| |
| |||||||
Log-Analyse und Auswertung: istart.webssearches bekämpfen! - Wie? > LogWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.11.2014, 17:17
| #1 |
 |  istart.webssearches bekämpfen! - Wie? > Log Hallo liebe Helfer! Ich habe seit heute ein hässliches Programm namens webssearches auf meinem Rechner, das sich partout nicht entfernen lässt. Weder über Windows noch mit CCleaner. Hier die Logs: Prozessexplorer Code:
ATTFilter Process CPU Private Bytes Working Set PID Description Company Name Path AppDomains System Idle Process 82.59 0 K 24 K 0 System 1.27 208 K 3.312 K 4 Interrupts 4.74 0 K 0 K n/a Hardware Interrupts and DPCs smss.exe 472 K 1.104 K 300 [Error opening process] csrss.exe < 0.01 1.976 K 4.204 K 436 [Error opening process] wininit.exe 1.452 K 4.448 K 500 [Error opening process] services.exe 4.936 K 8.932 K 548 [Error opening process] svchost.exe 4.384 K 9.456 K 680 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe svchost.exe 3.736 K 7.680 K 744 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe svchost.exe 0.01 19.924 K 22.520 K 792 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe svchost.exe < 0.01 127.144 K 136.952 K 852 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe WUDFHost.exe 1.876 K 5.884 K 1776 [Error opening process] dwm.exe 2.50 29.132 K 28.980 K 2528 Desktopfenster-Manager Microsoft Corporation C:\Windows\System32\dwm.exe svchost.exe 0.02 10.824 K 19.300 K 892 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe svchost.exe 0.02 17.500 K 31.612 K 928 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe svchost.exe 2.152 K 5.384 K 112 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe spoolsv.exe 6.676 K 12.784 K 1200 Spoolersubsystem-Anwendung Microsoft Corporation C:\Windows\System32\spoolsv.exe svchost.exe 36.808 K 40.708 K 1236 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe taskhost.exe 1.888 K 5.652 K 1324 Hostprozess für Windows-Aufgaben Microsoft Corporation C:\Windows\System32\taskhost.exe svchost.exe 0.02 12.404 K 14.192 K 1420 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe mbamscheduler.exe 1.916 K 5.484 K 1516 Malwarebytes Anti-Malware Malwarebytes Corporation C:\Program Files (x86)\Anti-Malware\mbamscheduler.exe mbamservice.exe 189.828 K 86.532 K 1620 Malwarebytes Anti-Malware Malwarebytes Corporation C:\Program Files (x86)\Anti-Malware\mbamservice.exe mbamgui.exe 0.02 3.284 K 9.720 K 1748 Malwarebytes Anti-Malware Malwarebytes Corporation C:\Program Files (x86)\Anti-Malware\mbamgui.exe sppsvc.exe 12.676 K 17.812 K 1728 Softwareschutzplattform-Dienst von Microsoft Microsoft Corporation C:\Windows\System32\sppsvc.exe svchost.exe 1.988 K 6.208 K 1796 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe svchost.exe 126.156 K 32.832 K 1824 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe svchost.exe 0.01 6.544 K 12.328 K 2312 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe wmpnetwk.exe 0.07 14.964 K 11.212 K 2780 Windows Media Player-Netzwerkfreigabedienst Microsoft Corporation C:\Program Files\Windows Media Player\wmpnetwk.exe svchost.exe 1.468 K 4.080 K 2044 Hostprozess für Windows-Dienste Microsoft Corporation C:\Windows\System32\svchost.exe ProtectWindowsManager.exe 3.412 K 7.776 K 1052 WindowsProtectManger Service Fuyu LIMITED C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe PluginService.exe < 0.01 3.772 K 8.136 K 2352 IePlugin Service Cherished Technololgy LIMITED C:\ProgramData\IePluginServices\PluginService.exe HpUI.exe 3.144 K 10.408 K 3592 [Error opening process] Loader64.exe < 0.01 828 K 2.276 K 3596 [Error opening process] Loader32.exe < 0.01 848 K 3.120 K 3964 [Error opening process] chrome.exe 0.15 45.636 K 81.388 K 1156 [Error opening process] chrome.exe 0.03 55.004 K 63.500 K 884 Google Chrome Google Inc. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe chrome.exe 33.372 K 28.836 K 1120 Google Chrome Google Inc. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe chrome.exe 83.060 K 79.720 K 3424 Google Chrome Google Inc. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe chrome.exe 23.576 K 17.908 K 2264 Google Chrome Google Inc. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe chrome.exe 0.12 47.388 K 50.364 K 3420 Google Chrome Google Inc. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe lsass.exe 4.332 K 11.736 K 564 Local Security Authority Process Microsoft Corporation C:\Windows\System32\lsass.exe lsm.exe 2.248 K 4.088 K 572 [Error opening process] csrss.exe 1.23 2.644 K 12.264 K 516 [Error opening process] winlogon.exe 2.724 K 7.136 K 1028 [Error opening process] explorer.exe 0.09 60.264 K 68.864 K 2548 Windows-Explorer Microsoft Corporation C:\Windows\explorer.exe SecureBanking.exe 0.01 3.236 K 11.516 K 2432 Secure Banking C:\Program Files (x86)\Secure Banking\SecureBanking.exe sbservice.exe 0.50 1.704 K 4.572 K 1304 C:\Program Files (x86)\Secure Banking\sbservice.exe swriter.exe 904 K 3.204 K 992 OpenOffice Writer Apache Software Foundation C:\Program Files (x86)\OpenOffice 4\program\swriter.exe soffice.exe 1.640 K 4.896 K 2288 OpenOffice 4.0.1 Apache Software Foundation C:\Program Files (x86)\OpenOffice 4\program\soffice.exe soffice.bin 0.14 62.568 K 111.980 K 2444 OpenOffice 4.0.1 Apache Software Foundation C:\Program Files (x86)\OpenOffice 4\program\soffice.bin splwow64.exe 1.516 K 4.732 K 3976 Print driver host for 32bit applications Microsoft Corporation C:\Windows\splwow64.exe thunderbird.exe 0.04 110.268 K 139.776 K 2020 Thunderbird Mozilla Corporation C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe AcroRd32.exe 5.560 K 11.512 K 2680 Adobe Reader Adobe Systems Incorporated C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe AcroRd32.exe 0.80 38.384 K 51.032 K 3692 Adobe Reader Adobe Systems Incorporated C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe procexp.exe 2.200 K 7.292 K 3556 Sysinternals Process Explorer Sysinternals - www.sysinternals.com D:\Computer\Tuning\procexp.exe procexp64.exe 5.63 18.560 K 36.572 K 3124 Sysinternals Process Explorer Sysinternals - www.sysinternals.com C:\Users\Daniel\AppData\Local\Temp\procexp64.exe Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:31:32, on 24.11.2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\Anti-Malware\mbamgui.exe C:\Program Files (x86)\Secure Banking\SecureBanking.exe C:\Program Files (x86)\Secure Banking\sbservice.exe C:\Program Files (x86)\OpenOffice 4\program\swriter.exe C:\Program Files (x86)\OpenOffice 4\program\soffice.exe C:\Program Files (x86)\OpenOffice 4\program\soffice.bin C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe D:\Computer\Sicherheit\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKCU\..\Run: [SecureBanking] C:\Program Files (x86)\Secure Banking\SecureBanking.exe O4 - HKLM\..\Policies\Explorer\Run: [64428] c:\progra~3\dxoidaj.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://comport-emea.daimler.com/,DSID=dadca7ce55cbc7782b10ab029b390293,DanaInfo=.astvuhr99HnJn043x3-9tT80E,SSL,ST=1+/dwa7W.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{780A8806-5207-42AA-ABAC-6B224290FCFA}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{780A8806-5207-42AA-ABAC-6B224290FCFA}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{780A8806-5207-42AA-ABAC-6B224290FCFA}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 5695 bytes Code:
ATTFilter C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000001 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000002 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000001 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000002 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000003 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000004 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000005 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000006 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000007 Win32/AdWare.1ClickDownload.AT application
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FFZF3ZTU\PCSChecker[1].exe a variant of Win32/Adware.PicColor.C application
C:\Users\Daniel\AppData\Local\Temp\FreemakeVideoConverter_4.1.1.0.exe Win32/OpenCandy potentially unsafe application
C:\Users\Daniel\AppData\Local\Temp\PCSChecker.exe a variant of Win32/Adware.PicColor.C application
D:\$RECYCLE.BIN\S-1-5-21-687046182-1720888418-2620476028-1001\$RUWJS87.exe a variant of Win32/Adware.MultiPlug.DR application
D:\Download\Beethoven_Complete_Symphonies_Concertos_amp_Overtures_Grosse_Fuge_Missa_solemnis_Karajan_Berliner_Philharmoniker_2011_FLAC (1).exe Win32/AdWare.1ClickDownload.AT application
D:\Download\Beethoven_Complete_Symphonies_Concertos_amp_Overtures_Grosse_Fuge_Missa_solemnis_Karajan_Berliner_Philharmoniker_2011_FLAC.exe Win32/AdWare.1ClickDownload.AT application
D:\Download\Freemake411VideoConverterSetup.exe Win32/OpenCandy potentially unsafe application
D:\Download\FreeYouTubeToMP3Converter.exe Win32/OpenCandy potentially unsafe application
D:\Download\PDFCreator-1_7_2_setup_offline.exe Win32/OpenCandy potentially unsafe application
D:\Download\siw13-setup.exe Win32/OpenCandy potentially unsafe application
D:\Download\_.exe Win32/AdWare.1ClickDownload.AT application
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2014.11.24.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 HAL9000 :: HAL9000 [Administrator] Schutz: Aktiviert 24.11.2014 16:48:04 MBAM-log-2014-11-24 (16-52-37).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 312263 Laufzeit: 4 Minute(n), 19 Sekunde(n) Infizierte Speicherprozesse: 4 C:\ProgramData\IePluginServices\PluginService.exe (PUP.Optional.IePluginService.A) -> 2352 -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\Loader64.exe (PUP.Optional.SearchProtect) -> 3596 -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\HpUI.exe (PUP.Optional.SupTab.A) -> 3592 -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\Loader32.exe (PUP.Optional.SupTab.A) -> 3964 -> Keine Aktion durchgeführt. Infizierte Speichermodule: 3 C:\Program Files (x86)\SupTab\msvcp110.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\msvcr110.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. Infizierte Registrierungsschlüssel: 12 HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices (PUP.Optional.IePluginService.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Keine Aktion durchgeführt. HKCU\Software\SupHpUISoft (PUP.Optional.WebSearches.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\supWindowsMangerProtect (PUP.Optional.WPM.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\supWPM (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\SUPDP (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\SUPTAB (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices (PUP.Optional.IEPluginServices.A) -> Keine Aktion durchgeführt. HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect (PUP.Optional.WindowsMangerProtect.A) -> Keine Aktion durchgeführt. HKLM\Software\webssearchesSoftware (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 2 HKLM\SOFTWARE\SupDp|dir (PUP.Optional.SupTab.A) -> Daten: C:\Program Files (x86)\SupTab -> Keine Aktion durchgeführt. HKLM\SOFTWARE\supTab|ptid (PUP.Optional.SupTab.A) -> Daten: cvs2 -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 6 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.WebsSearches.A) -> Bösartig: (hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867) Gut: (www.google.com) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.WebsSearches.A) -> Bösartig: (hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867) Gut: (www.google.com) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command| (PUP.Optional.WebsSearches.A) -> Bösartig: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://istart.webssearches.com/?type=sc&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867) Gut: (Chrome.exe) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.WebsSearches.A) -> Bösartig: (hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867) Gut: (www.google.com) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Bösartig: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Keine Aktion durchgeführt. HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.WebsSearches.A) -> Bösartig: (hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867) Gut: (www.google.com) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 34 C:\Users\Daniel\AppData\Roaming\webssearches (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\code (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\log (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\ProgramData\IePluginServices (PUP.Optional.IePluginServices.A) -> Keine Aktion durchgeführt. C:\ProgramData\IePluginServices\update (PUP.Optional.IePluginServices.A) -> Keine Aktion durchgeführt. C:\ProgramData\WindowsMangerProtect (PUP.Optional.WPM.A) -> Keine Aktion durchgeführt. C:\ProgramData\WindowsMangerProtect\update (PUP.Optional.WPM.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin\image (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\img (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\en-US (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\es-419 (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\es-ES (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\fr-BE (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\fr-CA (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\fr-CH (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\fr-FR (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\fr-LU (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\it-CH (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\it-IT (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\pl (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\pt (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\pt-BR (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\ru (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\ru-MO (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\tr-TR (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\vi-VI (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\zh-CN (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\zh-TW (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 104 C:\ProgramData\IePluginServices\PluginService.exe (PUP.Optional.IePluginService.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\Loader64.exe (PUP.Optional.SearchProtect) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\DpInterface32.dll (PUP.Optional.Skytech.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\DpInterface64.dll (PUP.Optional.Skytech.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\RSHP.exe (PUP.Optional.IEPluginService.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\SearchProtect32.dll (PUP.Optional.Skytech.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\SearchProtect64.dll (PUP.Optional.Skytech.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe (PUP.Optional.IePluginService.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Local\Temp\t7145FFC5-EF2C-4750-9CC6-B934D573F69Bmp\tmp\wpm_v20.0.0.1270.exe (PUP.Optional.WPM.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\255.json (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\MessageBox.xml (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\uninstallDlg2.xml (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\uninstalled2.ini (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\UninstallManager.exe (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\bg.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\bg1.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\bk_shadow.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\button.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\button1.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\checkbox.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\checkbox_select.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\checked.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\close.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\loading_bg.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\loading_light.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\min.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\scrollbar.bmp (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\Thumbs.db (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\unchecked.png (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\code\code1.jpg (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\code\code2.jpg (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\code\code3.jpg (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\code\code4.jpg (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\code\code5.jpg (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\code\code6.jpg (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\images\code\Thumbs.db (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\log\UninstallManager_2014-11-24[16-27-45-749].log (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\log\UninstallManager_2014-11-24[16-29-01-817].log (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\log\UninstallManager_2014-11-24[16-29-22-168].log (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\log\UninstallManager_2014-11-24[16-30-09-721].log (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\log\UninstallManager_2014-11-24[16-31-39-936].log (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\log\UninstallManager_2014-11-24[16-33-48-461].log (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\log\UninstallManager_2014-11-24[16-37-30-577].log (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\Users\Daniel\AppData\Roaming\webssearches\log\UninstallManager_2014-11-24[16-38-32-790].log (PUP.Optional.WebsSearches.A) -> Keine Aktion durchgeführt. C:\ProgramData\IePluginServices\update\conf (PUP.Optional.IePluginServices.A) -> Keine Aktion durchgeführt. C:\ProgramData\WindowsMangerProtect\update\conf (PUP.Optional.WPM.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\BHOEnabler.exe (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\HpUI.exe (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\ient.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\install.data (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\Loader32.exe (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\msvcp110.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\msvcr110.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\uninstall.exe (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin\bk_shadow.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin\btn.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin\close.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin\main.xml (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin\main.xml.bak (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin\image\ck_box.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin\image\ck_check.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin\image\radio_bk.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\skin\image\radio_check.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\data.html (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\indexIE.html (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\indexIE8.html (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\main.css (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\ver.txt (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\img\google_trends.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\img\icon128.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\img\icon16.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\img\icon48.png (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\img\loading.gif (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\img\logo32.ico (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\js\common.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\js\ga.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\js\js.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\js\library.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\js\xagainit-ie8.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\js\xagainit2.0.js (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json (PUP.Optional.SupTab.A) -> Keine Aktion durchgeführt. (Ende) Für Ratschläge wäre ich sehr dankbar. Nachtrag FRST Log FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by HAL9000 (administrator) on HAL9000 on 24-11-2014 17:04:31
Running from D:\Download
Loaded Profile: HAL9000 (Available profiles: HAL9000)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Malwarebytes Corporation) C:\Program Files (x86)\Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Anti-Malware\mbamgui.exe
(Secure Banking) C:\Program Files (x86)\Secure Banking\SecureBanking.exe
() C:\Program Files (x86)\Secure Banking\sbservice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sysinternals - www.sysinternals.com) D:\Computer\Tuning\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Daniel\AppData\Local\Temp\procexp64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer\Run: [64428] => c:\progra~3\dxoidaj.exe No File
HKLM\...\Policies\Explorer: [1781466620] 0x504B0304C1C4D969FC052F6A1204000000300000BDB4B115D2AF6BE88D0DC594FFFFD90DB7914A288095F40BBDDA47AADABF662C9FB3BA34F4F2DF6C8CF1F53CF3A1BE08728E78783FB49269354839F8861F6A053DD0A09BFA896646414ABB20A4F91EC9A2502FBE27793E723D518F9D356536E640D14262950C781337718D356909C886B71513367F09ECCD113321D9265616540806E871D36D0E92DC4356D3348AD64910BAC1FCD25B5358502D6809E0B979B4A1D0EBDB1E165F99740C16A5C83A9D17F5668AD2CB3DABFA36916AF7CD5B8C045B63ACF1516C9140BE766D0E7796D132DE104D86266F38C85B7FC8ED7CF62461722CEC1F77BFE90DE1939ED304231E541181008CC16625A639FEC26346C3BEA270573E77F08ADC907C5881E2E8E0DB9A2DB0CE72B0DE6BA1605A2C427CEEBF13673B12E14EED8B42DA2A2AC59B6150C53655CD2F0C0BBB7D72EDF110BFE36995941F27CDEE3381C6CBFEA5F4175D68E135BFAC0866055239313362DB5DB3914FCD0F2D417C1C00224BFEB90F71C742FB29221A96338DDB41AAEE98B887DC4AF7B6C32CE2257A29EE876550F605778C201D92C9B129C55CAE25A61C5422285712CA007C7380325536631E5EAB3F68C6C48029EEC65003315A36517D38D5DA65D76E38AC61860F0E19BE51B7EF684BE92512759C1F6A183AAE945EA4E2C4A8B8562A27388EDBD169C8770BD6E0C4033635A311554AA846C14454895413A104296E2FB46E2DBE00D97B6B830F754471EFE6772C6E87F0E9316BC620147A7CF098206BD614B9CE01B6D149B7C27F1C82520AE0248A8E687F2D11FF37ED97486B89A4F895154A6C3B37404BC285B0D658203B2751B10768A7B33641CD8A6A787149F87F59A889A65E0DD943816479452597D21C739A2BE6575A91BC0B343A208572272B892842D78A5585D7805DD6F8F450C843F80B1884D29A9A3A7CBD377EDCF3D3F25AF4134D6C56F6E810DD15D451FD3A8D3B6B92C263BCEA9F74D4E8DBB97FCCB7EF2F4E02330CBAE645C9584CE10D3BD6BD6E46C8CD2CCF5ECD692A6F44DAB739B06411B8AD0E93E9374F61EC0305239A81A5FBC46B7FD0B9630EA0E39E54561DFE098263A86D85C2283862C62749B3D69CE2AC15628CCBC5B2B81DE5BD7360216190729CBABBE717DB6CE41CB7F69F48491A6963810B6C3B8917C1F8BC021ED32EC1B86C04369EC50EB4476E1C247021AF0659390A809E1A1B0B50E980F0447A217B0C166461E504FB2425D9BBCFB4A667CE00D5CC2356754DD97CC21E2258A9379211026CCA4C354476868E3437643D1160363E3990151322D4D0640683DDDA0BCCE80BCB65B19A9D1F054F5A5EE70A979A4A897C3AF504913BA3ED1D5B9A94A2910850B35FF65724CCD0168CC422D72224F48D94A3C31079A9BB6F60313BD41EB79DA58359274D6334DD0DC8D23E1F87159BC2902C6A3858E550C68BB89DF234DCFF2710541036CB3C0C67C60007449B
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\...\Run: [SecureBanking] => C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x89319FC20E0BCD01
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
SearchScopes: HKU\S-1-5-21-687046182-1720888418-2620476028-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
SearchScopes: HKU\S-1-5-21-687046182-1720888418-2620476028-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {E008A543-CEFB-4559-912F-C27C2B89F13B} https://comport-emea.daimler.com/,DSID=dadca7ce55cbc7782b10ab029b390293,DanaInfo=.astvuhr99HnJn043x3-9tT80E,SSL,ST=1+/dwa7W.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 192.168.0.1
Tcpip\..\Interfaces\{780A8806-5207-42AA-ABAC-6B224290FCFA}: [NameServer] 8.8.8.8,8.8.4.4
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=55&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&SSPV=
CHR StartupUrls: Default -> "https://www.google.de/webhp?sourceid=chrome-instant&rlz=1C1RNHN_enDE526DE526&ion=1&espv=2&es_th=1&ie=UTF-8"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (WOT) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-03-22]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-22]
CHR Extension: (Blur (Formerly DoNotTrackMe)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-03-23]
CHR Extension: (FlashBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2013-07-01]
CHR Extension: (Into The Mist) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-07-06]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://istart.webssearches.com/?type=sc&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-16] (Adobe Systems) [File not signed]
R4 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-11-24] (Cherished Technololgy LIMITED)
R2 MBAMScheduler; C:\Program Files (x86)\Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MBAMService; C:\Program Files (x86)\Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) [File not signed]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-03-08] (Microsoft Corporation) [File not signed]
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 40872330; C:\Windows\System32\DRIVERS\40872330.sys [460888 2013-02-18] (Kaspersky Lab ZAO)
R0 91912681; C:\Windows\System32\DRIVERS\91912681.sys [460888 2013-02-18] (Kaspersky Lab ZAO)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S3 Ltn_stk7070P_64; C:\Windows\System32\DRIVERS\Ltn_stk7070P_64.sys [543232 2007-10-19] (LITEON)
S3 Ltn_stkrc_64; C:\Windows\System32\DRIVERS\Ltn_stkrc_64.sys [16256 2007-10-19] (LITEON)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) [File not signed]
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [46592 2007-03-28] (Winbond Electronics Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U4 vsserv; No ImagePath
U3 aswMBR; \??\C:\Users\Daniel\AppData\Local\Temp\aswMBR.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-24 17:04 - 2014-11-24 17:04 - 00000000 ____D () C:\FRST
2014-11-24 16:37 - 2014-11-24 16:37 - 00003156 _____ () C:\Windows\System32\Tasks\{286C95D2-B5B3-4DCD-8059-D08A3769012E}
2014-11-24 14:55 - 2014-11-24 14:55 - 00000189 _____ () C:\siw_debug.txt
2014-11-24 14:40 - 2014-11-24 14:42 - 00000000 ____D () C:\AdwCleaner
2014-11-24 14:30 - 2014-11-24 14:30 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-11-24 14:29 - 2014-11-24 16:30 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-11-24 14:29 - 2014-11-24 14:30 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-11-24 11:55 - 2014-11-24 11:55 - 00001073 _____ () C:\Users\Daniel\Desktop\SIW Home Edition.lnk
2014-11-24 11:55 - 2014-11-24 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW
2014-11-24 11:55 - 2014-11-24 11:55 - 00000000 ____D () C:\Program Files (x86)\SIW 2013 Home Edition
2014-11-14 18:12 - 2014-11-24 11:35 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-24 16:53 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-24 16:53 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-24 16:47 - 2012-01-31 10:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-24 16:14 - 2013-03-27 10:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 15:31 - 2012-01-03 09:34 - 00000000 ____D () C:\Users\Daniel\AppData\Local\VirtualStore
2014-11-24 13:56 - 2013-03-22 10:21 - 01278271 _____ () C:\Windows\WindowsUpdate.log
2014-11-24 13:53 - 2013-06-25 23:04 - 00021081 _____ () C:\Windows\setupact.log
2014-11-24 13:53 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-24 12:47 - 2012-01-31 10:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-24 12:44 - 2009-10-14 07:04 - 00000000 ____D () C:\Windows\Panther
2014-11-24 12:42 - 2012-01-31 10:11 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-24 12:42 - 2012-01-31 10:11 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-24 12:36 - 2013-07-15 23:35 - 00106638 _____ () C:\Windows\PFRO.log
2014-11-24 11:37 - 2014-05-06 09:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-24 11:37 - 2012-01-03 09:34 - 00000000 ____D () C:\Users\Daniel
2014-11-24 11:35 - 2014-01-27 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-24 11:35 - 2014-01-27 19:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-24 11:35 - 2013-03-27 11:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-24 11:35 - 2013-03-09 13:31 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\dvdcss
2014-11-24 11:35 - 2013-03-09 12:43 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc
2014-11-24 11:35 - 2013-03-08 20:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-11-24 11:35 - 2013-03-08 17:49 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Skype
2014-11-24 11:35 - 2012-01-31 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-24 11:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-13 10:07 - 2013-07-26 20:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-31 12:40 - 2013-03-17 11:04 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Spotify
2014-10-31 12:26 - 2013-03-17 11:05 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Spotify
2014-10-28 06:34 - 2009-10-14 06:13 - 00275080 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\FreemakeVideoConverter_4.1.1.0.exe
C:\Users\Daniel\AppData\Local\Temp\PCSChecker.exe
C:\Users\Daniel\AppData\Local\Temp\procexp64.exe
C:\Users\Daniel\AppData\Local\Temp\Second Life Setup.exe
C:\Users\Daniel\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-19 13:24
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by HAL9000 at 2014-11-24 17:05:53
Running from D:\Download
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{41042E28-CCA1-4147-869F-9E928B38F04C}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.8) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{343666E2-A059-48AC-AD67-230BF74E2DB2}) (Version: 2.1.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Freemake Video Converter Version 4.1.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.1 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{5E11C972-1E76-45FE-8F92-14E0D1140B1B}) (Version: 10.5.3.3 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Malwarebytes Anti-Malware Version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.2.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Passepartout-Rechner 2 Version 2.9.0.3 (HKLM-x32\...\{4F904A70-56F2-41B1-BC9B-7D55CB4C9FAD}_is1) (Version: 2.9.0.3 - Ulli Gabsch)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.6005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.6005 - Secunia)
Secure Banking Version 1.5.1 (HKLM-x32\...\{207E9B74-F4D3-4FD7-8142-16FF41825BC4}_is1) (Version: 1.5.1 - Hopfgartner Niklas)
Secure Banking Version 1.5.2 (HKLM-x32\...\{0BEE0AF9-79F3-4C4F-B374-90C0A16BF294}_is1) (Version: 1.5.2 - Hopfgartner Niklas)
SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
Spotify (HKU\S-1-5-21-687046182-1720888418-2620476028-1001\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
webssearches uninstall (HKLM-x32\...\webssearches uninstall) (Version: - webssearches) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
14-11-2014 17:10:47 Windows Update
18-11-2014 14:20:42 Windows Update
20-11-2014 09:00:18 Windows Update
22-11-2014 15:16:54 Windows Update
23-11-2014 16:46:26 Windows Update
23-11-2014 16:56:46 Wiederherstellungsvorgang
23-11-2014 18:01:41 Windows Update
23-11-2014 22:25:06 Windows Update
24-11-2014 09:32:41 Windows Modules Installer
24-11-2014 10:30:04 Wiederherstellungsvorgang
24-11-2014 11:38:56 Windows Update
24-11-2014 11:42:21 Windows Modules Installer
24-11-2014 11:43:59 Windows Modules Installer
24-11-2014 11:48:01 Windows Update
24-11-2014 11:49:34 Windows Modules Installer
24-11-2014 11:51:32 Windows Modules Installer
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2013-03-27 21:55 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {4230EF26-22BB-4CEA-8C51-CEF666CD96F4} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
Task: {9DED234F-86EA-4644-920E-74B7487E026A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {A925B977-0AA7-4048-803C-89ED2E92A30D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-687046182-1720888418-2620476028-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {AC05A7EE-B471-425E-95FB-288AD1F59658} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-01-09] (IObit)
Task: {D93D0A07-70DD-48C9-B3ED-7A76EC581514} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {E3955796-F2C2-4472-9120-AB9AF2B542CD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-687046182-1720888418-2620476028-1001
Task: {E8EDFF54-767F-4378-883F-FB9F8671A284} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-687046182-1720888418-2620476028-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {EDCC6B1D-359C-4D53-8306-72DE328D4738} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-28] (Adobe Systems Incorporated)
Task: {EED538A2-3686-4B8C-95B6-CDA5010BE7CD} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-01-09] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-21 12:33 - 2014-11-24 14:29 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2013-03-20 00:48 - 2012-09-07 16:30 - 00002560 _____ () C:\Program Files (x86)\Secure Banking\sbservice.exe
2014-08-21 12:32 - 2014-11-24 14:29 - 00733576 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2013-02-20 01:45 - 2013-02-20 01:45 - 00036864 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-03-20 00:48 - 2013-06-30 16:01 - 00017920 _____ () C:\Program Files (x86)\Secure Banking\SecureBanking.dll
2013-03-20 00:48 - 2013-05-26 12:13 - 00008704 _____ () C:\Program Files (x86)\Secure Banking\funcs.dll
2013-09-20 12:50 - 2013-09-20 12:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2013-09-17 03:54 - 2013-09-17 03:54 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2014-08-21 12:33 - 2014-11-24 14:29 - 00023944 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2013-03-08 20:46 - 2013-12-28 11:07 - 03017840 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-03-08 20:46 - 2013-12-28 11:07 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-03-08 20:46 - 2013-12-28 11:07 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2012-02-04 17:55 - 2013-10-17 23:42 - 09489408 _____ () C:\Users\Daniel\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu
2013-09-03 14:53 - 2013-09-03 14:53 - 00305520 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
2012-02-04 17:55 - 2013-10-17 23:43 - 00014336 _____ () C:\Users\Daniel\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU
2013-04-17 21:10 - 2013-12-05 09:21 - 00025600 _____ () C:\Users\Daniel\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_SaveAsRTF.DEU
2014-10-27 22:47 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-27 22:47 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-27 22:47 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-27 22:47 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\09821546.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\09821546.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAANTMON => 2
MSCONFIG\Services: IePluginServices => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WindowsMangerProtect => 2
MSCONFIG\startupfolder: C:^Users^Daniel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Daniel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_91912681.lnk => C:\Windows\pss\_uninst_91912681.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
========================= Accounts: ==========================
Administrator (S-1-5-21-687046182-1720888418-2620476028-500 - Administrator - Disabled)
Gast (S-1-5-21-687046182-1720888418-2620476028-501 - Limited - Disabled)
HAL9000 (S-1-5-21-687046182-1720888418-2620476028-1001 - Administrator - Enabled) => C:\Users\Daniel
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/24/2014 03:34:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/24/2014 03:34:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/24/2014 03:34:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/24/2014 03:34:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/24/2014 02:49:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "攀琀昀砀瀀爀椀". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (11/24/2014 02:47:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "攀琀昀砀瀀爀椀". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (11/24/2014 01:46:45 PM) (Source: Software Protection Platform Service) (EventID: 1012) (User: )
Description: Fehler beim Erwerb des Produktzertifikats. hr=0xC004C003
SKU-ID=a0cde89c-3304-4157-b61c-c8ad785d1fad
Error: (11/24/2014 01:46:45 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails.
hr=0xC004C003
Error: (11/24/2014 01:44:34 PM) (Source: Software Protection Platform Service) (EventID: 1012) (User: )
Description: Fehler beim Erwerb des Produktzertifikats. hr=0xC004C003
SKU-ID=a0cde89c-3304-4157-b61c-c8ad785d1fad
Error: (11/24/2014 01:44:34 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails.
hr=0xC004C003
System errors:
=============
Error: (11/24/2014 02:49:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
%%-2147467259
Error: (11/24/2014 02:47:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
%%-2147467259
Error: (11/24/2014 01:53:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (11/24/2014 01:53:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (11/24/2014 01:53:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (11/24/2014 01:53:50 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (11/24/2014 01:33:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
%%-2147467259
Error: (11/24/2014 01:31:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
%%-2147467259
Error: (11/24/2014 01:05:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (11/24/2014 01:05:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Microsoft Office Sessions:
=========================
Error: (11/24/2014 03:34:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Computer\Sicherheit\Eset.exe
Error: (11/24/2014 03:34:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Computer\Sicherheit\Eset.exe
Error: (11/24/2014 03:34:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Computer\Sicherheit\Eset.exe
Error: (11/24/2014 03:34:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Computer\Sicherheit\Eset.exe
Error: (11/24/2014 02:49:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: 攀琀昀砀瀀爀椀1600000000893A0000893A0000980B0000
Error: (11/24/2014 02:47:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT-AUTORITÄT)
Description: 攀琀昀砀瀀爀椀1600000000893A0000893A0000980B0000
Error: (11/24/2014 01:46:45 PM) (Source: Software Protection Platform Service) (EventID: 1012) (User: )
Description: hr=0xC004C003a0cde89c-3304-4157-b61c-c8ad785d1fad
Error: (11/24/2014 01:46:45 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0xC004C00300010001(0x00000000, 13:46:45:428 - hxxp://go.microsoft.com/fwlink/?LinkID=88340)
00020001(0x00000000, 13:46:45:428)
00030001(0x00000000, 13:46:45:428 - hxxp://go.microsoft.com)
00030002(0x00000000, 13:46:45:428 - 1)
00020005(0x00000000, 13:46:45:428 - 0)
0002000C(0x00000000, 13:46:45:601 - 302)
0002000E(0x00000000, 13:46:45:601 - https://activation.sls.microsoft.com/slpkc/SLCertifyProduct.asmx)
00020001(0x00000000, 13:46:45:601)
00030001(0x00000000, 13:46:45:601 - https://activation.sls.microsoft.com)
00030002(0x00000000, 13:46:45:601 - 1)
00020005(0x00000000, 13:46:45:601 - 0)
0002000C(0x00000000, 13:46:45:803 - 500)
00010002(0x8004FC01, 13:46:45:804 - <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>SoapException</faultstring><detail><HRESULT>0xC004C003</HRESULT><Messages><Message>103 (Activation) - [PA Product key blocked. ---> Product key blocked]</Message></Messages></detail></soap:Fault></soap:Body></soap:Envelope>)
00010003(0x8004FC01, 13:46:45:805)
Error: (11/24/2014 01:44:34 PM) (Source: Software Protection Platform Service) (EventID: 1012) (User: )
Description: hr=0xC004C003a0cde89c-3304-4157-b61c-c8ad785d1fad
Error: (11/24/2014 01:44:34 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0xC004C00300010001(0x00000000, 13:44:34:131 - hxxp://go.microsoft.com/fwlink/?LinkID=88340)
00020001(0x00000000, 13:44:34:131)
00030001(0x00000000, 13:44:34:131 - hxxp://go.microsoft.com)
00030002(0x00000000, 13:44:34:131 - 1)
00020005(0x00000000, 13:44:34:131 - 0)
0002000C(0x00000000, 13:44:34:303 - 302)
0002000E(0x00000000, 13:44:34:304 - https://activation.sls.microsoft.com/slpkc/SLCertifyProduct.asmx)
00020001(0x00000000, 13:44:34:304)
00030001(0x00000000, 13:44:34:304 - https://activation.sls.microsoft.com)
00030002(0x00000000, 13:44:34:304 - 1)
00020005(0x00000000, 13:44:34:304 - 0)
0002000C(0x00000000, 13:44:34:543 - 500)
00010002(0x8004FC01, 13:44:34:543 - <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>SoapException</faultstring><detail><HRESULT>0xC004C003</HRESULT><Messages><Message>103 (Activation) - [PA Product key blocked. ---> Product key blocked]</Message></Messages></detail></soap:Fault></soap:Body></soap:Envelope>)
00010003(0x8004FC01, 13:44:34:567)
CodeIntegrity Errors:
===================================
Date: 2014-11-23 21:55:22.276
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-22 20:19:41.568
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-17 15:36:20.053
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 17:38:02.590
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-07 09:45:45.117
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-31 19:59:31.874
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-30 10:06:35.731
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-24 23:43:39.697
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-16 19:31:10.161
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 13:55:10.656
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 66%
Total physical RAM: 4060.87 MB
Available physical RAM: 1352.51 MB
Total Pagefile: 8119.91 MB
Available Pagefile: 5107.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:144.04 GB) (Free:49.71 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:140.5 GB) (Free:8.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 80E04B39)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=140.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3.5 GB) - (Type=12)
==================== End Of Log ============================
|
|
24.11.2014, 17:36
| #2 |
| /// the machine /// TB-Ausbilder    | istart.webssearches bekämpfen! - Wie? > Log hi,
__________________Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
24.11.2014, 18:16
| #3 |
| | istart.webssearches bekämpfen! - Wie? > Log Hallo schrauber! Vielen Dank für die schnelle Hilfe! Hier die Logs:
__________________JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Ultimate x64
Ran by HAL9000 on 24.11.2014 at 18:04:26,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.11.2014 at 18:10:12,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by HAL9000 (administrator) on HAL9000 on 24-11-2014 18:20:13
Running from D:\Download
Loaded Profile: HAL9000 (Available profiles: HAL9000)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Malwarebytes Corporation) C:\Program Files (x86)\Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Anti-Malware\mbamgui.exe
(Secure Banking) C:\Program Files (x86)\Secure Banking\SecureBanking.exe
() C:\Program Files (x86)\Secure Banking\sbservice.exe
(Thisisu) D:\Download\JRT (1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer\Run: [64428] => c:\progra~3\dxoidaj.exe No File
HKLM\...\Policies\Explorer: [1781466620] 0x504B0304C1C4D969FC052F6A1204000000300000BDB4B115D2AF6BE88D0DC594FFFFD90DB7914A288095F40BBDDA47AADABF662C9FB3BA34F4F2DF6C8CF1F53CF3A1BE08728E78783FB49269354839F8861F6A053DD0A09BFA896646414ABB20A4F91EC9A2502FBE27793E723D518F9D356536E640D14262950C781337718D356909C886B71513367F09ECCD113321D9265616540806E871D36D0E92DC4356D3348AD64910BAC1FCD25B5358502D6809E0B979B4A1D0EBDB1E165F99740C16A5C83A9D17F5668AD2CB3DABFA36916AF7CD5B8C045B63ACF1516C9140BE766D0E7796D132DE104D86266F38C85B7FC8ED7CF62461722CEC1F77BFE90DE1939ED304231E541181008CC16625A639FEC26346C3BEA270573E77F08ADC907C5881E2E8E0DB9A2DB0CE72B0DE6BA1605A2C427CEEBF13673B12E14EED8B42DA2A2AC59B6150C53655CD2F0C0BBB7D72EDF110BFE36995941F27CDEE3381C6CBFEA5F4175D68E135BFAC0866055239313362DB5DB3914FCD0F2D417C1C00224BFEB90F71C742FB29221A96338DDB41AAEE98B887DC4AF7B6C32CE2257A29EE876550F605778C201D92C9B129C55CAE25A61C5422285712CA007C7380325536631E5EAB3F68C6C48029EEC65003315A36517D38D5DA65D76E38AC61860F0E19BE51B7EF684BE92512759C1F6A183AAE945EA4E2C4A8B8562A27388EDBD169C8770BD6E0C4033635A311554AA846C14454895413A104296E2FB46E2DBE00D97B6B830F754471EFE6772C6E87F0E9316BC620147A7CF098206BD614B9CE01B6D149B7C27F1C82520AE0248A8E687F2D11FF37ED97486B89A4F895154A6C3B37404BC285B0D658203B2751B10768A7B33641CD8A6A787149F87F59A889A65E0DD943816479452597D21C739A2BE6575A91BC0B343A208572272B892842D78A5585D7805DD6F8F450C843F80B1884D29A9A3A7CBD377EDCF3D3F25AF4134D6C56F6E810DD15D451FD3A8D3B6B92C263BCEA9F74D4E8DBB97FCCB7EF2F4E02330CBAE645C9584CE10D3BD6BD6E46C8CD2CCF5ECD692A6F44DAB739B06411B8AD0E93E9374F61EC0305239A81A5FBC46B7FD0B9630EA0E39E54561DFE098263A86D85C2283862C62749B3D69CE2AC15628CCBC5B2B81DE5BD7360216190729CBABBE717DB6CE41CB7F69F48491A6963810B6C3B8917C1F8BC021ED32EC1B86C04369EC50EB4476E1C247021AF0659390A809E1A1B0B50E980F0447A217B0C166461E504FB2425D9BBCFB4A667CE00D5CC2356754DD97CC21E2258A9379211026CCA4C354476868E3437643D1160363E3990151322D4D0640683DDDA0BCCE80BCB65B19A9D1F054F5A5EE70A979A4A897C3AF504913BA3ED1D5B9A94A2910850B35FF65724CCD0168CC422D72224F48D94A3C31079A9BB6F60313BD41EB79DA58359274D6334DD0DC8D23E1F87159BC2902C6A3858E550C68BB89DF234DCFF2710541036CB3C0C67C60007449B
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\...\Run: [SecureBanking] => C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x89319FC20E0BCD01
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-687046182-1720888418-2620476028-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {E008A543-CEFB-4559-912F-C27C2B89F13B} https://comport-emea.daimler.com/,DSID=dadca7ce55cbc7782b10ab029b390293,DanaInfo=.astvuhr99HnJn043x3-9tT80E,SSL,ST=1+/dwa7W.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 192.168.0.1
Tcpip\..\Interfaces\{780A8806-5207-42AA-ABAC-6B224290FCFA}: [NameServer] 8.8.8.8,8.8.4.4
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=55&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&SSPV=
CHR StartupUrls: Default -> "https://www.google.de/webhp?sourceid=chrome-instant&rlz=1C1RNHN_enDE526DE526&ion=1&espv=2&es_th=1&ie=UTF-8"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (WOT) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-03-22]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-22]
CHR Extension: (Blur (Formerly DoNotTrackMe)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-03-23]
CHR Extension: (FlashBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2013-07-01]
CHR Extension: (Into The Mist) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-11-24]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-16] (Adobe Systems) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MBAMService; C:\Program Files (x86)\Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) [File not signed]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-03-08] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 40872330; C:\Windows\System32\DRIVERS\40872330.sys [460888 2013-02-18] (Kaspersky Lab ZAO)
R0 91912681; C:\Windows\System32\DRIVERS\91912681.sys [460888 2013-02-18] (Kaspersky Lab ZAO)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S3 Ltn_stk7070P_64; C:\Windows\System32\DRIVERS\Ltn_stk7070P_64.sys [543232 2007-10-19] (LITEON)
S3 Ltn_stkrc_64; C:\Windows\System32\DRIVERS\Ltn_stkrc_64.sys [16256 2007-10-19] (LITEON)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) [File not signed]
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [46592 2007-03-28] (Winbond Electronics Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U4 vsserv; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-24 18:10 - 2014-11-24 18:10 - 00000623 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-11-24 17:45 - 2014-11-24 17:45 - 00001270 _____ () C:\Users\Daniel\Desktop\Revo Uninstaller.lnk
2014-11-24 17:45 - 2014-11-24 17:45 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-24 17:04 - 2014-11-24 18:20 - 00000000 ____D () C:\FRST
2014-11-24 16:37 - 2014-11-24 16:37 - 00003156 _____ () C:\Windows\System32\Tasks\{286C95D2-B5B3-4DCD-8059-D08A3769012E}
2014-11-24 14:55 - 2014-11-24 14:55 - 00000189 _____ () C:\siw_debug.txt
2014-11-24 14:40 - 2014-11-24 18:03 - 00000000 ____D () C:\AdwCleaner
2014-11-24 11:55 - 2014-11-24 11:55 - 00001073 _____ () C:\Users\Daniel\Desktop\SIW Home Edition.lnk
2014-11-24 11:55 - 2014-11-24 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW
2014-11-24 11:55 - 2014-11-24 11:55 - 00000000 ____D () C:\Program Files (x86)\SIW 2013 Home Edition
2014-11-14 18:12 - 2014-11-24 11:35 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-24 18:14 - 2013-03-27 10:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 17:59 - 2013-07-15 23:35 - 00108472 _____ () C:\Windows\PFRO.log
2014-11-24 17:59 - 2013-06-25 23:04 - 00021137 _____ () C:\Windows\setupact.log
2014-11-24 17:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-24 17:56 - 2012-01-31 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-24 17:56 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-24 17:56 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-24 17:47 - 2012-01-31 10:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-24 15:31 - 2012-01-03 09:34 - 00000000 ____D () C:\Users\Daniel\AppData\Local\VirtualStore
2014-11-24 13:56 - 2013-03-22 10:21 - 01281236 _____ () C:\Windows\WindowsUpdate.log
2014-11-24 12:47 - 2012-01-31 10:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-24 12:44 - 2009-10-14 07:04 - 00000000 ____D () C:\Windows\Panther
2014-11-24 12:42 - 2012-01-31 10:11 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-24 12:42 - 2012-01-31 10:11 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-24 11:37 - 2014-05-06 09:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-24 11:37 - 2012-01-03 09:34 - 00000000 ____D () C:\Users\Daniel
2014-11-24 11:35 - 2014-01-27 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-24 11:35 - 2014-01-27 19:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-24 11:35 - 2013-03-27 11:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-24 11:35 - 2013-03-09 13:31 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\dvdcss
2014-11-24 11:35 - 2013-03-09 12:43 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc
2014-11-24 11:35 - 2013-03-08 20:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-11-24 11:35 - 2013-03-08 17:49 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Skype
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-24 11:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-13 10:07 - 2013-07-26 20:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-31 12:40 - 2013-03-17 11:04 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Spotify
2014-10-31 12:26 - 2013-03-17 11:05 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Spotify
2014-10-28 06:34 - 2009-10-14 06:13 - 00275080 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\FreemakeVideoConverter_4.1.1.0.exe
C:\Users\Daniel\AppData\Local\Temp\PCSChecker.exe
C:\Users\Daniel\AppData\Local\Temp\Second Life Setup.exe
C:\Users\Daniel\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-19 13:24
==================== End Of Log ============================
--- --- --- AdwCleaner 1 Code:
ATTFilter # AdwCleaner v4.102 - Bericht erstellt am 24/11/2014 um 14:40:40
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-24.1 [Live]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : HAL9000 - HAL9000
# Gestartet von : D:\Download\adwcleaner_4.102.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : IePluginServices
Dienst Gefunden : WindowsMangerProtect
***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\Program Files (x86)\SupTab
Ordner Gefunden : C:\ProgramData\IePluginServices
Ordner Gefunden : C:\ProgramData\WindowsMangerProtect
Ordner Gefunden : C:\Users\Daniel\AppData\Local\CrashRpt
Ordner Gefunden : C:\Users\Daniel\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gefunden : C:\Users\Daniel\AppData\Roaming\pdfforge
Ordner Gefunden : C:\Users\Daniel\AppData\Roaming\webssearches
Ordner Gefunden : C:\Users\Daniel\Documents\Updater
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://istart.webssearches.com/?type=sc&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKCU\Software\SupHpUISoft
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\SupHpUISoft
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Schlüssel Gefunden : HKLM\SOFTWARE\SupDp
Schlüssel Gefunden : HKLM\SOFTWARE\SupTab
Schlüssel Gefunden : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gefunden : HKLM\SOFTWARE\supWPM
Schlüssel Gefunden : HKLM\SOFTWARE\webssearchesSoftware
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R0].txt - [4101 octets] - [24/11/2014 14:40:40]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4161 octets] ##########
AdwCleaner 2 Code:
ATTFilter # AdwCleaner v4.102 - Bericht erstellt am 24/11/2014 um 17:53:02
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-24.1 [Live]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : HAL9000 - HAL9000
# Gestartet von : D:\Download\adwcleaner_4.102.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : IePluginServices
***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\Program Files (x86)\SupTab
Ordner Gefunden : C:\ProgramData\IePluginServices
Ordner Gefunden : C:\ProgramData\WindowsMangerProtect
Ordner Gefunden : C:\Users\Daniel\AppData\Local\CrashRpt
Ordner Gefunden : C:\Users\Daniel\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gefunden : C:\Users\Daniel\AppData\Roaming\pdfforge
Ordner Gefunden : C:\Users\Daniel\Documents\Updater
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://istart.webssearches.com/?type=sc&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKCU\Software\SupHpUISoft
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\SupHpUISoft
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\SupDp
Schlüssel Gefunden : HKLM\SOFTWARE\SupTab
Schlüssel Gefunden : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gefunden : HKLM\SOFTWARE\supWPM
Schlüssel Gefunden : HKLM\SOFTWARE\webssearchesSoftware
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867
-\\ Google Chrome v38.0.2125.111
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
*************************
AdwCleaner[R0].txt - [4269 octets] - [24/11/2014 14:40:40]
AdwCleaner[R1].txt - [45501 octets] - [24/11/2014 17:53:02]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [45562 octets] ##########
Code:
ATTFilter # AdwCleaner v4.102 - Bericht erstellt am 24/11/2014 um 18:01:15
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-24.1 [Live]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : HAL9000 - HAL9000
# Gestartet von : D:\Download\adwcleaner_4.102.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R0].txt - [4269 octets] - [24/11/2014 14:40:40]
AdwCleaner[R1].txt - [45671 octets] - [24/11/2014 17:53:02]
AdwCleaner[R2].txt - [736 octets] - [24/11/2014 18:01:15]
AdwCleaner[S0].txt - [44578 octets] - [24/11/2014 17:56:27]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [856 octets] ##########
Code:
ATTFilter # AdwCleaner v4.102 - Bericht erstellt am 24/11/2014 um 17:56:27
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-24.1 [Live]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : HAL9000 - HAL9000
# Gestartet von : D:\Download\adwcleaner_4.102.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : IePluginServices
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Daniel\Documents\Updater
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKCU64\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\supWPM
Schlüssel Gelöscht : HKLM\SOFTWARE\webssearchesSoftware
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
-\\ Google Chrome v38.0.2125.111
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=58&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&q={searchTerms}&SSPV=
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://sportbild.bild.de/kddb/cms/websearchsport.do?query={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416835718&from=cvs2&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808RZ0867Z0867&q={searchTerms}
Geändert von HAL6996 (24.11.2014 um 18:27 Uhr) Grund: Logs vergessen... |
|
25.11.2014, 15:57
| #4 |
| /// the machine /// TB-Ausbilder | istart.webssearches bekämpfen! - Wie? > LogESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.11.2014, 20:08
| #5 |
| | istart.webssearches bekämpfen! - Wie? > Log Hallo schrauber! Vielen Dank für deine Hilfe! Hier die Logs: ESET Code:
ATTFilter C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\BHOEnabler.exe.vir Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir Win32/Thinknice.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir Win64/Thinknice.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\HpUI.exe.vir Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir Win32/Thinknice.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir Win64/Thinknice.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir Variante von Win32/Thinknice.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir Win64/Thinknice.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir Win32/Thinknice.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir Win32/Thinknice.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll32.dll.vir Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll64.dll.vir Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung
C:\Users\Daniel\AppData\Local\Temp\PCSChecker.exe Variante von Win32/Adware.PicColor.C Anwendung
C:\Users\Daniel\AppData\Local\Temp\DLG_iDieaxBx\exe\elex-websearches-freewareshareware-1.0-de-de\cvs2_webssearches.exe Variante von Win32/LiMo.C evtl. unerwünschte Anwendung
C:\Users\Daniel\AppData\Local\Temp\is-6A1LE.tmp\ToolbarAcceptRate.exe Win32/Toolbar.Widgi.C evtl. unerwünschte Anwendung
D:\Download\Beethoven_Complete_Symphonies_Concertos_amp_Overtures_Grosse_Fuge_Missa_solemnis_Karajan_Berliner_Philharmoniker_2011_FLAC (1).exe Win32/AdWare.1ClickDownload.AT Anwendung
D:\Download\Beethoven_Complete_Symphonies_Concertos_amp_Overtures_Grosse_Fuge_Missa_solemnis_Karajan_Berliner_Philharmoniker_2011_FLAC.exe Win32/AdWare.1ClickDownload.AT Anwendung
D:\Download\CreativeCloudSet-Up-Downloader.exe Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung
D:\Download\defragsetup280.exe Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung
D:\Download\defragsetup_2.7.exe Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung
D:\Download\InstallWinLiMan-Downloader.exe Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung
D:\Download\PDFCreator-1_7_2_setup_offline.exe Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung
D:\Download\SoftonicDownloader_fuer_vlc-media-player.exe Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung
D:\Download\Unlimited Downloads__3339_i399036617_il50.exe Variante von Win32/Amonetize.AJ evtl. unerwünschte Anwendung
D:\Download\_.exe Win32/AdWare.1ClickDownload.AT Anwendung
D:\HAL9000\Backup Set 2014-10-01 200447\Backup Files 2014-10-01 200447\Backup files 34.zip Mehrere Bedrohungen
Checkup Code:
ATTFilter Results of screen317's Security Check version 0.99.90 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Secunia PSI (3.0.0.6005) Malwarebytes Anti-Malware Version 1.70.0.1100 Out of date Malwarebytes Anti-Malware installed! Java 7 Update 45 Java version out of Date! Adobe Flash Player 11.9.900.170 Flash Player out of Date! Adobe Reader 10.1.8 Adobe Reader out of Date! Mozilla Thunderbird (24.2.0) Google Chrome (38.0.2125.111) Google Chrome (39.0.2171.65) Google Chrome (chrome.exe..) Google Chrome (debug.log..) Google Chrome (Dictionaries...) Google Chrome (master_preferences...) Google Chrome (old_chrome.exe..) Google Chrome (wow_helper.exe..) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by HAL9000 (administrator) on HAL9000 on 25-11-2014 20:10:21
Running from D:\Download
Loaded Profile: HAL9000 (Available profiles: HAL9000)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Malwarebytes Corporation) C:\Program Files (x86)\Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Anti-Malware\mbamgui.exe
(Secure Banking) C:\Program Files (x86)\Secure Banking\SecureBanking.exe
() C:\Program Files (x86)\Secure Banking\sbservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
() C:\Users\Daniel\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer\Run: [64428] => c:\progra~3\dxoidaj.exe No File
HKLM\...\Policies\Explorer: [1781466620] 0x504B0304C1C4D969FC052F6A1204000000300000BDB4B115D2AF6BE88D0DC594FFFFD90DB7914A288095F40BBDDA47AADABF662C9FB3BA34F4F2DF6C8CF1F53CF3A1BE08728E78783FB49269354839F8861F6A053DD0A09BFA896646414ABB20A4F91EC9A2502FBE27793E723D518F9D356536E640D14262950C781337718D356909C886B71513367F09ECCD113321D9265616540806E871D36D0E92DC4356D3348AD64910BAC1FCD25B5358502D6809E0B979B4A1D0EBDB1E165F99740C16A5C83A9D17F5668AD2CB3DABFA36916AF7CD5B8C045B63ACF1516C9140BE766D0E7796D132DE104D86266F38C85B7FC8ED7CF62461722CEC1F77BFE90DE1939ED304231E541181008CC16625A639FEC26346C3BEA270573E77F08ADC907C5881E2E8E0DB9A2DB0CE72B0DE6BA1605A2C427CEEBF13673B12E14EED8B42DA2A2AC59B6150C53655CD2F0C0BBB7D72EDF110BFE36995941F27CDEE3381C6CBFEA5F4175D68E135BFAC0866055239313362DB5DB3914FCD0F2D417C1C00224BFEB90F71C742FB29221A96338DDB41AAEE98B887DC4AF7B6C32CE2257A29EE876550F605778C201D92C9B129C55CAE25A61C5422285712CA007C7380325536631E5EAB3F68C6C48029EEC65003315A36517D38D5DA65D76E38AC61860F0E19BE51B7EF684BE92512759C1F6A183AAE945EA4E2C4A8B8562A27388EDBD169C8770BD6E0C4033635A311554AA846C14454895413A104296E2FB46E2DBE00D97B6B830F754471EFE6772C6E87F0E9316BC620147A7CF098206BD614B9CE01B6D149B7C27F1C82520AE0248A8E687F2D11FF37ED97486B89A4F895154A6C3B37404BC285B0D658203B2751B10768A7B33641CD8A6A787149F87F59A889A65E0DD943816479452597D21C739A2BE6575A91BC0B343A208572272B892842D78A5585D7805DD6F8F450C843F80B1884D29A9A3A7CBD377EDCF3D3F25AF4134D6C56F6E810DD15D451FD3A8D3B6B92C263BCEA9F74D4E8DBB97FCCB7EF2F4E02330CBAE645C9584CE10D3BD6BD6E46C8CD2CCF5ECD692A6F44DAB739B06411B8AD0E93E9374F61EC0305239A81A5FBC46B7FD0B9630EA0E39E54561DFE098263A86D85C2283862C62749B3D69CE2AC15628CCBC5B2B81DE5BD7360216190729CBABBE717DB6CE41CB7F69F48491A6963810B6C3B8917C1F8BC021ED32EC1B86C04369EC50EB4476E1C247021AF0659390A809E1A1B0B50E980F0447A217B0C166461E504FB2425D9BBCFB4A667CE00D5CC2356754DD97CC21E2258A9379211026CCA4C354476868E3437643D1160363E3990151322D4D0640683DDDA0BCCE80BCB65B19A9D1F054F5A5EE70A979A4A897C3AF504913BA3ED1D5B9A94A2910850B35FF65724CCD0168CC422D72224F48D94A3C31079A9BB6F60313BD41EB79DA58359274D6334DD0DC8D23E1F87159BC2902C6A3858E550C68BB89DF234DCFF2710541036CB3C0C67C60007449B
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\...\Run: [SecureBanking] => C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x89319FC20E0BCD01
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-687046182-1720888418-2620476028-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {E008A543-CEFB-4559-912F-C27C2B89F13B} https://comport-emea.daimler.com/,DSID=dadca7ce55cbc7782b10ab029b390293,DanaInfo=.astvuhr99HnJn043x3-9tT80E,SSL,ST=1+/dwa7W.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 192.168.0.1
Tcpip\..\Interfaces\{780A8806-5207-42AA-ABAC-6B224290FCFA}: [NameServer] 8.8.8.8,8.8.4.4
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MDE1D90EC-443F-44DD-A1FE-078F5D19DB03&SearchSource=55&CUI=&UM=6&UP=SPF99EE7EB-F0DB-4F93-B922-FED219D08B86&SSPV=
CHR StartupUrls: Default -> "https://www.google.de/webhp?sourceid=chrome-instant&rlz=1C1RNHN_enDE526DE526&ion=1&espv=2&es_th=1&ie=UTF-8"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (WOT) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-03-22]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-22]
CHR Extension: (Blur (Formerly DoNotTrackMe)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-03-23]
CHR Extension: (FlashBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2013-07-01]
CHR Extension: (Into The Mist) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-11-24]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-16] (Adobe Systems) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MBAMService; C:\Program Files (x86)\Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) [File not signed]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-03-08] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 40872330; C:\Windows\System32\DRIVERS\40872330.sys [460888 2013-02-18] (Kaspersky Lab ZAO)
R0 91912681; C:\Windows\System32\DRIVERS\91912681.sys [460888 2013-02-18] (Kaspersky Lab ZAO)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S3 Ltn_stk7070P_64; C:\Windows\System32\DRIVERS\Ltn_stk7070P_64.sys [543232 2007-10-19] (LITEON)
S3 Ltn_stkrc_64; C:\Windows\System32\DRIVERS\Ltn_stkrc_64.sys [16256 2007-10-19] (LITEON)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) [File not signed]
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [46592 2007-03-28] (Winbond Electronics Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U4 vsserv; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-25 16:44 - 2014-11-25 16:44 - 00854414 _____ () C:\Users\Daniel\Desktop\SecurityCheck.exe
2014-11-24 20:02 - 2014-11-24 20:02 - 00000000 ____D () C:\Users\Daniel\Documents\Updater
2014-11-24 19:59 - 2014-11-24 19:59 - 00000000 ____D () C:\ProgramData\Adobe Systems
2014-11-24 19:58 - 2014-11-24 19:58 - 00001033 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS2.lnk
2014-11-24 18:10 - 2014-11-24 18:10 - 00000623 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-11-24 17:45 - 2014-11-24 17:45 - 00001270 _____ () C:\Users\Daniel\Desktop\Revo Uninstaller.lnk
2014-11-24 17:45 - 2014-11-24 17:45 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-24 17:04 - 2014-11-25 20:10 - 00000000 ____D () C:\FRST
2014-11-24 16:37 - 2014-11-24 16:37 - 00003156 _____ () C:\Windows\System32\Tasks\{286C95D2-B5B3-4DCD-8059-D08A3769012E}
2014-11-24 14:55 - 2014-11-24 14:55 - 00000189 _____ () C:\siw_debug.txt
2014-11-24 14:40 - 2014-11-24 18:03 - 00000000 ____D () C:\AdwCleaner
2014-11-24 11:55 - 2014-11-24 11:55 - 00001073 _____ () C:\Users\Daniel\Desktop\SIW Home Edition.lnk
2014-11-24 11:55 - 2014-11-24 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW
2014-11-24 11:55 - 2014-11-24 11:55 - 00000000 ____D () C:\Program Files (x86)\SIW 2013 Home Edition
2014-11-14 18:12 - 2014-11-24 11:35 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-25 19:48 - 2012-01-31 10:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-25 19:33 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-25 19:33 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-25 19:14 - 2013-03-27 10:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-25 15:50 - 2013-03-22 10:21 - 01285126 _____ () C:\Windows\WindowsUpdate.log
2014-11-24 23:38 - 2013-06-25 23:04 - 00021249 _____ () C:\Windows\setupact.log
2014-11-24 23:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-24 20:15 - 2012-01-03 10:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-24 20:02 - 2012-02-04 17:52 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-24 20:02 - 2012-01-03 13:49 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Adobe
2014-11-24 19:58 - 2012-02-04 17:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-24 17:59 - 2013-07-15 23:35 - 00108472 _____ () C:\Windows\PFRO.log
2014-11-24 17:56 - 2012-01-31 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-24 15:31 - 2012-01-03 09:34 - 00000000 ____D () C:\Users\Daniel\AppData\Local\VirtualStore
2014-11-24 12:47 - 2012-01-31 10:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-24 12:44 - 2009-10-14 07:04 - 00000000 ____D () C:\Windows\Panther
2014-11-24 12:42 - 2012-01-31 10:11 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-24 12:42 - 2012-01-31 10:11 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-24 11:37 - 2014-05-06 09:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-24 11:37 - 2012-01-03 09:34 - 00000000 ____D () C:\Users\Daniel
2014-11-24 11:35 - 2014-01-27 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-24 11:35 - 2014-01-27 19:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-24 11:35 - 2013-03-27 11:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-24 11:35 - 2013-03-09 13:31 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\dvdcss
2014-11-24 11:35 - 2013-03-09 12:43 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc
2014-11-24 11:35 - 2013-03-08 20:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-11-24 11:35 - 2013-03-08 17:49 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Skype
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-24 11:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-24 11:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-13 10:07 - 2013-07-26 20:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-31 12:40 - 2013-03-17 11:04 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Spotify
2014-10-31 12:26 - 2013-03-17 11:05 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Spotify
2014-10-28 06:34 - 2009-10-14 06:13 - 00275080 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\FreemakeVideoConverter_4.1.1.0.exe
C:\Users\Daniel\AppData\Local\Temp\PCSChecker.exe
C:\Users\Daniel\AppData\Local\Temp\Second Life Setup.exe
C:\Users\Daniel\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-25 16:14
==================== End Of Log ============================
--- --- --- |
|
26.11.2014, 21:08
| #6 |
| /// the machine /// TB-Ausbilder | istart.webssearches bekämpfen! - Wie? > Log Java, Flash und Adobe updaten. Download Ordner auf D leeren. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\...\Policies\Explorer\Run: [64428] => c:\progra~3\dxoidaj.exe No File
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Bestehen noch Probleme mit dem System?
__________________ --> istart.webssearches bekämpfen! - Wie? > Log |
|
26.11.2014, 22:24
| #7 |
| | istart.webssearches bekämpfen! - Wie? > Log Hallo Schrauber!   Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-11-2014 01
Ran by HAL9000 at 2014-11-26 22:14:29 Run:1
Running from D:\
Loaded Profile: HAL9000 (Available profiles: HAL9000)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\...\Policies\Explorer\Run: [64428] => c:\progra~3\dxoidaj.exe No File
HKU\S-1-5-21-687046182-1720888418-2620476028-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\ => Value not found.
"HKU\S-1-5-21-687046182-1720888418-2620476028-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
EmptyTemp: => Removed 1.6 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
|
|
27.11.2014, 19:40
| #8 |
| /// the machine /// TB-Ausbilder | istart.webssearches bekämpfen! - Wie? > Log Is meine Frage damit insofern beantwortet das keine Probleme mehr bestehen?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.11.2014, 19:43
| #9 |
| | istart.webssearches bekämpfen! - Wie? > Log Ja, es sieht gut aus. Ich glaube wir sind fertig. Ich danke Dir wirklich sehr für deine schnelle Hilfe und wünsche Dir einen schönen Abend. |
|
28.11.2014, 17:47
| #10 |
| /// the machine /// TB-Ausbilder | istart.webssearches bekämpfen! - Wie? > Log Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
dann auf 
und dann auf 
. 
Linear-Darstellung
