Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Websites not loading. Slow boot-up [Solved]


  • This topic is locked This topic is locked

#1
lmartinez

lmartinez

    New Member

  • Member
  • Pip
  • 9 posts

Hello,

 

my computer, a Lenovo G700 running Windows 7, has been very slow in recent weeks and is getting worse. Boot up time is quite slow and websites are not loading properly. I have run Super Anti Spyware and Malwarebytes but nothing has improved. Any help is much appreciated!

 

Thank you in advance


  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -


  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-



All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-


 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

Let's get started with some logs.

 

Fresh Set of Logs Needed
Let's begin. Please follow the steps below.
 
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
    Only one of them will run on your system, that will be the right version.
2. Right click on the file and select Run as administrator (If you don't have this option simply double-click the file to open). When the tool opens click Yes to disclaimer.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should be the desktop)
5. Please copy and paste log back here.
6. The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also paste that along with the FRST.txt into your reply.
     Note: Please do not attach any logs unless specifically requested. It's easier if you simply copy and paste them into your reply. It's OK if you have to use more than one post to do so.


  • 0

#3
lmartinez

lmartinez

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Thank you for your quick response! Below are the two requested logs.

 

Addition:

 

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-12-2015
durchgeführt von Lena Pra (2015-12-16 10:28:48)
Gestartet von C:\Users\Lena Pra\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-02-06 10:10:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2819346672-853151906-811778091-500 - Administrator - Disabled)
Gast (S-1-5-21-2819346672-853151906-811778091-501 - Limited - Disabled)
Lena Pra (S-1-5-21-2819346672-853151906-811778091-1000 - Administrator - Enabled) => C:\Users\Lena Pra

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{C538010A-17CD-461C-B198-E6E3499E4154}) (Version: 20.3.45.53553 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.3.45.53553 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.22.1.40089 - AVG Technologies)
AVG (Version: 16.12.7303 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7303 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.3.128 - AVG Technologies)
AVG Zen (Version: 1.22.1 - AVG Technologies) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bullzip PDF Printer 10.4.0.2240 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.4.0.2240 - Bullzip)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
DriverAgent by eSupport.com (HKLM-x32\...\DriverAgent_is1) (Version:  - Copyright © 2013 eSupport.com, Inc • All Rights Reserved)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.4 - Lenovo)
Energy Management (x32 Version: 6.0.2.4 - Lenovo) Hidden
EnergyCut (HKLM-x32\...\{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}) (Version: 1.00 - Lenovo)
FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager_is1) (Version:  - TCT Mobile Limited)
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10253 - Realtek Semiconductor Corp.)
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
posterXXL Designer 5.3 (HKLM-x32\...\posterXXL Designer_is1) (Version:  - )
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.15 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14.03.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.29.00(26.03.2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.12 (15.04.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
UnJPEG 1.5 (HKLM-x32\...\UnJPEG_is1) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8050 - Broadcom Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (01/28/2011 6.1.0.1) (HKLM\...\EB9B45DC947C2D941CA61B992509A71D738AE888) (Version: 01/28/2011 6.1.0.1 - Lenovo)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

06-12-2015 14:39:33 Geplanter Prüfpunkt
08-12-2015 18:54:52 Installed AVG 2016
08-12-2015 18:55:56 Installed AVG
11-12-2015 09:32:52 Windows Update
12-12-2015 12:15:43 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {4EFF6C01-C93F-4657-A0AB-2D3011385176} - System32\Tasks\{A194828C-4D0E-45B0-A26E-9A09396D8C76} => pcalua.exe -a "C:\drivers\WLAN Driver (Broadcom, Qualcomm)\Setup.exe" -d "C:\drivers\WLAN Driver (Broadcom, Qualcomm)"
Task: {7F97F0FB-668D-4E5E-9990-1B254CA66525} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {9DAA4F66-B2FC-4A4A-B9CB-54BA7654DEEE} - System32\Tasks\{C0BC9234-B6F1-4C4A-A999-5F3D15A1495E} => pcalua.exe -a "C:\Users\Lena Pra\Desktop\WLAN_Broadcom_6.30.223.181_W81x64\WLAN\IS.exe" -d "C:\Users\Lena Pra\Desktop\WLAN_Broadcom_6.30.223.181_W81x64\WLAN"
Task: {9F3AF780-0CDC-42BB-820B-5FF850E52F14} - System32\Tasks\{4E58F9EE-1311-4F1D-83BC-9812A26DBED6} => pcalua.exe -a "C:\drivers\WLAN and Bluetooth Driver (Broadcom, Qualcomm)\Setup.exe" -d "C:\drivers\WLAN and Bluetooth Driver (Broadcom, Qualcomm)"
Task: {AAB5D635-0A91-42A9-8105-59F1DD47D0AF} - System32\Tasks\TunnelBear => C:\Program Files (x86)\TunnelBear\TBear.Client.exe
Task: {BD729546-3863-4BA6-8358-85B75D56CCC0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {D0332663-B442-44C4-BD23-8CF78948125D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-10] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-10 09:10 - 2015-12-11 10:32 - 01164688 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-01-23 18:36 - 2013-05-29 13:01 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-10 14:02 - 2013-10-10 14:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-12-03 19:55 - 2013-01-11 14:27 - 00051576 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 03:20 - 2014-02-06 17:38 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2015-12-11 10:32 - 2015-12-11 10:32 - 00192912 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\loggingserver.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-12-03 19:55 - 2013-01-11 15:00 - 00114040 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe
2014-12-06 09:54 - 2015-12-11 10:32 - 02811792 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-12-11 10:32 - 2015-12-11 10:32 - 00533904 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\log4cplusU.dll
2014-02-06 15:25 - 2007-04-13 20:18 - 00057344 _____ () C:\Program Files (x86)\Lenovo\EnergyCut\kbdhook.dll
2014-02-06 15:25 - 2005-06-24 19:05 - 00045056 _____ () C:\Program Files (x86)\Lenovo\EnergyCut\HookLib.dll
2015-12-08 18:52 - 2015-12-08 18:52 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2012-09-23 19:43 - 2012-09-23 19:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2013-12-21 07:04 - 2013-12-21 07:04 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2819346672-853151906-811778091-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lena Pra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{81003C78-6166-4A16-A2A4-E128CF8FC4BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{59CC6AC2-585E-4263-BD80-87B3164EF914}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{D8DC3A98-3A99-47FC-97D4-C3909B00210D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B281B689-EC1E-48B5-AE77-5F73BCEA871D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{57294BC2-DB15-46EF-808F-DE074CAE6A35}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C81716E1-7087-451A-814A-44CA02527A1D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7D590ABE-AF0D-45DA-8CB4-15C3FF2113F5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BDF12685-08F7-427D-A249-BE445B9F5E14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C0D110BE-0B5B-4B67-8EAC-8165DABC5A71}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BB9D11E0-72B7-48E6-9D9C-7AF37CAC0C90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06CCCF0A-4624-48C3-ACA3-03F140367E58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{42966517-9181-469B-8C39-7F953AA5F15B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5EADCB4B-E9BD-4246-AD9C-424FCFAE144B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{8BCA98B9-38D6-45BE-9541-E2AF4C5D4A08}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{8FAE7E37-578E-4FE7-856C-BC67E1F29254}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{F8602917-51EA-42D3-9736-9105FB3C4382}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{317700AE-CFCE-411C-8AD2-F919453F2968}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4B57C261-5D2B-4813-8734-2867FA051D14}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{F0DBA4A4-675B-49FF-B95B-8178FC628399}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{DBFF6DD0-4D21-4D90-9CD9-BED6463B1468}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C7022A12-7997-4036-AFB1-A61BD4147AB6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A0033236-BF0D-45FE-81E9-F15163FB6BF3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{27538035-916D-4020-AC35-302F4346BE71}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{98D7FEA6-F99A-4835-A00E-D2F079784356}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{7ACCF245-32A2-4C30-B9E5-ADC3F22A5FB6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{D7FBA07C-5EA4-4BF7-B0F0-BD202DF24CA6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{0D65F914-AB08-486E-97E4-B93DBD175713}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{3B42D843-113C-41F4-9FE2-7C2B30AF6E8C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{9C4E68B7-ECA0-44DF-BF49-12CD1BABC562}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{BF7F4E1D-5E48-44C9-B821-AA65B4CC9E15}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{F0DFC8DB-AC55-45D5-A477-011E482DB1E4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2DE2F3E8-3333-4470-86CF-36C0FAB4AD71}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{06AE2517-EC12-4DB7-ADF7-F285AA2D65B1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{97C0DE42-DB78-4B12-B73F-D66615EA06CF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{479C2D9E-2C05-4541-A810-069EDEC2BD2A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{3AD1527C-6C2C-4DC6-BF8B-340917445E58}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{04734553-3FB9-4C66-BFAF-99020B5ED481}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{D101E40B-A334-4962-A28A-D0A89828E67D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{BA54FD07-6B78-4B16-92BA-7225C24A399E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [TCP Query User{71E59CE7-13BE-42A6-AF41-249C33E2614A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D4C9AA15-06C2-4EA1-AE57-5D2C041EE67B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{43072359-9DF4-4D84-B4B4-00B08D15C5F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{452E8B8E-84FF-4F6C-B776-7595556EFF31}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C913CCAB-1F8C-4369-AA7D-426C7621C2DD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{97049270-09E8-40D6-8399-3228516449D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C0056D48-F056-4FD2-9C6D-5E9120236F07}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{84CAEEA3-2EE6-4260-8F12-426C7C5FF229}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B17BD80-7A4E-421C-BC04-5AA876DA31CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{25FF24D1-6490-4911-989C-CE5CAD3D6421}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{9421AF53-BB9D-4EF5-BE6A-61232A205C70}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{43E035C4-DFCB-4953-9FD3-9A30770FC922}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{A7DB65EA-5211-4CEA-A414-18EE7D34F20C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{8F515FC0-14B5-404B-A0D7-F99E1F7516A1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{A80809C9-871B-4DA4-9708-6B72BAF15DC2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{2301B0D5-D8F8-4D2A-A501-1FDA57647166}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{8AACE800-6E77-4BD7-804E-20A52AA6B95C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth L2CAP Interface
Description: Bluetooth L2CAP Interface
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwl2cap
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: Bluetooth Remote Control
Description: Bluetooth Remote Control
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Broadcom
Service: btwrchid
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/16/2015 05:32:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15600

Error: (12/16/2015 05:32:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15600

Error: (12/16/2015 05:32:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/15/2015 11:31:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6178

Error: (12/15/2015 11:31:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6178

Error: (12/15/2015 11:31:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/15/2015 11:31:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5164

Error: (12/15/2015 11:31:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5164

Error: (12/15/2015 11:31:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/15/2015 11:31:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4150


Systemfehler:
=============
Error: (12/16/2015 10:30:18 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/16/2015 10:30:11 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/16/2015 10:30:04 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/16/2015 10:29:57 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/16/2015 10:29:50 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/16/2015 10:29:43 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/16/2015 10:29:35 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/16/2015 10:29:28 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/16/2015 10:29:14 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/16/2015 09:08:54 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.


==================== Speicherinformationen ===========================

Prozessor: Intel® Pentium® CPU 2020M @ 2.40GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 3975.36 MB
Verfügbarer physikalischer RAM: 1528.81 MB
Summe virtueller Speicher: 7948.92 MB
Verfügbarer virtueller Speicher: 4814.4 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:73.96 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=149 GB) - (Type=06)

==================== Ende von Addition.txt ============================

 

 

 

 

 

 

FRST:

 

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-12-2015
durchgeführt von Lena Pra (Administrator) auf LENAPRA-PC (16-12-2015 10:28:01)
Gestartet von C:\Users\Lena Pra\Desktop
Geladene Profile: Lena Pra (Verfügbare Profile: Lena Pra)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\ToolbarUpdater.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\loggingserver.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9770432 2014-02-06] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5940128 2014-02-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2013-12-10] (Realtek semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-12-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [T-Mobile ModemListener] => C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe [114040 2013-01-11] ()
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2811792 2015-12-11] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-12] (SUPERAntiSpyware)
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Lena Pra\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511 /CMPID=0214c
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-2819346672-853151906-811778091-1000\...\MountPoints2: {576ed16f-7937-11e4-b017-8056f2e86b78} - F:\Autorun.exe
HKU\S-1-5-21-2819346672-853151906-811778091-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-02-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{43FFFB05-1ABD-4A2B-ADB4-6AE78826F132}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{898C0107-D2DD-4A28-80FD-BBBD89BFD830}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AAF313E0-C192-45F8-9E15-08F78EBBF4A9}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{F6E5E89E-4568-471A-8DD3-EE3723EBAE45}: [DhcpNameServer] 10.74.210.210 10.74.210.211

Internet Explorer:
==================
HKU\S-1-5-21-2819346672-853151906-811778091-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={53DF037D-C749-4EE2-85A0-AEF794625185}&mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-12-06 09:55:08&v=4.1.0.411&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2819346672-853151906-811778091-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2819346672-853151906-811778091-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={53DF037D-C749-4EE2-85A0-AEF794625185}&mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-12-06 09:55:08&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.3.128\AVG Web TuneUp.dll [2015-12-11] (AVG)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-02-02] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default
FF Homepage: hxxps://mysearch.avg.com?cid={53DF037D-C749-4EE2-85A0-AEF794625185}&mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-12-06 09:55:08&v=4.0.0.19&pid=wtu&sg=&sap=hp
FF NetworkProxy: "autoconfig_url", "data:text/javascript,%2F*ZenMate*%2F%0Afunction%20FindProxyForURL(url%2C%20host)%20%7B%0A%0A%20%20var%20e%20%3D%20%7B%20data%3A%20%7B%22localDomains%22%3A%5B%22zenguard.biz%22%2C%22local%22%2C%22dev%22%2C%22ip%22%2C%22box%22%2C%22lvh.me%22%2C%22ripe%22%2C%22invalid%22%2C%22intra%22%2C%22intranet%22%2C%22onion%22%2C%22vcap.me%22%2C%22zeus.pm%22%2C%22127.0.0.1.xip.io%22%2C%22smackaho.st%22%2C%22localtest.me%22%2C%22site%22%2C%22about%3Aaddons%22%2C%22about%3Anewtab%22%2C%22about%3Apreferences%22%2C%22about%3Aconfig%22%5D%2C%22nodeOverrides%22%3A%5B%7B%22target_cc%22%3A%22US%22%2C%22hosts%22%3A%5B%22hulu.com%22%5D%2C%22premium_only%22%3Atrue%2C%22nodes%22%3A%22US-ALT1%22%7D%2C%7B%22target_cc%22%3A%22UW%22%2C%22hosts%22%3A%5B%22hulu.com%22%5D%2C%22premium_only%22%3Atrue%2C%22nodes%22%3A%22US-ALT1%22%7D%5D%2C%22IPv4NotationRE%22%3A%7B%7D%2C%22localIPsRE%22%3A%7B%7D%7D%2CnodeLookup%3A%20function%20(nodeDict%2C%20cc)%20%7B%0A%20%20%20%20%20%20return%20nodeDict%5Bcc%5D%20%7C%7C%20false%3B%0A%20%20%20%20%7D%2CcompareHosts%3A%20function%20(hosts%2C%20host)%20%7B%0A%20%20%20%20%20%20var%20h%2C%20j%2C%20len%3B%0A%20%20%20%20%20%20for%20(j%20%3D%200%2C%20len%20%3D%20hosts.length%3B%20j%20%3C%20len%3B%20j%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20h%20%3D%20hosts%5Bj%5D%3B%0A%20%20%20%20%20%20%20%20if%20(this.matchWildcardDomain(host%2C%20h))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20h%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%2CcompareURLs%3A%20function%20(patterns%2C%20url)%20%7B%0A%20%20%20%20%20%20var%20j%2C%20len%2C%20p%3B%0A%20%20%20%20%20%20for%20(j%20%3D%200%2C%20len%20%3D%20patterns.length%3B%20j%20%3C%20len%3B%20j%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20p%20%3D%20patterns%5Bj%5D%3B%0A%20%20%20%20%20%20%20%20if%20(p.test(url))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20p%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%2CdnsDomainIs%3A%20function%20(host%2C%20pattern)%20%7B%0A%20%20%20%20%20%20return%20host.length%20%3E%3D%20pattern.length%20%26%26%20host.substring(host.length%20-%20pattern.length)%20%3D%3D%3D%20pattern%3B%0A%20%20%20%20%7D%2CmatchWildcardDomain%3A%20function%20(host%2C%20domain)%20%7B%0A%20%20%20%20%20%20var%20exactMatch%2C%20hasSubdomain%2C%20tldMatch%3B%0A%20%20%20%20%20%20exactMatch%20%3D%20host%20%3D%3D%3D%20domain%3B%0A%20%20%20%20%20%20tldMatch%20%3D%20host.slice(-domain.length)%20%3D%3D%3D%20domain%3B%0A%20%20%20%20%20%20hasSubdomain%20%3D%20host%5Bhost.lastIndexOf(domain)%20-%201%5D%20%3D%3D%3D%20'.'%3B%0A%20%20%20%20%20%20return%20exactMatch%20%7C%7C%20(tldMatch%20%26%26%20hasSubdomain)%3B%0A%20%20%20%20%7D%2CmatchNodeOverride%3A%20function%20(host%2C%20cc)%20%7B%0A%20%20%20%20%20%20var%20o%2C%20ref%2C%20result%3B%0A%20%20%20%20%20%20result%20%3D%20(function()%20%7B%0A%20%20%20%20%20%20%20%20var%20j%2C%20len%2C%20ref%2C%20results%3B%0A%20%20%20%20%20%20%20%20ref%20%3D%20this.data.nodeOverrides%3B%0A%20%20%20%20%20%20%20%20results%20%3D%20%5B%5D%3B%0A%20%20%20%20%20%20%20%20for%20(j%20%3D%200%2C%20len%20%3D%20ref.length%3B%20j%20%3C%20len%3B%20j%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20%20%20o%20%3D%20ref%5Bj%5D%3B%0A%20%20%20%20%20%20%20%20%20%20if%20(o.target_cc%20%3D%3D%3D%20cc%20%26%26%20this.compareHosts(o.hosts%2C%20host))%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20results.push(o)%3B%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20return%20results%3B%0A%20%20%20%20%20%20%7D).call(this)%3B%0A%20%20%20%20%20%20return%20(result%20!%3D%20null%20%3F%20(ref%20%3D%20result%5B0%5D)%20!%3D%20null%20%3F%20ref.nodes%20%3A%20void%200%20%3A%20void%200)%20%7C%7C%20false%3B%0A%20%20%20%20%7D%2CmatchRules%3A%20function%20(rules%2C%20host%2C%20url)%20%7B%0A%20%20%20%20%20%20var%20i%2C%20j%2C%20len%2C%20rule%3B%0A%20%20%20%20%20%20if%20(!((rules%20!%3D%20null%20%3F%20rules.length%20%3A%20void%200)%20%3E%200))%20%7B%0A%20%20%20%20%20%20%20%20return%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20if%20(this.data.rulesWithOverrides%20%3D%3D%20null)%20%7B%0A%20%20%20%20%20%20%20%20rules%20%3D%20mergeRuleOverrides(rules%2C%20config.ruleOverrides)%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20for%20(i%20%3D%20j%20%3D%200%2C%20len%20%3D%20rules.length%3B%20j%20%3C%20len%3B%20i%20%3D%20%2B%2Bj)%20%7B%0A%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20if%20(this.matchWildcardDomain(host%2C%20rule.domain)%20%7C%7C%20((rule.hosts%20!%3D%20null)%20%26%26%20this.compareHosts(rule.hosts%2C%20host)))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20i%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%2C_getProxyState%3A%20function%20(url%2C%20host%2C%20rules)%20%7B%0A%20%20%20%20%20%20var%20j%2C%20len%2C%20local%2C%20match%2C%20ref%3B%0A%20%20%20%20%20%20url%20%3D%20url.toLowerCase()%3B%0A%20%20%20%20%20%20if%20(!~host.indexOf('.')%20%26%26%20!~host.indexOf('%3A'))%20%7B%0A%20%20%20%20%20%20%20%20return%20'LOCAL'%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20if%20(this.data.IPv4NotationRE.test(host)%20%26%26%20this.data.localIPsRE.test(host))%20%7B%0A%20%20%20%20%20%20%20%20return%20'LOCAL'%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20ref%20%3D%20this.data.localDomains%3B%0A%20%20%20%20%20%20for%20(j%20%3D%200%2C%20len%20%3D%20ref.length%3B%20j%20%3C%20len%3B%20j%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20local%20%3D%20ref%5Bj%5D%3B%0A%20%20%20%20%20%20%20%20if%20(this.matchWildcardDomain(host%2C%20local))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20'LOCAL'%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20match%20%3D%20this.matchRules(rules%2C%20host%2C%20url)%3B%0A%20%20%20%20%20%20if%20(match%20!%3D%20null)%20%7B%0A%20%20%20%20%20%20%20%20return%20rules%5Bmatch%5D.cc%3B%0A%20%20%20%20%20%20%7D%20else%20%7B%0A%20%20%20%20%20%20%20%20return%20'DEFAULT'%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%20%7D%3B%0A%20%20e.data.localDomains%20%3D%20e.data.localDomains.concat(%5B%22zenmate.com%22%2C%22d1jr1idae5ms9n.cloudfront.net%22%5D)%3B%0A%20%20e.data.IPv4NotationRE%20%3D%20%2F%5E%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%24%2Fg%3B%0Ae.data.localIPsRE%20%3D%20%2F(%5E127%5C.)%7C(%5E192%5C.168%5C.)%7C(%5E10%5C.)%7C(%5E172%5C.1%5B6-9%5D%5C.)%7C(%5E172%5C.2%5B0-9%5D%5C.)%7C(%5E172%5C.3%5B0-1%5D%5C.)%2F%3B%0A%0A%20%20e.data.defaultLocation%20%3D%20'DE'%3B%0A%20%20e.data.nodeDict%20%3D%20%7B%22DE%22%3A%22PROXY%20127.0.0.1%3A53558%22%2C%22RO%22%3A%22PROXY%20127.0.0.1%3A53559%22%2C%22US%22%3A%22PROXY%20127.0.0.1%3A53560%22%2C%22HK%22%3A%22PROXY%20127.0.0.1%3A53561%22%2C%22US-ALT1%22%3A%22PROXY%20127.0.0.1%3A53562%22%7D%3B%0A%20%20e.data.rulesWithOverrides%20%3D%20%5B%5D%3B%0A%0A%20%20var%20res%20%3D%20e._getProxyState(url%2C%20host%2C%20e.data.rulesWithOverrides)%3B%0A%0A%20%20if%20(res%20%3D%3D%3D%20'LOCAL'%20%7C%7C%20res%20%3D%3D%3D%20'DIRECT'%20%7C%7C%20res%20%3D%3D%3D%20'OFF')%20%7Breturn%20'DIRECT'%7D%3B%0A%20%20if%20(res%20%3D%3D%3D%20'DEFAULT')%20%7Bcc%20%3D%20e.data.defaultLocation%7D%20else%20%7Bcc%20%3D%20res%7D%3B%0A%0A%20%20var%20override%20%3D%20e.matchNodeOverride(host%2C%20cc)%3B%0A%20%20if%20(override)%20%7Bcc%20%3D%20override%7D%3B%0A%0A%20%20return%20e.nodeLookup(e.data.nodeDict%2C%20cc)%20%7C%7C%20'DIRECT'%3B%0A%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.3\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\searchplugins\avg-secure-search.xml [2014-12-06]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-12-11]
FF Extension: AVG Web TuneUp - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\[email protected] [2015-12-11]
FF Extension: ZenMate Security, Privacy & Unblock VPN - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\[email protected] [2015-12-05]
FF Extension: Adblock Plus - C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\[email protected] [2015-11-09] [ist nicht signiert]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-12-12] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Modem Device Helper; C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe [51576 2013-01-11] () [Datei ist nicht signiert]
R2 vToolbarUpdater40.2.3; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\ToolbarUpdater.exe [1923984 2015-12-11] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-11] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [159744 2013-01-11] (TCT International Mobile Ltd.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2013-01-11] (Windows ® Codename Longhorn DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2013-01-11] (TCT International Mobile Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [127568 2013-03-04] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-16] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9101016 2013-12-10] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-16 10:28 - 2015-12-16 10:28 - 00024169 _____ C:\Users\Lena Pra\Desktop\FRST.txt
2015-12-16 10:27 - 2015-12-16 10:28 - 00000000 ____D C:\FRST
2015-12-16 10:27 - 2015-12-16 10:27 - 02369536 _____ (Farbar) C:\Users\Lena Pra\Desktop\FRST64.exe
2015-12-14 22:56 - 2015-12-16 09:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-14 22:56 - 2015-12-14 22:56 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-14 22:56 - 2015-12-14 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-14 22:56 - 2015-12-14 22:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-14 22:56 - 2015-12-14 22:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-14 22:56 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-14 22:56 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-14 22:56 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-14 22:55 - 2015-12-14 22:55 - 22908888 _____ (Malwarebytes ) C:\Users\Lena Pra\Downloads\mbam-setup-org-2.2.0.1024.exe
2015-12-14 11:59 - 2015-12-14 11:59 - 00078513 _____ C:\Users\Lena Pra\Downloads\Bildgebung.apkg
2015-12-14 11:57 - 2015-12-14 11:57 - 00472481 _____ C:\Users\Lena Pra\Downloads\Skripte Medizin TUM_1. Studienjahr_00_Immunologie(1).pdf
2015-12-14 11:56 - 2015-12-14 11:56 - 00231077 _____ C:\Users\Lena Pra\Downloads\Skripte Medizin TUM_1. Studienjahr_00_Humangenetik.pdf
2015-12-13 21:49 - 2015-12-13 21:49 - 00472481 _____ C:\Users\Lena Pra\Downloads\Skripte Medizin TUM_1. Studienjahr_00_Immunologie.pdf
2015-12-13 21:47 - 2015-12-13 21:47 - 00376247 _____ C:\Users\Lena Pra\Downloads\Skripte Medizin TUM_1. Studienjahr_00_Augenheilkunde(1).pdf
2015-12-13 21:46 - 2015-12-13 21:46 - 00325018 _____ C:\Users\Lena Pra\Downloads\Skripte Medizin TUM_1. Studienjahr_00_HNO.pdf
2015-12-10 11:33 - 2015-12-10 11:33 - 00160921 _____ C:\Users\Lena Pra\Downloads\50d12a5297db449989f525604e26afa2.pdf
2015-12-10 10:14 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-10 10:14 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-10 10:13 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-10 10:13 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-10 10:13 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-10 10:13 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-10 10:13 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-10 10:13 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-10 10:13 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-10 10:13 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-10 10:13 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-10 10:13 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-10 10:13 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-10 10:13 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-10 10:13 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-10 10:13 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-10 10:13 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-10 10:13 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-10 10:13 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-10 10:13 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-10 10:13 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-10 10:13 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-10 10:13 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-10 10:13 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-10 10:13 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-10 10:13 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-10 10:13 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-10 10:13 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-10 10:13 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-10 10:13 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-10 10:13 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-10 10:13 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-10 10:13 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-10 10:13 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-10 10:13 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-10 10:13 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-10 10:13 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-10 10:13 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-10 10:13 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-10 10:13 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-10 10:13 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-10 10:13 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-10 10:13 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-10 10:13 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-10 10:13 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-10 10:13 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-10 10:13 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-10 10:13 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-10 10:13 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-10 10:13 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-10 10:13 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-10 10:13 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-10 10:13 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-10 10:13 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-10 10:13 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-10 10:13 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-10 10:13 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-10 10:13 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-10 10:13 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-10 10:13 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-10 10:13 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-10 10:13 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-10 10:13 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-10 10:13 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-10 10:13 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-10 10:13 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-10 10:13 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-10 10:13 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-10 10:13 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-10 10:13 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-10 10:13 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-10 10:13 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-10 10:13 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-10 10:13 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-10 10:13 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-10 10:13 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-10 10:13 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-10 10:13 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-10 10:13 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-10 10:13 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-10 10:13 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-10 10:13 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-10 10:13 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-10 10:13 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-10 10:13 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-10 10:13 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-10 10:13 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-10 10:13 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-10 10:13 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-10 10:13 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-10 10:13 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-10 10:13 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-10 10:13 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-10 10:13 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-10 10:13 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-10 10:13 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-10 10:13 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-10 10:13 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-10 10:13 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-10 10:13 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-10 10:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-10 10:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-10 10:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-10 10:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-10 10:13 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-10 10:13 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-10 10:13 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-10 10:13 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-10 10:13 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-10 09:43 - 2015-12-10 09:43 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2015-12-08 21:43 - 2015-12-08 22:10 - 00020391 _____ C:\Users\Lena Pra\Documents\Burger Synapse.odt
2015-12-08 21:30 - 2015-12-08 21:30 - 01753649 _____ C:\Users\Lena Pra\Downloads\karte.pdf
2015-12-08 20:46 - 2015-12-08 20:46 - 00692581 _____ C:\Users\Lena Pra\Downloads\SpeisekarteTMB(1).pdf
2015-12-08 20:23 - 2015-12-08 20:23 - 00355580 _____ C:\Users\Lena Pra\Downloads\Menuekarte_BBQ.pdf
2015-12-08 19:00 - 2015-12-08 19:00 - 00000000 ____D C:\Users\Lena Pra\AppData\Roaming\AVG
2015-12-08 18:53 - 2015-12-08 18:53 - 00000896 _____ C:\Users\Public\Desktop\AVG.lnk
2015-12-08 18:53 - 2015-12-08 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2015-12-08 18:52 - 2015-12-08 18:55 - 00000000 ____D C:\ProgramData\Avg
2015-12-07 10:49 - 2015-12-07 10:49 - 00489995 _____ C:\Users\Lena Pra\Downloads\Profil neuer Tutoren-1.pdf
2015-12-02 10:08 - 2015-12-02 10:08 - 00007476 _____ C:\Users\Lena Pra\Downloads\medizinische_doktorarbeit_cx3cl1.pdf
2015-11-27 16:28 - 2015-11-27 16:28 - 00045087 _____ C:\Users\Lena Pra\Downloads\c465b11b-d463-4481-89c0-efe083d0cddc.pdf
2015-11-25 21:41 - 2015-11-25 21:41 - 00007518 _____ C:\Users\Lena Pra\Downloads\medizinische_doktorarbeit_checkpoint-studie.pdf
2015-11-22 13:13 - 2015-11-22 13:13 - 00444004 _____ C:\Users\Lena Pra\Downloads\Skripte Medizin TUM_1. Studienjahr_00_Mikrobio(2).pdf
2015-11-22 13:11 - 2015-11-22 13:11 - 00444004 _____ C:\Users\Lena Pra\Downloads\Skripte Medizin TUM_1. Studienjahr_00_Mikrobio(1).pdf
2015-11-22 13:10 - 2015-11-22 13:10 - 00444004 _____ C:\Users\Lena Pra\Downloads\Skripte Medizin TUM_1. Studienjahr_00_Mikrobio.pdf
2015-11-22 12:48 - 2015-11-22 12:48 - 00203071 _____ C:\Users\Lena Pra\Downloads\Differenzierung.pdf
2015-11-22 12:46 - 2015-11-22 12:46 - 00352753 _____ C:\Users\Lena Pra\Downloads\Schimmelpilze.pdf
2015-11-21 12:50 - 2015-11-21 12:50 - 03514381 _____ C:\Users\Lena Pra\Downloads\2014_11_4_strenger_innenohr.pdf
2015-11-21 12:49 - 2015-11-21 12:49 - 15375476 _____ C:\Users\Lena Pra\Downloads\2014_11_18_staudenmaier_plastische_chirurgie_traumatologie_kopf-hals.pdf
2015-11-21 12:49 - 2015-11-21 12:49 - 02028138 _____ C:\Users\Lena Pra\Downloads\2014_11_4_stark_apparative_versorgung_schwerhörigkeiten.pdf
2015-11-21 12:48 - 2015-11-21 12:48 - 03377618 _____ C:\Users\Lena Pra\Downloads\2014_4_15_strenger_Äußeres_ohr_und_mittelohr.pdf
2015-11-21 12:46 - 2015-11-21 12:47 - 01849815 _____ C:\Users\Lena Pra\Downloads\20151110-strenger-innenohr.pdf
2015-11-21 12:46 - 2015-11-21 12:46 - 05914577 _____ C:\Users\Lena Pra\Downloads\hauptvorlesungws2015-16_hno-hören.pdf
2015-11-20 18:12 - 2015-11-20 18:12 - 18306414 _____ C:\Users\Lena Pra\Downloads\netzhaut_ii__(amd)ss15.pdf
2015-11-20 18:12 - 2015-11-20 18:12 - 02613872 _____ C:\Users\Lena Pra\Downloads\lider__tränenwege__orbita_studentenversion_ss15.pdf
2015-11-20 18:12 - 2015-11-20 18:12 - 02019272 _____ C:\Users\Lena Pra\Downloads\akute_sehstörungss15.pdf
2015-11-20 18:12 - 2015-11-20 18:12 - 01788965 _____ C:\Users\Lena Pra\Downloads\rote_augess15.pdf
2015-11-20 18:11 - 2015-11-20 18:12 - 07737419 _____ C:\Users\Lena Pra\Downloads\netzhaut_i_diabetesss15.pdf
2015-11-20 18:11 - 2015-11-20 18:11 - 06244352 _____ C:\Users\Lena Pra\Downloads\anatomie_lohmann.ppt
2015-11-20 18:11 - 2015-11-20 18:11 - 03679915 _____ C:\Users\Lena Pra\Downloads\glaukomss15.pdf
2015-11-20 18:11 - 2015-11-20 18:11 - 02946578 _____ C:\Users\Lena Pra\Downloads\visus__refraktive_chirurgie__kataraktss15.pdf
2015-11-20 18:11 - 2015-11-20 18:11 - 02921074 _____ C:\Users\Lena Pra\Downloads\kinderophthalmologie_ss_15_meditumversion_klopfer.pdf
2015-11-20 18:11 - 2015-11-20 18:11 - 01575838 _____ C:\Users\Lena Pra\Downloads\strabismus_studentenversionss15.pdf
2015-11-20 18:09 - 2015-11-20 18:09 - 45425314 _____ C:\Users\Lena Pra\Downloads\201511201809.zip
2015-11-20 17:24 - 2015-11-20 17:24 - 00047998 _____ C:\Users\Lena Pra\Downloads\Erfahrungsbericht Der Gute Arzt _ WS 2011_12.pdf
2015-11-20 15:44 - 2015-11-20 15:44 - 00081559 _____ C:\Users\Lena Pra\Downloads\formular_vorsorgevollmacht_neu.pdf
2015-11-20 15:41 - 2015-11-20 15:41 - 00136287 _____ C:\Users\Lena Pra\Downloads\formular_patientenverf__gung.pdf
2015-11-20 15:31 - 2015-11-20 15:31 - 00040432 _____ C:\Users\Lena Pra\Downloads\patientenverfügung-muster-rlp.pdf
2015-11-20 15:23 - 2015-11-20 15:23 - 00026303 _____ C:\Users\Lena Pra\Downloads\3475e13-3-9formular vorsorgevollmacht neu 08_2013.pdf
2015-11-18 21:44 - 2015-11-18 21:44 - 00376247 _____ C:\Users\Lena Pra\Downloads\Skripte Medizin TUM_1. Studienjahr_00_Augenheilkunde.pdf
2015-11-16 23:04 - 2015-11-16 23:04 - 00050417 _____ C:\Users\Lena Pra\Downloads\Kursliste_03678693(2).pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-16 10:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-16 09:52 - 2014-03-03 20:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-16 09:29 - 2014-02-06 18:06 - 00000000 ____D C:\ProgramData\MFAData
2015-12-16 09:14 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-16 09:14 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-14 11:58 - 2014-05-29 12:31 - 00000000 ____D C:\Users\Lena Pra\Documents\Studium
2015-12-13 21:40 - 2011-04-12 08:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-12-13 21:40 - 2011-04-12 08:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-12-13 21:40 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-13 21:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-12 14:22 - 2014-02-17 22:34 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-12-12 14:20 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-12 12:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-12 12:21 - 2009-07-14 05:45 - 00295752 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 14:27 - 2014-03-10 23:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 14:27 - 2014-03-10 23:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-11 10:41 - 2014-04-07 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-12-11 10:41 - 2014-02-06 18:08 - 00000000 ___HD C:\$AVG
2015-12-11 10:40 - 2014-11-28 10:31 - 00000000 ____D C:\Users\Lena Pra\AppData\Local\Avg
2015-12-11 10:32 - 2014-12-06 09:54 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-12-11 09:48 - 2014-03-10 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-11 09:43 - 2014-02-06 12:53 - 00000000 ____D C:\Windows\system32\MRT
2015-12-11 09:35 - 2014-02-06 12:53 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-10 09:43 - 2014-03-03 20:02 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-10 09:42 - 2015-11-11 15:49 - 09498816 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-10 09:42 - 2014-03-03 20:01 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-10 09:42 - 2014-03-03 20:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 09:18 - 2014-02-06 18:08 - 00000000 ____D C:\ProgramData\AVG2014
2015-12-09 09:18 - 2014-02-06 18:07 - 00000000 ____D C:\Program Files (x86)\AVG
2015-12-08 18:58 - 2015-06-30 10:15 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-08 18:53 - 2014-12-06 09:55 - 00000000 ____D C:\Users\Lena Pra\AppData\Local\AVG Web TuneUp
2015-12-06 15:08 - 2014-02-17 22:31 - 00000000 ____D C:\Users\Lena Pra\AppData\Roaming\Skype
2015-11-23 13:21 - 2014-12-17 12:40 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-23 13:21 - 2014-05-04 23:04 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-11-22 20:45 - 2015-02-02 15:32 - 00000000 ____D C:\Users\Lena Pra\Documents\Scan
2015-11-20 15:01 - 2015-04-07 22:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-11-20 14:56 - 2015-11-09 12:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-20 14:56 - 2014-02-06 14:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-20 14:50 - 2015-04-07 22:07 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-11-18 21:04 - 2014-03-04 01:58 - 01593564 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-18 21:00 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal

Einige Dateien in TEMP:
====================
C:\Users\Lena Pra\AppData\Local\Temp\SAS6_Update.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 10:47

==================== Ende von FRST.txt ============================

 

 

 

Thank you again for your help.


  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Please do the following.
 
Step#1 - Uninstalls
Please uninstall the following programs one at a time. Instructions for doing so are here.
If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot. All of these programs are either outdated, malware/adware, have a bad reputation or are not recommended. If you absolutely must have one of them I suggest that you wait until you are declared clean before reinstalling.
 
AVG Web TuneUp
 
 
Step#2 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   7.38KB   192 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.
 
Step#3 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool. Click I agree if you agree with the terms of use.
4. Click on Scan.
5. After the scan is complete click on "Cleaning"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[C1].txt as well.
 
 
Step#4 - JRT by Malwarebytes
1. Download Junkware Removal Tool to your desktop.
2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
3. The tool will open. Press any key at the Disclaimer screen and the program will start scanning your system.
4. Please be patient as this can take a while to complete depending on your system's specifications.
5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
6. Close the text file and reboot your machine.
7. Post the contents of JRT.txt into your next message.

 

Items for your next post

1. Fixlog

2. Adwcleaner log

3. Junkware log


  • 0

#5
lmartinez

lmartinez

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Hello Brian,

 

I deleted the AVG Tuneup as instructed and below are the 3 logs:

 

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-12-2015
durchgeführt von Lena Pra (2015-12-17 09:15:30) Run:1
Gestartet von C:\Users\Lena Pra\Desktop
Geladene Profile: Lena Pra &  (Verfügbare Profile: Lena Pra)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CreateRestorePoint:
FF Homepage: hxxps://mysearch.avg.com?cid={53DF037D-C749-4EE2-85A0-AEF794625185}&mid=54cb91b5815347d2b22edd1de3ce163e-18f29c75e639e91aaa54b599b4e3bd32b98d0511&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-12-06 09:55:08&v=4.0.0.19&pid=wtu&sg=&sap=hp
FF NetworkProxy: "autoconfig_url", "data:text/javascript,%2F*ZenMate*%2F%0Afunction%20FindProxyForURL(url%2C%20host)%20%7B%0A%0A%20%20var%20e%20%3D%20%7B%20data%3A%20%7B%22localDomains%22%3A%5B%22zenguard.biz%22%2C%22local%22%2C%22dev%22%2C%22ip%22%2C%22box%22%2C%22lvh.me%22%2C%22ripe%22%2C%22invalid%22%2C%22intra%22%2C%22intranet%22%2C%22onion%22%2C%22vcap.me%22%2C%22zeus.pm%22%2C%22127.0.0.1.xip.io%22%2C%22smackaho.st%22%2C%22localtest.me%22%2C%22site%22%2C%22about%3Aaddons%22%2C%22about%3Anewtab%22%2C%22about%3Apreferences%22%2C%22about%3Aconfig%22%5D%2C%22nodeOverrides%22%3A%5B%7B%22target_cc%22%3A%22US%22%2C%22hosts%22%3A%5B%22hulu.com%22%5D%2C%22premium_only%22%3Atrue%2C%22nodes%22%3A%22US-ALT1%22%7D%2C%7B%22target_cc%22%3A%22UW%22%2C%22hosts%22%3A%5B%22hulu.com%22%5D%2C%22premium_only%22%3Atrue%2C%22nodes%22%3A%22US-ALT1%22%7D%5D%2C%22IPv4NotationRE%22%3A%7B%7D%2C%22localIPsRE%22%3A%7B%7D%7D%2CnodeLookup%3A%20function%20(nodeDict%2C%20cc)%20%7B%0A%20%20%20%20%20%20return%20nodeDict%5Bcc%5D%20%7C%7C%20false%3B%0A%20%20%20%20%7D%2CcompareHosts%3A%20function%20(hosts%2C%20host)%20%7B%0A%20%20%20%20%20%20var%20h%2C%20j%2C%20len%3B%0A%20%20%20%20%20%20for%20(j%20%3D%200%2C%20len%20%3D%20hosts.length%3B%20j%20%3C%20len%3B%20j%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20h%20%3D%20hosts%5Bj%5D%3B%0A%20%20%20%20%20%20%20%20if%20(this.matchWildcardDomain(host%2C%20h))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20h%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%2CcompareURLs%3A%20function%20(patterns%2C%20url)%20%7B%0A%20%20%20%20%20%20var%20j%2C%20len%2C%20p%3B%0A%20%20%20%20%20%20for%20(j%20%3D%200%2C%20len%20%3D%20patterns.length%3B%20j%20%3C%20len%3B%20j%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20p%20%3D%20patterns%5Bj%5D%3B%0A%20%20%20%20%20%20%20%20if%20(p.test(url))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20p%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%2CdnsDomainIs%3A%20function%20(host%2C%20pattern)%20%7B%0A%20%20%20%20%20%20return%20host.length%20%3E%3D%20pattern.length%20%26%26%20host.substring(host.length%20-%20pattern.length)%20%3D%3D%3D%20pattern%3B%0A%20%20%20%20%7D%2CmatchWildcardDomain%3A%20function%20(host%2C%20domain)%20%7B%0A%20%20%20%20%20%20var%20exactMatch%2C%20hasSubdomain%2C%20tldMatch%3B%0A%20%20%20%20%20%20exactMatch%20%3D%20host%20%3D%3D%3D%20domain%3B%0A%20%20%20%20%20%20tldMatch%20%3D%20host.slice(-domain.length)%20%3D%3D%3D%20domain%3B%0A%20%20%20%20%20%20hasSubdomain%20%3D%20host%5Bhost.lastIndexOf(domain)%20-%201%5D%20%3D%3D%3D%20'.'%3B%0A%20%20%20%20%20%20return%20exactMatch%20%7C%7C%20(tldMatch%20%26%26%20hasSubdomain)%3B%0A%20%20%20%20%7D%2CmatchNodeOverride%3A%20function%20(host%2C%20cc)%20%7B%0A%20%20%20%20%20%20var%20o%2C%20ref%2C%20result%3B%0A%20%20%20%20%20%20result%20%3D%20(function()%20%7B%0A%20%20%20%20%20%20%20%20var%20j%2C%20len%2C%20ref%2C%20results%3B%0A%20%20%20%20%20%20%20%20ref%20%3D%20this.data.nodeOverrides%3B%0A%20%20%20%20%20%20%20%20results%20%3D%20%5B%5D%3B%0A%20%20%20%20%20%20%20%20for%20(j%20%3D%200%2C%20len%20%3D%20ref.length%3B%20j%20%3C%20len%3B%20j%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20%20%20o%20%3D%20ref%5Bj%5D%3B%0A%20%20%20%20%20%20%20%20%20%20if%20(o.target_cc%20%3D%3D%3D%20cc%20%26%26%20this.compareHosts(o.hosts%2C%20host))%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20results.push(o)%3B%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20return%20results%3B%0A%20%20%20%20%20%20%7D).call(this)%3B%0A%20%20%20%20%20%20return%20(result%20!%3D%20null%20%3F%20(ref%20%3D%20result%5B0%5D)%20!%3D%20null%20%3F%20ref.nodes%20%3A%20void%200%20%3A%20void%200)%20%7C%7C%20false%3B%0A%20%20%20%20%7D%2CmatchRules%3A%20function%20(rules%2C%20host%2C%20url)%20%7B%0A%20%20%20%20%20%20var%20i%2C%20j%2C%20len%2C%20rule%3B%0A%20%20%20%20%20%20if%20(!((rules%20!%3D%20null%20%3F%20rules.length%20%3A%20void%200)%20%3E%200))%20%7B%0A%20%20%20%20%20%20%20%20return%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20if%20(this.data.rulesWithOverrides%20%3D%3D%20null)%20%7B%0A%20%20%20%20%20%20%20%20rules%20%3D%20mergeRuleOverrides(rules%2C%20config.ruleOverrides)%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20for%20(i%20%3D%20j%20%3D%200%2C%20len%20%3D%20rules.length%3B%20j%20%3C%20len%3B%20i%20%3D%20%2B%2Bj)%20%7B%0A%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20if%20(this.matchWildcardDomain(host%2C%20rule.domain)%20%7C%7C%20((rule.hosts%20!%3D%20null)%20%26%26%20this.compareHosts(rule.hosts%2C%20host)))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20i%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%2C_getProxyState%3A%20function%20(url%2C%20host%2C%20rules)%20%7B%0A%20%20%20%20%20%20var%20j%2C%20len%2C%20local%2C%20match%2C%20ref%3B%0A%20%20%20%20%20%20url%20%3D%20url.toLowerCase()%3B%0A%20%20%20%20%20%20if%20(!~host.indexOf('.')%20%26%26%20!~host.indexOf('%3A'))%20%7B%0A%20%20%20%20%20%20%20%20return%20'LOCAL'%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20if%20(this.data.IPv4NotationRE.test(host)%20%26%26%20this.data.localIPsRE.test(host))%20%7B%0A%20%20%20%20%20%20%20%20return%20'LOCAL'%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20ref%20%3D%20this.data.localDomains%3B%0A%20%20%20%20%20%20for%20(j%20%3D%200%2C%20len%20%3D%20ref.length%3B%20j%20%3C%20len%3B%20j%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20local%20%3D%20ref%5Bj%5D%3B%0A%20%20%20%20%20%20%20%20if%20(this.matchWildcardDomain(host%2C%20local))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20'LOCAL'%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20match%20%3D%20this.matchRules(rules%2C%20host%2C%20url)%3B%0A%20%20%20%20%20%20if%20(match%20!%3D%20null)%20%7B%0A%20%20%20%20%20%20%20%20return%20rules%5Bmatch%5D.cc%3B%0A%20%20%20%20%20%20%7D%20else%20%7B%0A%20%20%20%20%20%20%20%20return%20'DEFAULT'%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%20%7D%3B%0A%20%20e.data.localDomains%20%3D%20e.data.localDomains.concat(%5B%22zenmate.com%22%2C%22d1jr1idae5ms9n.cloudfront.net%22%5D)%3B%0A%20%20e.data.IPv4NotationRE%20%3D%20%2F%5E%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%24%2Fg%3B%0Ae.data.localIPsRE%20%3D%20%2F(%5E127%5C.)%7C(%5E192%5C.168%5C.)%7C(%5E10%5C.)%7C(%5E172%5C.1%5B6-9%5D%5C.)%7C(%5E172%5C.2%5B0-9%5D%5C.)%7C(%5E172%5C.3%5B0-1%5D%5C.)%2F%3B%0A%0A%20%20e.data.defaultLocation%20%3D%20'DE'%3B%0A%20%20e.data.nodeDict%20%3D%20%7B%22DE%22%3A%22PROXY%20127.0.0.1%3A53558%22%2C%22RO%22%3A%22PROXY%20127.0.0.1%3A53559%22%2C%22US%22%3A%22PROXY%20127.0.0.1%3A53560%22%2C%22HK%22%3A%22PROXY%20127.0.0.1%3A53561%22%2C%22US-ALT1%22%3A%22PROXY%20127.0.0.1%3A53562%22%7D%3B%0A%20%20e.data.rulesWithOverrides%20%3D%20%5B%5D%3B%0A%0A%20%20var%20res%20%3D%20e._getProxyState(url%2C%20host%2C%20e.data.rulesWithOverrides)%3B%0A%0A%20%20if%20(res%20%3D%3D%3D%20'LOCAL'%20%7C%7C%20res%20%3D%3D%3D%20'DIRECT'%20%7C%7C%20res%20%3D%3D%3D%20'OFF')%20%7Breturn%20'DIRECT'%7D%3B%0A%20%20if%20(res%20%3D%3D%3D%20'DEFAULT')%20%7Bcc%20%3D%20e.data.defaultLocation%7D%20else%20%7Bcc%20%3D%20res%7D%3B%0A%0A%20%20var%20override%20%3D%20e.matchNodeOverride(host%2C%20cc)%3B%0A%20%20if%20(override)%20%7Bcc%20%3D%20override%7D%3B%0A%0A%20%20return%20e.nodeLookup(e.data.nodeDict%2C%20cc)%20%7C%7C%20'DIRECT'%3B%0A%7D"
EmptyTemp:
*****************

Wiederherstellungspunkt wurde erfolgreich erstellt.
Firefox "homepage" erfolgreich entfernt
Firefox Proxy-Einstellungen wurden zurückgesetzt
EmptyTemp: => 2.4 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 09:21:19 ====

 

 

# AdwCleaner v5.025 - Bericht erstellt am 17/12/2015 um 09:29:54
# Aktualisiert am 13/12/2015 von Xplode
# Datenbank : 2015-12-13.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Lena Pra - LENAPRA-PC
# Gestartet von : C:\Users\Lena Pra\Desktop\AdwCleaner.exe
# Option : Löschen
# Unterstützung : http://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\eSupport.com
[-] Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
[-] Ordner Gelöscht : C:\ProgramData\Avg_Update_0215tb
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
[-] Ordner Gelöscht : C:\Users\Lena Pra\AppData\Local\eSupport.com

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] Datei Gelöscht : C:\Users\Lena Pra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Lena Pra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Lena Pra\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Lena Pra\AppData\Roaming\Mozilla\Firefox\Profiles\lsnmh4hi.default\invalidprefs.js
[-] Datei Gelöscht : C:\Users\Lena Pra\Desktop\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Lena Pra\Favorites\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Lena Pra\Favorites\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Lena Pra\Favorites\Links\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Lena Pra\Favorites\Links\Startfenster.lnk

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

 

 

 

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by Lena Pra (Administrator) on 17.12.2015 at  9:38:12,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.12.2015 at  9:41:21,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  • 0

#6
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

How is your machine now?


  • 0

#7
lmartinez

lmartinez

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Hello,

 

the machine is better but still will not load some pages. When I click on a link for example, the buffer weel will continually turn without loading the page. But the boot up speed is much better!


Edited by lmartinez, 17 December 2015 - 12:57 PM.

  • 0

#8
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thanks. Which browser do you normally use for Internet Access? (i.e. Firefox, Chrome, IE)


  • 0

#9
lmartinez

lmartinez

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

I usually run mozilla.


  • 0

#10
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

To validate a suspicion that I have, can you use Internet Explorer and let me know if you have the same issues of some pages not loading, etc.?


  • 0

Advertisements


#11
lmartinez

lmartinez

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

IE does run load much better than Mozilla.


  • 0

#12
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

That's what I suspected. Please uninstall Mozilla Firefox and then Re-install the newest version from here.


  • 0

#13
lmartinez

lmartinez

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

I un- and then re-installed Firefox. Was the problem due to an outdated browser?


  • 0

#14
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Was the problem due to an outdated browser?

 

No. Sometimes browsers get "mucked up" with adons/adware and sometimes the easiest way to resolve is to uninstall/reinstall.

 

Is your browser and machine working better now?


  • 0

#15
lmartinez

lmartinez

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Oh ok. Yes it it working much better!

 

Thank you so much for your help


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP