|
Log-Analyse und Auswertung: Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.04.2015, 19:11 | #16 |
| Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert Hier 2 Screenshots; Microsoft-Dienste ausgeblendet |
14.04.2015, 07:11 | #17 |
/// the machine /// TB-Ausbilder | Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert Geh mal bitte auf den Reiter Systemstart, dort dann bitte einen Screenshot.
__________________
__________________ |
14.04.2015, 07:57 | #18 |
| Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert Ich hoffe, da ist jetzt das Richtige dabei ...
__________________ |
14.04.2015, 16:40 | #19 |
/// the machine /// TB-Ausbilder | Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert Ok, ich checks nicht woher die Einträge im Log dann kommen . Ist aber auch wurscht.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
14.04.2015, 17:02 | #20 |
| Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert Ich vermute, dass sind tatsächlich nur "Überbleibsel" in der Registry. Vielleicht waren die im Vorfeld mit Msconfig deaktiviert worden und anschließend hat AdwCleaner die Services dann gelöscht. Aber wie geht's jetzt weiter? Die FRST Logs waren ja immer noch nicht völlig sauber. Falls es Dir nichts ausmacht, gib mir ruhig mehrere Arbeitsschritte an die Hand, dann komme ich besser voran. Wäre nett. Gruß Riddle |
15.04.2015, 06:06 | #21 |
/// the machine /// TB-Ausbilder | Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-285109389-3928928740-2186509083-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION FF DefaultSearchEngine: DuckDuckGo FF Homepage: https://www.startpage.com RemoveProxy: Emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Frisches FRST log bitte, dann sollten wir durch sein
__________________ --> Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert |
15.04.2015, 08:44 | #22 |
| Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert Hier die beiden Logs. Auch AVG ließ sich endlich problemlos installieren. Scheint alles wieder ok. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-04-2015 Ran by ACER at 2015-04-15 08:52:50 Run:3 Running from C:\Users\ACER\Desktop Loaded Profiles: ACER (Available profiles: ACER) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-285109389-3928928740-2186509083-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION FF DefaultSearchEngine: DuckDuckGo FF Homepage: https://www.startpage.com RemoveProxy: Emptytemp: ***************** "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-285109389-3928928740-2186509083-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. Firefox DefaultSearchEngine deleted successfully. Firefox homepage deleted successfully. ========= RemoveProxy: ========= HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully. HKU\S-1-5-21-285109389-3928928740-2186509083-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully. HKU\S-1-5-21-285109389-3928928740-2186509083-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully. ========= End of RemoveProxy: ========= EmptyTemp: => Removed 400.4 MB temporary data. The system needed a reboot. ==== End of Fixlog 08:54:12 ==== FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2015 Ran by ACER (administrator) on ACERPC on 15-04-2015 08:59:31 Running from C:\Users\ACER\Desktop Loaded Profiles: ACER (Available profiles: ACER) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.195.3163.0.exe (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare) HKU\S-1-5-21-285109389-3928928740-2186509083-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [429792 2013-04-11] (AppEx Networks Corporation) HKU\S-1-5-21-285109389-3928928740-2186509083-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKU\S-1-5-21-285109389-3928928740-2186509083-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://webmailer.1und1.de/;jsessionid=F5A3C1717E85CA067EEE8F0E32334521.TCpfix220a HKU\S-1-5-21-285109389-3928928740-2186509083-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie SearchScopes: HKU\S-1-5-21-285109389-3928928740-2186509083-1001 -> DefaultScope {96CDA478-1897-4269-AD80-9D87EC5DB261} URL = https://duckduckgo.com/?q={searchTerms} SearchScopes: HKU\S-1-5-21-285109389-3928928740-2186509083-1001 -> {5649E217-8764-48F7-A498-BBC2C0C9D66F} URL = SearchScopes: HKU\S-1-5-21-285109389-3928928740-2186509083-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-285109389-3928928740-2186509083-1001 -> {96CDA478-1897-4269-AD80-9D87EC5DB261} URL = https://duckduckgo.com/?q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-05-23] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-05-23] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\14tvoldw.default-1420498969585 FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-05-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-05-23] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-285109389-3928928740-2186509083-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Extension: 1&1 MailCheck - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\14tvoldw.default-1420498969585\Extensions\toolbar@1und1.de [2015-02-26] Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Profile: C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-17] CHR Extension: (Google Docs) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-17] CHR Extension: (Google Drive) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-17] CHR Extension: (YouTube) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-17] CHR Extension: (Google Search) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-17] CHR Extension: (Google Sheets) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-17] CHR Extension: (Avira Browser Safety) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-17] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17] CHR Extension: (Google Wallet) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-17] CHR Extension: (Gmail) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-17] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-285109389-3928928740-2186509083-1001) OperaMail - "C:\Users\ACER\AppData\Local\Opera Mail\OperaMail.exe" ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed] S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed] S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate) S2 MBAMService; C:\Program Files (x86)\Wartung\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate) R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2015-02-26] () R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-15 08:52 - 2015-04-15 08:52 - 00000000 ____D () C:\Users\ACER\Desktop\FRST-OlderVersion 2015-04-12 16:57 - 2015-04-12 16:59 - 05344528 _____ (Piriform Ltd) C:\Users\ACER\Downloads\ccsetup504.exe 2015-04-12 16:28 - 2015-04-12 16:28 - 01891480 _____ ( ) C:\Users\ACER\Downloads\AVG_ResetAccess.exe 2015-04-11 21:40 - 2015-04-11 21:37 - 02701841 _____ () C:\Users\ACER\Desktop\CBS.log 2015-04-11 20:20 - 2015-04-11 20:20 - 00000000 ____D () C:\Users\ACER\Downloads\tweaking.com_windows_repair_aio 2015-04-11 20:16 - 2015-04-11 20:17 - 10661081 _____ () C:\Users\ACER\Downloads\tweaking.com_windows_repair_aio.zip 2015-04-11 12:47 - 2015-04-11 12:48 - 01565744 _____ () C:\Users\ACER\Downloads\AVG_Remover_en.exe 2015-04-11 12:45 - 2015-04-11 12:45 - 00084759 _____ () C:\Users\ACER\Desktop\AVGInstLog.cab 2015-04-11 12:29 - 2015-04-12 09:28 - 00000000 ____D () C:\ProgramData\MFAData 2015-04-11 12:29 - 2015-04-11 12:29 - 00000000 ____D () C:\Users\ACER\AppData\Local\MFAData 2015-04-11 12:29 - 2015-04-11 12:29 - 00000000 ____D () C:\Users\ACER\AppData\Local\Avg2015 2015-04-11 12:25 - 2015-04-12 09:15 - 00098232 _____ () C:\Windows\PFRO.log 2015-04-11 12:23 - 2015-04-11 12:25 - 00471572 _____ () C:\Users\ACER\Desktop\avgremover.log 2015-04-11 12:05 - 2015-04-11 12:18 - 183952072 _____ (AVG Technologies) C:\Users\ACER\Downloads\avg_free_x64_all_2015_ltst_221_5863.exe 2015-04-11 12:03 - 2015-04-11 12:03 - 03691688 _____ () C:\Users\ACER\Downloads\AVG_Remover_2015.zip 2015-04-10 18:46 - 2015-04-14 12:13 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-285109389-3928928740-2186509083-1001 2015-04-10 18:41 - 2015-04-10 18:41 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-04-10 18:41 - 2015-04-10 18:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-04-10 16:51 - 2015-04-10 16:51 - 00002794 _____ () C:\Users\ACER\Desktop\FSS.txt 2015-04-10 16:51 - 2015-04-10 16:49 - 00415232 _____ (Farbar) C:\Users\ACER\Desktop\FSS.exe 2015-04-10 15:56 - 2015-04-10 15:56 - 00006858 _____ () C:\Users\ACER\Desktop\HitmanPro_20150410_1556.log 2015-04-10 15:48 - 2015-04-10 16:04 - 00000000 ____D () C:\ProgramData\HitmanPro 2015-04-10 15:48 - 2015-04-10 15:48 - 00000000 ____D () C:\Program Files\HitmanPro 2015-04-10 14:13 - 2015-04-11 11:34 - 00000031 _____ () C:\Users\ACER\Desktop\Neues Textdokument.txt 2015-04-10 12:07 - 2015-04-15 08:55 - 00002187 _____ () C:\Windows\setupact.log 2015-04-10 12:07 - 2015-04-10 12:07 - 00000000 _____ () C:\Windows\setuperr.log 2015-04-10 11:17 - 2015-04-15 08:57 - 01347419 _____ () C:\Windows\WindowsUpdate.log 2015-04-09 20:35 - 2015-04-09 20:35 - 00001454 _____ () C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-04-09 19:59 - 2015-04-12 11:31 - 00029678 _____ () C:\Users\ACER\Desktop\Addition.txt 2015-04-09 19:28 - 2015-04-09 19:28 - 00001002 _____ () C:\Users\ACER\Desktop\JRT.txt 2015-04-09 19:26 - 2015-04-09 19:26 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ACERPC-Windows-8.1-(64-bit).dat 2015-04-09 19:26 - 2015-04-09 19:26 - 00000000 ____D () C:\RegBackup 2015-04-09 19:20 - 2015-04-09 19:20 - 00010195 _____ () C:\Users\ACER\Desktop\mbam2.txt 2015-04-09 18:32 - 2015-04-09 18:32 - 00000713 _____ () C:\Users\ACER\Desktop\AdwCleaner - Verknüpfung.lnk 2015-04-09 18:24 - 2015-04-09 18:21 - 02686959 _____ (Thisisu) C:\Users\ACER\Desktop\JRT.exe 2015-04-09 18:24 - 2015-04-09 18:20 - 11028616 _____ (SurfRight B.V.) C:\Users\ACER\Desktop\HitmanPro_x64.exe 2015-04-09 18:24 - 2015-04-09 18:19 - 00165376 _____ () C:\Users\ACER\Desktop\SystemLook_x64.exe 2015-04-09 18:24 - 2015-04-09 18:14 - 00852607 _____ () C:\Users\ACER\Desktop\SecurityCheck.exe 2015-04-09 18:24 - 2015-04-09 18:10 - 02217984 _____ () C:\Users\ACER\Desktop\AdwCleaner_4.201.exe 2015-04-09 17:35 - 2015-04-09 17:37 - 00041142 _____ () C:\Users\ACER\Desktop\Addition1 (1).txt 2015-04-09 17:33 - 2015-04-15 08:59 - 00015843 _____ () C:\Users\ACER\Desktop\FRST.txt 2015-04-09 17:33 - 2015-04-15 08:59 - 00000000 ____D () C:\FRST 2015-04-09 17:33 - 2015-04-09 17:37 - 00068714 _____ () C:\Users\ACER\Desktop\Addition1 (2).txt 2015-04-09 17:32 - 2015-04-15 08:52 - 02096640 _____ (Farbar) C:\Users\ACER\Desktop\FRST64.exe 2015-04-09 17:21 - 2015-04-09 17:21 - 00447066 _____ () C:\Users\ACER\Desktop\mbam1.txt 2015-04-09 16:35 - 2015-04-09 16:35 - 00001244 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-04-09 16:35 - 2015-04-09 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-04-09 16:35 - 2015-04-09 16:35 - 00000000 ____D () C:\Program Files (x86)\Wartung 2015-04-09 16:32 - 2015-04-09 16:34 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\ACER\Downloads\mbam-setup-2.1.4.1018.exe 2015-04-07 19:21 - 2015-04-07 19:21 - 00003758 _____ () C:\Windows\System32\Tasks\RunTool 2015-04-07 19:20 - 2015-04-07 19:20 - 00000000 ____D () C:\Users\ACER\AppData\Local\febd4d65-44d5-43c3-99cd-f86769a9229e 2015-04-07 17:57 - 2015-04-07 17:59 - 00000000 ___SD () C:\Windows\system32\GWX 2015-04-07 17:57 - 2015-04-07 17:57 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-03-30 19:17 - 2015-04-09 20:09 - 00000000 ____D () C:\Users\ACER\Downloads\1&1 Internet AG - DSL, Hosting, Mobile Internet, Domain, Server_files 2015-03-30 19:17 - 2015-03-30 19:17 - 00026068 _____ () C:\Users\ACER\Downloads\1&1 Internet AG - DSL, Hosting, Mobile Internet, Domain, Server.html 2015-03-25 23:55 - 2015-03-11 04:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-03-25 23:55 - 2015-03-11 00:08 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-03-25 23:55 - 2015-03-11 00:08 - 00943104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-03-25 23:55 - 2015-03-11 00:08 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-03-25 23:55 - 2015-03-11 00:08 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-03-25 23:55 - 2015-03-11 00:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-03-25 23:55 - 2015-03-11 00:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-03-25 00:59 - 2015-03-25 00:59 - 00001284 _____ () C:\Users\ACER\Desktop\Revo Uninstaller.lnk 2015-03-25 00:58 - 2015-03-25 00:58 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ACER\Downloads\revosetup95.exe 2015-03-19 23:40 - 2015-03-12 12:59 - 00373864 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll 2015-03-19 23:40 - 2015-03-12 12:58 - 00326288 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll 2015-03-18 23:25 - 2015-03-18 23:25 - 00000000 ____D () C:\49ccf6f8-46c9-4f2f-b88e-36981013ca66 2015-03-17 13:30 - 2015-03-17 14:19 - 00000000 ____D () C:\Users\ACER\AppData\Roaming\Steganos 2015-03-17 13:30 - 2015-03-17 13:43 - 00000000 ____D () C:\Users\ACER\AppData\Roaming\Steganos VPN 2015-03-17 13:21 - 2015-03-17 13:21 - 00003144 _____ () C:\Windows\System32\Tasks\{D5B9B7D5-8BC2-45BD-A89D-16B2BF06CECB} 2015-03-17 00:46 - 2015-03-17 00:46 - 00613255 _____ (CMI Limited) C:\Users\ACER\AppData\Local\nswC163.tmp 2015-03-17 00:26 - 2015-03-17 00:26 - 00000000 ____D () C:\Users\ACER\Documents\StreamTransport 2015-03-17 00:08 - 2015-03-17 00:08 - 00001038 _____ () C:\Users\Public\Desktop\PDF-Viewer.lnk 2015-03-17 00:08 - 2015-03-17 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer 2015-03-17 00:07 - 2015-03-17 00:08 - 00000000 ____D () C:\Program Files\Tracker Software ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-15 09:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru 2015-04-15 08:59 - 2013-12-19 19:56 - 00660862 _____ () C:\Windows\system32\perfh007.dat 2015-04-15 08:59 - 2013-12-19 19:56 - 00134562 _____ () C:\Windows\system32\perfc007.dat 2015-04-15 08:59 - 2013-09-06 09:08 - 01561384 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-15 08:58 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp 2015-04-15 08:56 - 2014-08-14 19:23 - 00000000 ____D () C:\Users\ACER\AppData\Roaming\Skype 2015-04-15 08:55 - 2014-11-19 12:34 - 00000000 __RDO () C:\Users\ACER\OneDrive 2015-04-15 08:55 - 2014-05-20 23:17 - 00205312 ___SH () C:\Users\ACER\Desktop\Thumbs.db 2015-04-15 08:55 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-15 08:54 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI 2015-04-15 08:52 - 2014-02-15 21:41 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{24C2E650-C124-4299-A085-B8D56F0EF902} 2015-04-14 18:03 - 2013-12-19 11:25 - 00065536 _____ () C:\Windows\system32\spu_storage.bin 2015-04-14 11:41 - 2014-07-26 19:21 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-13 20:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache 2015-04-12 16:59 - 2014-07-03 14:53 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-04-12 16:59 - 2014-07-03 14:52 - 00000000 ____D () C:\Program Files\CCleaner 2015-04-12 09:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-04-12 09:15 - 2013-08-22 16:44 - 00365096 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-04-11 22:10 - 2013-08-22 15:25 - 00000160 _____ () C:\Windows\win.ini 2015-04-11 20:25 - 2014-08-14 15:07 - 00000000 ____D () C:\Windows\pss 2015-04-11 12:32 - 2014-09-24 13:07 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-04-11 12:22 - 2014-09-09 17:11 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ACER\Desktop\avg_remover_stf_x64_2015_5501.exe 2015-04-10 18:41 - 2015-03-06 18:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-04-10 15:15 - 2014-09-09 20:31 - 00000000 ____D () C:\AdwCleaner 2015-04-10 14:34 - 2014-11-25 22:59 - 00215040 ___SH () C:\Users\ACER\Downloads\Thumbs.db 2015-04-09 21:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF 2015-04-09 21:24 - 2014-04-15 19:52 - 00000000 ____D () C:\Users\ACER\AppData\Local\CrashDumps 2015-04-09 18:34 - 2014-08-14 13:33 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-04-09 18:28 - 2014-02-15 04:01 - 00000000 ____D () C:\Users\ACER 2015-03-26 23:08 - 2014-12-13 01:03 - 00000000 ____D () C:\Windows\system32\appraiser 2015-03-26 23:08 - 2014-07-10 22:32 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-03-26 00:00 - 2014-05-02 22:32 - 00000000 ____D () C:\Users\ACER\AppData\Roaming\vlc 2015-03-21 19:34 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep 2015-03-21 19:34 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing 2015-03-21 19:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration 2015-03-21 19:22 - 2014-05-02 23:19 - 00000000 ____D () C:\Users\ACER\AppData\Local\Google 2015-03-20 01:01 - 2014-07-10 21:00 - 00000000 ____D () C:\Users\ACER\AppData\Local\Adobe 2015-03-18 01:26 - 2014-05-13 18:09 - 00000000 ____D () C:\Program Files\Recuva 2015-03-17 06:15 - 2014-08-14 13:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-17 06:15 - 2014-08-14 13:33 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-17 06:15 - 2014-08-14 13:33 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-17 00:54 - 2014-05-02 23:19 - 00000000 ____D () C:\Program Files (x86)\Google 2015-03-16 01:00 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData 2015-03-16 01:00 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-16 01:00 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-16 01:00 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-16 01:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore 2015-03-16 01:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-03-16 01:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender ==================== Files in the root of some directories ======= 2014-08-06 16:51 - 2014-08-12 11:40 - 0016958 _____ () C:\Users\ACER\AppData\Local\gem.ico 2014-08-06 16:51 - 2014-08-12 11:40 - 0127112 _____ () C:\Users\ACER\AppData\Local\mybet.ico 2014-08-12 13:34 - 2014-08-12 13:34 - 0575544 _____ (ClickMeIn Limited) C:\Users\ACER\AppData\Local\nsgAB37.tmp 2015-03-17 00:46 - 2015-03-17 00:46 - 0613255 _____ (CMI Limited) C:\Users\ACER\AppData\Local\nswC163.tmp 2014-08-10 23:02 - 2014-08-10 23:02 - 0000932 _____ () C:\Users\ACER\AppData\Local\recently-used.xbel 2014-04-05 16:34 - 2014-04-05 16:34 - 0000017 _____ () C:\Users\ACER\AppData\Local\resmon.resmoncfg 2013-12-19 11:30 - 2013-12-19 11:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-09 17:41 ==================== End Of Log ============================ |
15.04.2015, 15:55 | #23 |
/// the machine /// TB-Ausbilder | Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiertCleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde: Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung: Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
15.04.2015, 16:44 | #24 |
| Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert Dann zum wiederholten Mal Danke für alles ... Deine Arbeit und die des gesamten Teams kann man gar nicht genug würdigen. Wünsche noch einen schönen, sonnigen Tag und verabschiede mich bis zum nächsten Mal. Hoffentlich nicht so bald ... Gruß Riddle |
16.04.2015, 06:45 | #25 |
/// the machine /// TB-Ausbilder | Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Win 8.1: Crossbrowse, massenhaft Werbung, durch Gruppenrichtlinien blockiert |
askbar, avg problem, bobyzoom, crossbrowse, defender inaktiv, extensioninstallforcelist, installmanager.exe, launch, optimizer pro, tracker, web companion, windowsapps |