 - 2012-08-19 13:47 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2014-01-27 11:38 - 2013-05-21 10:53 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2014-01-27 11:38 - 2013-05-21 10:53 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll 2014-01-27 11:38 - 2013-05-21 10:53 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll 2012-08-19 13:43 - 2012-08-19 13:43 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll 2014-06-29 01:38 - 2014-06-29 01:38 - 00098816 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32api.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00110080 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\pywintypes27.dll 2014-06-29 01:38 - 2014-06-29 01:38 - 00364544 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\pythoncom27.dll 2014-06-29 01:38 - 2014-06-29 01:38 - 00045568 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_socket.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 01160704 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_ssl.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00320512 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32com.shell.shell.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00713216 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_hashlib.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 01175040 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._core_.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00805888 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._gdi_.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00811008 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._windows_.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 01062400 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._controls_.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00735232 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._misc_.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00128512 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_elementtree.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00127488 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\pyexpat.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00557056 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\pysqlite2._sqlite.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00007168 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\hashobjs_ext.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00087552 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_ctypes.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00119808 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32file.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00108544 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32security.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00018432 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32event.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00038912 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32inet.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00070656 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._html2.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00167936 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32gui.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00011264 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32crypt.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00027136 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_multiprocessing.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00122368 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._wizard.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00010240 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\select.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00024064 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32pipe.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00686080 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\unicodedata.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00025600 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32pdh.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00525640 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\windows._lib_cacheinvalidation.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00035840 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32process.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00017408 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32profile.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00022528 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32ts.pyd 2014-06-29 01:38 - 2014-06-29 01:38 - 00078336 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._animate.pyd 2014-02-13 17:11 - 2014-02-13 17:11 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll 2012-08-19 13:14 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-08-19 13:15 - 2012-02-21 06:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-08-22 20:43 - 2013-08-22 20:43 - 00272688 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node 2013-08-22 20:44 - 2013-08-22 20:44 - 00039216 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node 2013-08-22 20:44 - 2013-08-22 20:44 - 00053040 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node 2013-08-22 20:44 - 2013-08-22 20:44 - 00057648 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node 2013-08-22 20:44 - 2013-08-22 20:44 - 00014848 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node 2014-06-13 07:14 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll 2014-06-13 07:14 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll 2014-06-13 07:14 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll 2014-06-13 07:14 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll 2014-06-13 07:14 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: SMART Virtual TabletPC Description: SMART Virtual TabletPC Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: SMART Technologies ULC Service: SMARTVTabletPCx64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/29/2014 01:36:45 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2014 01:05:46 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2014 00:54:52 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm adwcleaner_3.213.exe, Version 3.2.1.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1604 Startzeit: 01cf9323a798f2a8 Endzeit: 12 Anwendungspfad: C:\Users\Julian\Downloads\adwcleaner_3.213.exe Berichts-ID: 33c6fbe8-ff17-11e3-955d-c0143dc3fd0c Error: (06/29/2014 00:50:48 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm adwcleaner_3.213.exe, Version 3.2.1.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: c38 Startzeit: 01cf93231db1b85b Endzeit: 4 Anwendungspfad: C:\Users\Julian\Downloads\adwcleaner_3.213.exe Berichts-ID: a0807aca-ff16-11e3-955d-c0143dc3fd0c Error: (06/29/2014 00:34:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 28220940 Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 28220940 Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6489 Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6489 System errors: ============= Error: (06/29/2014 01:39:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht. Error: (06/29/2014 01:08:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht. Error: (06/29/2014 00:36:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht. Error: (06/29/2014 00:35:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht. Error: (06/28/2014 11:02:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst netprofm erreicht. Error: (06/28/2014 11:02:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107. Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107. Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT) Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung. Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT) Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung. Microsoft Office Sessions: ========================= Error: (06/29/2014 01:36:45 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2014 01:05:46 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2014 00:54:52 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: adwcleaner_3.213.exe3.2.1.3160401cf9323a798f2a812C:\Users\Julian\Downloads\adwcleaner_3.213.exe33c6fbe8-ff17-11e3-955d-c0143dc3fd0c Error: (06/29/2014 00:50:48 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: adwcleaner_3.213.exe3.2.1.3c3801cf93231db1b85b4C:\Users\Julian\Downloads\adwcleaner_3.213.exea0807aca-ff16-11e3-955d-c0143dc3fd0c Error: (06/29/2014 00:34:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 28220940 Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 28220940 Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6489 Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6489 ==================== Memory info =========================== Percentage of memory in use: 52% Total physical RAM: 3996.36 MB Available physical RAM: 1884 MB Total Pagefile: 7990.9 MB Available Pagefile: 5356.33 MB Total Virtual: 8192 MB Available Virtual: 8191.86 MB ==================== Drives ================================ Drive c: (Windows7_OS) (Fixed) (Total:420.56 GB) (Free:332.61 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:0 GB) NTFS Drive f: (MANAGER13) (CDROM) (Total:5.73 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7F8E0386) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=421 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=20 GB) - (Type=12) ==================== End Of Log ============================ |
29.06.2014, 09:48 | #7 | |
Ruhe in Frieden † 2019 | Ständige Werbung in allen Browsern Hallo, Zitat:
Wie sieht es denn aktuell aus auf dem Rechner? Du hast mir das Protectionslog von Malwarebyte gepostet, suche bitte nach dem Suchlaufsprotokoll Schritt 1
Schritt 2 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {193DDDE3-3F56-48EC-8085-549FD9F026DB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=09599e60-d3a6-4fb0-946d-ff4c0fa54d5f&apn_sauid=46E449BC-4F3E-4556-9110-102CBC7E6CD9 SearchScopes: HKCU - {44594F6D-AD20-45F6-8766-FBB35DB5C317} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=7ac7ee6a000000000000c0143dc3fd0b&r=392 Task: {15150AC7-DFB6-495F-AA49-F7A18EE12FFC} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-5 No Task File <==== ATTENTION Task: {33535263-5917-4D7B-9337-F6B02A8BA43E} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION Task: {3D4D3CF7-BD80-45E4-91CA-2FC80DED067C} - \APSnotifierPP3 No Task File <==== ATTENTION Task: {5EED5FCC-AE50-4459-85C9-374E501DA4E8} - \Weather It Up-updater No Task File <==== ATTENTION Task: {6023D30E-9302-4225-A4E9-D42AAF71AECE} - \MySearchDial No Task File <==== ATTENTION Task: {652C1272-9EAF-4C21-96CA-8315C82B4B8D} - \Weather It Up-codedownloader No Task File <==== ATTENTION Task: {6B402D9F-9393-4F3E-843E-BF6893FF5FA0} - \Weather It Up-firefoxinstaller No Task File <==== ATTENTION Task: {7D3E29F6-EE2B-43C0-8A37-B727D11383E0} - \APSnotifierPP1 No Task File <==== ATTENTION Task: {7E9166AF-4D60-4400-BF30-1DAF66F6D3B4} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-4 No Task File <==== ATTENTION Task: {83512CF7-3FCA-4468-A9D9-86C3525FA26A} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-1 No Task File <==== ATTENTION Task: {C28CD781-E211-4712-87B4-B5C86054EFD9} - \APSnotifierPP2 No Task File <==== ATTENTION Task: {D85A7E85-4BE6-4315-9CDA-2F54596AE661} - \Weather It Up-chromeinstaller No Task File <==== ATTENTION Task: {DC07BF9B-D977-458A-9CB9-B6909D9FF560} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-2 No Task File <==== ATTENTION Task: {E8395618-29D9-4798-B7BB-204170A87627} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-3 No Task File <==== ATTENTION Task: {F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC} - \Weather It Up-enabler No Task File <==== ATTENTION C:\Users\Julian\AppData\Local\Temp\*.exe C:\Users\Julian\AppData\Local\Temp\*.dll Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
|
29.06.2014, 12:30 | #8 | |
| Ständige Werbung in allen BrowsernZitat:
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 29.06.2014 Suchlauf-Zeit: 01:13:06 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.06.28.05 Rootkit Datenbank: v2014.06.23.02 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Julian Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 290936 Verstrichene Zeit: 18 Min, 37 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 6 PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\Plus-HD-9.3, In Quarantäne, [40954736f8832a0c4ce2e7ed5ba7fa06], PUP.Optional.WeatherItUp.A, HKLM\SOFTWARE\WOW6432NODE\Weather It Up, In Quarantäne, [904578050b70a690003113b731d18779], PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.3, Löschen bei Neustart, [b025552876051a1c31605c68ab57857b], PUP.Optional.WeatherItUp.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Weather It Up, Löschen bei Neustart, [eee799e4403bbc7ac46b3397857d09f7], PUP.Optional.PlusHD.A, HKU\S-1-5-21-1677683325-2679214213-1298775176-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.3, In Quarantäne, [bc19abd24a31ba7c8809853fae54a060], PUP.Optional.WeatherItUp.A, HKU\S-1-5-21-1677683325-2679214213-1298775176-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Weather It Up, In Quarantäne, [528393ea0873b680a08f6e5c867c2fd1], Registrierungswerte: 2 PUP.Optional.CertifiedToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s, In Quarantäne, [ac297c013249122417340da22bd7d12f] PUP.Optional.QuickStart.A, HKU\S-1-5-21-1677683325-2679214213-1298775176-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, In Quarantäne, [a431c7b63b403ef8fd45723d41c1c53b] Registrierungsdaten: 2 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[4c89532a5526dd59a7577e0c51b34cb4] PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-1677683325-2679214213-1298775176-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s),Ersetzt,[5d789be2017ab185c7e43c4f3fc5a957] Ordner: 17 PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakgmemkflciahncfpgaebpnknhejeja, In Quarantäne, [468f512c2457c1754e12d3c54db5a45c], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\userCode, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons\actions, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\popupResource, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_gngfnjclpjflgomhidfecidndbfaniak_0, Löschen bei Neustart, [894cdba21e5d0e285c1399034cb633cd], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_bakgmemkflciahncfpgaebpnknhejeja_0, In Quarantäne, [7e57c7b6d4a7211599fbb7f0b0523dc3], Dateien: 165 PUP.Optional.DomaIQ, C:\$Recycle.Bin\S-1-5-21-1677683325-2679214213-1298775176-1000\$R3RHQXY.exe, In Quarantäne, [3c99f18ca9d2280e115190fef50c53ad], PUP.Optional.DomaIQ, C:\$Recycle.Bin\S-1-5-21-1677683325-2679214213-1298775176-1000\$RSLY7LE.exe, In Quarantäne, [785d116cb8c30f27de06137ee61ba35d], PUP.Optional.OutBrowse, C:\Users\Julian\AppData\Local\Temp\DownloadManager.exe, In Quarantäne, [fdd884f9bebdce68d8357ba3ac540ef2], PUP.Optional.Conduit.A, C:\Users\Julian\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [a431d0ad94e70a2cf0ca30f33dc4f709], PUP.Optional.AdLyrics, C:\Users\Julian\AppData\Local\Temp\_BnSup.exe, In Quarantäne, [1fb6037ac5b6e94d50674446818031cf], PUP.Optional.Conduit.A, C:\Users\Julian\AppData\Local\Temp\SearchProtectINT.exe, In Quarantäne, [ede8afce38436acc15e15dc4827f7d83], MSIL.Solimba, C:\Users\Julian\AppData\Local\Temp\GetCC.dll, In Quarantäne, [864fafce116aa98da273041e0df442be], PUP.Optional.InstallCore.A, C:\Users\Julian\AppData\Local\Temp\ICReinstall_nso3B61.tmp, In Quarantäne, [9a3bf984ff7cab8bec251d5a39c8fe02], PUP.Optional.NextLive.A, C:\Users\Julian\AppData\Local\Temp\Mobogenie_Setup_INT.exe, In Quarantäne, [b22365181e5daf87e60c0356ca376898], PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nswCA93.exe, In Quarantäne, [23b2f08d76050d29c404979759a8659b], PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nsx1851.exe, In Quarantäne, [f7de6716691214225870c96556ab27d9], PUP.Optional.RegCleanerPro, C:\Users\Julian\AppData\Local\Temp\RegClean10.exe, In Quarantäne, [9b3ab1cc483357dfef6ab65a80817789], PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nscD6E.exe, In Quarantäne, [9c399ae364170d29c8008f9fed148d73], PUP.Optional.InstallCore.A, C:\Users\Julian\AppData\Local\Temp\nso3B61.tmp, In Quarantäne, [30a559249fdc12241cf5f28551b0d52b], PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nsr103C.exe, In Quarantäne, [3d988eefdd9eb97dba0e48e6629f2fd1], PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nsrC803.exe, In Quarantäne, [795c0c717704ee48a4249d916f921ee2], MSIL.Solimba, C:\Users\Julian\AppData\Local\Temp\vbmz10.exe, In Quarantäne, [894ca2db68135cda868f160cab56c13f], PUP.Optional.SnapDo.A, C:\Users\Julian\AppData\Local\Temp\Installer.msi, In Quarantäne, [4a8b8eefdf9c7fb75789295fd03103fd], PUP.Optional.SkyTech.A, C:\Users\Julian\AppData\Local\Temp\fullpackage_temp1396349083\alilog.dll, In Quarantäne, [05d0a3da3b4069cd37f4ed4545bbe719], PUP.Optional.SkyTech.A, C:\Users\Julian\AppData\Local\Temp\fullpackage_temp1396349083\package1.zip, In Quarantäne, [dafbe796e398e94d09221022fd038080], PUP.Optional.V9.A, C:\Users\Julian\AppData\Local\Temp\fullpackage_temp1396349083\qSE.exe, In Quarantäne, [7560d1ac2853c6702598d67229d733cd], PUP.Optional.IePluginService.A, C:\Users\Julian\AppData\Local\Temp\fullpackage_temp1396349083\tmp\SupTab.exe, In Quarantäne, [21b4e19c0279a98d338ce3789869f50b], PUP.Optional.WpManager, C:\Users\Julian\AppData\Local\Temp\fullpackage_temp1396349083\tmp\wpm.exe, In Quarantäne, [a82dff7e1269b87edc5c46209968a858], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsaB35C.exe, In Quarantäne, [399cd2abf08bd85e3791af7fe918e020], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsb7610.exe, In Quarantäne, [1fb6add0ceadad89a82038f613ee7b85], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nscE2A4.exe, In Quarantäne, [f4e1a8d5bebd072f03c50c22709153ad], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd62D8.exe, In Quarantäne, [e8ed2657c8b33ef8e0e857d7b64b47b9], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd80BF.exe, In Quarantäne, [b81d4d30a6d51c1a992fae804cb5ea16], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd80C0.exe, In Quarantäne, [686df08d017a71c5e7e1b97540c12dd3], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsf15A7.exe, In Quarantäne, [478e82fbd4a73402ffc978b67b86ba46], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsjB3C2.exe, In Quarantäne, [cf060479d8a30a2c0cbc0e201ce530d0], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nslD740.exe, In Quarantäne, [cb0aaad3dba061d5bd0b9e909f6244bc], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn18D2.exe, In Quarantäne, [eee7f885cbb06cca6b5d53dbdb264fb1], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn99AF.exe, In Quarantäne, [28aded9098e365d14f790925996802fe], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsoB20D.exe, In Quarantäne, [8451c3ba3c3f0b2b24a43df12fd242be], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsr2B6A.exe, In Quarantäne, [993ccbb2364590a6cff9e14df01156aa], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss9980.exe, In Quarantäne, [dafb6f0e0972ce68e7e157d7ca37de22], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nstBE02.exe, In Quarantäne, [4b8a98e5bcbf2511b31575b9798849b7], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsvC7F5.exe, In Quarantäne, [ae275d20dd9e171f9d2bb17d3bc6758b], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsw51BC.exe, In Quarantäne, [c60f4538bbc0cc6a0abe8ba3fc055aa6], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx1346.exe, In Quarantäne, [14c1b9c4cdae1323a91fc16d847dab55], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsxE285.exe, In Quarantäne, [02d33944ee8dde58c3055bd304fdeb15], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsz4E82.exe, In Quarantäne, [e0f5a5d85b202d0903c544eae918f10f], PUP.Optional.Outbrowse, C:\Users\Julian\Downloads\Setup.exe, In Quarantäne, [ddf8ceaf077473c3c2e3ad63db29758b], PUP.Optional.Ciuvo.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage, Löschen bei Neustart, [3e97c5b8bbc0e74f13dcddd4a55d05fb], PUP.Optional.Ciuvo.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage-journal, Löschen bei Neustart, [fed7b2cbbcbf71c544ab7a3723df41bf], PUP.Optional.BetterDeals.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, In Quarantäne, [b124e796611a89ad674df5be4cb6d62a], PUP.Optional.BetterDeals.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, In Quarantäne, [12c3fc81245741f58f25e6cd08fab848], PUP.Optional.SelectNGo.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, Löschen bei Neustart, [d104b1cc3a418caacfd105b0b2509b65], PUP.Optional.SelectNGo.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, Löschen bei Neustart, [00d51c611269e94d7b25367f966c9769], PUP.Optional.LiveLyrics.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage, In Quarantäne, [b1246518c2b9a393c432744425ddbf41], PUP.Optional.LiveLyrics.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage-journal, In Quarantäne, [666ff38a9cdff343886e2098f70b08f8], PUP.Optional.Superfish.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Löschen bei Neustart, [6570710c85f61f1707f0aa0e15ed5ea2], PUP.Optional.Superfish.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Löschen bei Neustart, [cc096914601b6ec88f68b60225ddef11], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gngfnjclpjflgomhidfecidndbfaniak_0.localstorage, Löschen bei Neustart, [eaeb7eff81faec4a41c3e3df79897888], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gngfnjclpjflgomhidfecidndbfaniak_0.localstorage-journal, In Quarantäne, [5d78225b7704bf77da2a626003ff54ac], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakgmemkflciahncfpgaebpnknhejeja_0.localstorage, In Quarantäne, [be17a9d4700ba98d0991986d24e0e61a], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakgmemkflciahncfpgaebpnknhejeja_0.localstorage-journal, In Quarantäne, [d3029ae39be06dc93862f70ec53f827e], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\background.html, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\chromeCoreFilesIndex.txt, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\crossriderManifest.json, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\manifest.json, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\popup.html, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\manifest.xml, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins.json, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\207.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\1.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\102.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\103.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\104.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\119.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\123.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\13.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\14.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\155.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\17.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\177.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\179.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\180.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\182.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\183.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\184.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\19.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\190.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\191.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\195.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\21.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\22.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\220.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\221.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\223.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\231.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\232.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\236.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\242.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\246.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\28.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\4.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\47.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\64.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\7.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\72.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\78.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\80.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\9.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\91.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\93.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\97.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\userCode\background.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\userCode\extension.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons\icon128.png, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons\icon16.png, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons\icon48.png, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons\actions\1.png, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\background.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\main.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\platformVersion.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\chrome.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\cookie.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\message.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\monitor.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\pageAction.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\pageActionBG.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\app_api.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\bg_app_api.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\consts.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\cookie_store.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\crossriderAPI.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\delegate.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\events.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\extensionDataStore.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\installer.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\logFile.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\logging.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\reports.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\storageWrapper.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\updateManager.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\util.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\xhr.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\popupResource\newPopup.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\popupResource\popup.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3\53098.crx, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3\53098.xpi, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-bho.dll, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-bho64.dll, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3.ico, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\000038.ldb, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\000040.ldb, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\000056.log, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\CURRENT, In Quarantäne, [20b5f588accfa2942b43dcc0a062e020], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\LOCK, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\LOG, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\LOG.old, In Quarantäne, [20b5f588accfa2942b43dcc0a062e020], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\MANIFEST-000054, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_gngfnjclpjflgomhidfecidndbfaniak_0\3, In Quarantäne, [894cdba21e5d0e285c1399034cb633cd], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\000038.ldb, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\000040.ldb, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\000053.log, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\CURRENT, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\LOCK, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\LOG, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\LOG.old, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\MANIFEST-000051, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_bakgmemkflciahncfpgaebpnknhejeja_0\2, In Quarantäne, [7e57c7b6d4a7211599fbb7f0b0523dc3], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-06-2014 02 Ran by Julian at 2014-06-29 13:18:20 Run:1 Running from C:\Users\Julian\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** GroupPolicy: Group Policy on Chrome detected <======= ATTENTION SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {193DDDE3-3F56-48EC-8085-549FD9F026DB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=09599e60-d3a6-4fb0-946d-ff4c0fa54d5f&apn_sauid=46E449BC-4F3E-4556-9110-102CBC7E6CD9 SearchScopes: HKCU - {44594F6D-AD20-45F6-8766-FBB35DB5C317} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=7ac7ee6a000000000000c0143dc3fd0b&r=392 Task: {15150AC7-DFB6-495F-AA49-F7A18EE12FFC} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-5 No Task File <==== ATTENTION Task: {33535263-5917-4D7B-9337-F6B02A8BA43E} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION Task: {3D4D3CF7-BD80-45E4-91CA-2FC80DED067C} - \APSnotifierPP3 No Task File <==== ATTENTION Task: {5EED5FCC-AE50-4459-85C9-374E501DA4E8} - \Weather It Up-updater No Task File <==== ATTENTION Task: {6023D30E-9302-4225-A4E9-D42AAF71AECE} - \MySearchDial No Task File <==== ATTENTION Task: {652C1272-9EAF-4C21-96CA-8315C82B4B8D} - \Weather It Up-codedownloader No Task File <==== ATTENTION Task: {6B402D9F-9393-4F3E-843E-BF6893FF5FA0} - \Weather It Up-firefoxinstaller No Task File <==== ATTENTION Task: {7D3E29F6-EE2B-43C0-8A37-B727D11383E0} - \APSnotifierPP1 No Task File <==== ATTENTION Task: {7E9166AF-4D60-4400-BF30-1DAF66F6D3B4} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-4 No Task File <==== ATTENTION Task: {83512CF7-3FCA-4468-A9D9-86C3525FA26A} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-1 No Task File <==== ATTENTION Task: {C28CD781-E211-4712-87B4-B5C86054EFD9} - \APSnotifierPP2 No Task File <==== ATTENTION Task: {D85A7E85-4BE6-4315-9CDA-2F54596AE661} - \Weather It Up-chromeinstaller No Task File <==== ATTENTION Task: {DC07BF9B-D977-458A-9CB9-B6909D9FF560} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-2 No Task File <==== ATTENTION Task: {E8395618-29D9-4798-B7BB-204170A87627} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-3 No Task File <==== ATTENTION Task: {F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC} - \Weather It Up-enabler No Task File <==== ATTENTION C:\Users\Julian\AppData\Local\Temp\*.exe C:\Users\Julian\AppData\Local\Temp\*.dll ***************** C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. 'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{193DDDE3-3F56-48EC-8085-549FD9F026DB}' => Key deleted successfully. 'HKCR\CLSID\{193DDDE3-3F56-48EC-8085-549FD9F026DB}'=> Key not found. 'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44594F6D-AD20-45F6-8766-FBB35DB5C317}' => Key deleted successfully. 'HKCR\CLSID\{44594F6D-AD20-45F6-8766-FBB35DB5C317}'=> Key not found. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{15150AC7-DFB6-495F-AA49-F7A18EE12FFC}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15150AC7-DFB6-495F-AA49-F7A18EE12FFC}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ae1c3042-3388-45b9-b3c5-7de311620ae3-5' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33535263-5917-4D7B-9337-F6B02A8BA43E}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33535263-5917-4D7B-9337-F6B02A8BA43E}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D4D3CF7-BD80-45E4-91CA-2FC80DED067C}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D4D3CF7-BD80-45E4-91CA-2FC80DED067C}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5EED5FCC-AE50-4459-85C9-374E501DA4E8}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EED5FCC-AE50-4459-85C9-374E501DA4E8}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Weather It Up-updater' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6023D30E-9302-4225-A4E9-D42AAF71AECE}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6023D30E-9302-4225-A4E9-D42AAF71AECE}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{652C1272-9EAF-4C21-96CA-8315C82B4B8D}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{652C1272-9EAF-4C21-96CA-8315C82B4B8D}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Weather It Up-codedownloader' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B402D9F-9393-4F3E-843E-BF6893FF5FA0}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B402D9F-9393-4F3E-843E-BF6893FF5FA0}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Weather It Up-firefoxinstaller' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D3E29F6-EE2B-43C0-8A37-B727D11383E0}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D3E29F6-EE2B-43C0-8A37-B727D11383E0}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E9166AF-4D60-4400-BF30-1DAF66F6D3B4}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9166AF-4D60-4400-BF30-1DAF66F6D3B4}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ae1c3042-3388-45b9-b3c5-7de311620ae3-4' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83512CF7-3FCA-4468-A9D9-86C3525FA26A}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83512CF7-3FCA-4468-A9D9-86C3525FA26A}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ae1c3042-3388-45b9-b3c5-7de311620ae3-1' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C28CD781-E211-4712-87B4-B5C86054EFD9}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C28CD781-E211-4712-87B4-B5C86054EFD9}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D85A7E85-4BE6-4315-9CDA-2F54596AE661}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D85A7E85-4BE6-4315-9CDA-2F54596AE661}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Weather It Up-chromeinstaller' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC07BF9B-D977-458A-9CB9-B6909D9FF560}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC07BF9B-D977-458A-9CB9-B6909D9FF560}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ae1c3042-3388-45b9-b3c5-7de311620ae3-2' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E8395618-29D9-4798-B7BB-204170A87627}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8395618-29D9-4798-B7BB-204170A87627}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ae1c3042-3388-45b9-b3c5-7de311620ae3-3' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Weather It Up-enabler' => Key deleted successfully. C:\Users\Julian\AppData\Local\Temp\*.exe => Moved successfully. C:\Users\Julian\AppData\Local\Temp\*.dll => Moved successfully. The system needed a reboot. ==== End of Fixlog ==== |
29.06.2014, 22:36 | #9 |
Ruhe in Frieden † 2019 | Ständige Werbung in allen Browsern Hallo FVBPlayrt, Prima nehmen wir noch den Proxy raus und machen einen Kontrollscan Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:49423;https=127.0.0.1:49423 Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern ESET Online Scanner
Schritt 3 Starte noch einmal FRST.
|
30.06.2014, 13:15 | #10 |
| Ständige Werbung in allen Browsern Hallo, perfekt. Hier ist der Fixlog Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-06-2014 02 Ran by Julian at 2014-06-30 14:13:37 Run:2 Running from C:\Users\Julian\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:49423;https=127.0.0.1:49423 ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found. ==== End of Fixlog ==== Vielen Dank |