Es öffnen sich während des surfen ungewollt Werbefenster.

[Tobi]

Während des Surfens öffnen sich nervige Werbefenster. War soll ich machen. Das Problem lässt sich auch nicht durch den ADW Cleaner lösen. Über eure Hilfe währe ich sehr dankbar.

[Maurice Naggar]

Hello    

My name is Maurice.  Let me know what name you prefer to go by.

I am going to write to you in English.   You can get online translation at https://translate.google.com

Where are the ads ?

Are they on a specific web browser ?   Chrome ?  Firefox ?  Opera ?  Edge ?

 

I would appreciate  getting some key details from this machine.
 NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

Do have patience while the report tool runs.  It may take several minutes.  Just let it run & take its time.  You may want to close your other open windows so that there is a clear field of view.
Download Malwarebytes Support Tool
    
  
    Once the file is downloaded, open your Downloads folder/location of the downloaded file
    Double-click mb-support-1.7.0.827.exe  to run the report

Once it starts, you will see a first screen with 2 buttons.  Click the one on the left marked "I don't have an open support ticket".

        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
        
    Place a checkmark next to Accept License Agreement and click Next
Now click the left-hand side pane "I do not have an open support ticket"

    You will be presented with a page stating, "Get Started!"
    Do NOT use the button “Start repair” !   But look instead at the far-left options list in black.

    Click the Advanced tab on the left column
    
    Click the Gather Logs button
    
    A progress bar will appear and the program will proceed with getting logs from your computer.  Please do have patience.  It takes several minutes to gather.
   
    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK.  Then Exit the tool.

    Please attach the ZIP file in your next reply.

Sincerely,

Maurice

[Tobi]

Vielen Dank das sie sich so schnell gemeldet haben, das Problem besteht darin das sich in Firefox immer ungewollt Werbe Fenster öffnen. Bei dem Versuch alle Browser zu entfernen und wieder zu installieren sind die Werbe Fenster in anderen Browsern aufgetaucht wie zum Beispiel in: internet Explorer, Opera, Chrome, oder anderen Browsern. Das Tool das sie für mich herausgesucht haben werde ich natürlich sofort ausprobieren. Ich lasse sie es wissen wenn ich weitere Informationen habe. 

Liebe Grüße 

Tobias

[Tobi]

Hier ist die Ergebnis Datei! Ich hoffe sehr das sie die Ursache finden.

Liebe Grüße

Tobias

mbst-grab-results.zip

[Maurice Naggar]

Thank you for the report.   Let us start with this special run.

Please read all of these lines first so that it is all clear to you about our plan. I need a one time run of MBAR like listed here, please.

Please download Malwarebytes Anti-Rootkit (MBAR) from this link here

and save it to your desktop.

Doubleclick on the MBAR file and allow it to run.

•Click OK on the next screen, to allow the package to extract the contents of the file to its own folder named mbar.

•mbar.exe will launch automatically. On some systems, this may take a few extra seconds. Please be patient and wait for the program to open.

•After reading the Introduction, click 'Next' if you agree.

•On the Update Database screen, click on the 'Update' button.

•Once you see 'Success: Database was successfully updated' click on 'Next', then click the Scan button.

With some infections, you may see two messages boxes:

1.'Could not load protection driver'. Click 'OK'.
2.'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.

•If malware is found, press the Cleanup button when the scan completes. .

Please attach the log it produces, you'll find the log in that mbar folder as MBAR-log-<date and time>***.txt . Please attach that to your next reply.

 

I will review the result, and we will do ore later.

Sincerely.
  
 

[Tobi]

Vielen Dank für ihre Hilfe!

Hier ist die Datei.

mbar-log-2020-09-09 (18-15-03).txt

[Maurice Naggar]

Thank you.    👍 The MBAR anti-rootkit tool found & removed several trojans, & adware.    👈 We have to do more follow-up scans.   Please do not use this pc to do any web surfing or games.

1. Get the setup file for Malwarebytes for Windows, save it, then run it to do a setup / install https://support.malwarebytes.com/hc/en-us/articles/360038479134-Download-and-install-Malwarebytes-for-Windows-v4
2. Once installed, then do a normal SCAN      open Malwarebytes for Windows and click the blue Scan button.

3. When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical.
   Then click on Quarantine selected.

   Be sure all items were removed

4. Then, locate the Scan run report;  export out a copy;  & then attach in with your  reply.
   See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4

[Tobi]

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 10.09.20
Scan-Zeit: 12:50
Protokolldatei: 62d5ae7c-f353-11ea-a9ec-78f29ef7c30b.json

-Softwaredaten-
Version: 4.2.0.82
Komponentenversion: 1.0.1036
Version des Aktualisierungspakets: 1.0.29643
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 18362.959)
CPU: x64
Dateisystem: NTFS
Benutzer: KINDERPCMEDIONA\Kinder

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 323221
Erkannte Bedrohungen: 91
In die Quarantäne verschobene Bedrohungen: 91
Abgelaufene Zeit: 5 Min., 0 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 7
PUP.Optional.Messenger2go, HKU\S-1-5-21-1644298985-1144607659-2240355001-1002\SOFTWARE\APPDATALOW\SOFTWARE\MESSENGER2GO, In Quarantäne, 4056, 755566, 1.0.29643, , ame, , , 
PUP.Optional.WinYahoo, HKU\S-1-5-21-1644298985-1144607659-2240355001-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}, In Quarantäne, 240, 254682, 1.0.29643, , ame, , , 
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, 6898, 252393, 1.0.29643, , ame, , , 
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, 6898, 252393, 1.0.29643, , ame, , , 
Trojan.Dropper, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Smart Clock, In Quarantäne, 852, 820541, , , , , , 
Trojan.Dropper, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E3154B19-4008-47A4-B3E7-41B9BDDC9FF6}, In Quarantäne, 852, 820541, , , , , , 
Trojan.Dropper, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{E3154B19-4008-47A4-B3E7-41B9BDDC9FF6}, In Quarantäne, 852, 820541, , , , , , 

Registrierungswert: 7
PUP.Optional.Messenger2go, HKU\S-1-5-21-1644298985-1144607659-2240355001-1002\SOFTWARE\APPDATALOW\SOFTWARE\MESSENGER2GO|UID, In Quarantäne, 4056, 755566, 1.0.29643, , ame, , , 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, 942, -1, 0.0.0, , action, , , 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, 942, -1, 0.0.0, , action, , , 
PUP.Optional.WinYahoo, HKU\S-1-5-21-1644298985-1144607659-2240355001-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, In Quarantäne, 240, 254682, 1.0.29643, , ame, , , 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1644298985-1144607659-2240355001-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, In Quarantäne, 942, 259988, 1.0.29643, , ame, , , 
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, 6898, 252393, 1.0.29643, , ame, , , 
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, 6898, 252393, 1.0.29643, , ame, , , 

Registrierungsdaten: 2
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1644298985-1144607659-2240355001-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Ersetzt, 942, 293485, 1.0.29643, , ame, , , 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1644298985-1144607659-2240355001-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Ersetzt, 942, 293486, 1.0.29643, , ame, , , 

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 6
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\databases\file__0, In Quarantäne, 4056, 755570, , , , , , 
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\index-dir, In Quarantäne, 4056, 755570, , , , , , 
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Local Storage, In Quarantäne, 4056, 755570, , , , , , 
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\databases, In Quarantäne, 4056, 755570, , , , , , 
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache, In Quarantäne, 4056, 755570, , , , , , 
PUP.Optional.Messenger2go, C:\USERS\KINDER\APPDATA\LOCAL\MESSENGER2GO, In Quarantäne, 4056, 755570, 1.0.29643, , ame, , , 

Datei: 69
Adware.Linkury, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\installer.dat, In Quarantäne, 431, 715618, 1.0.29643, , ame, , 354BF3EBDB55157C6E74A289BF5480D7, DA86A5610BBDD76021D82D184E459A0B258E6549BC7200AB83542352B26B5C25
PUP.Optional.Messenger2go, C:\USERS\KINDER\APPDATA\LOCAL\MESSENGER2GO\WEB DATA-JOURNAL, In Quarantäne, 4056, 755570, 1.0.29643, , ame, , BF619EAC0CDF3F68D496EA9344137E8B, 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\index-dir\the-real-index, In Quarantäne, 4056, 755570, , , , , 365A5FAFA91BEA8EE153DB7E3835B8D2, A61BEFD9FBB39A1D373F5596FA16A3A07C7CA94D39E551D3B7CCBB47C3A2507C
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\03a5f83d8f3e3f5e_0, In Quarantäne, 4056, 755570, , , , , 6D8B6C80888E029990FFF1436561B010, DAC332B04FF10AAF553767E14D3B339EAAFD84A6285B1F44B63E192BC77AA18B
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\096ae5d1036dad07_0, In Quarantäne, 4056, 755570, , , , , 2119B8DF83B082E2B18E632DAB884EAD, 1ED343D66183C4663AE6B6C85FF3DAF3F34E37F54B8159C403EDE88073DEEB8B
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\0a591c9a2f358406_0, In Quarantäne, 4056, 755570, , , , , 4E7ECF79EC3518DB645CD098DAA61A7C, A0018BC76EC9FF9954CD9853D51C66ADE2F5F520236BADDD5056CBE9F83F686C
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\3358de013d3033c8_0, In Quarantäne, 4056, 755570, , , , , EDCEF80E45C0309E22A2F3414DB844B2, 30A601343F7D31A17EF4B69919CEAD7E9D5B45B5C35E4A54A85C90AFBADBEB0F
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\34286f0181a7f888_0, In Quarantäne, 4056, 755570, , , , , 34CC774215EB2802B8F8B6BC540FE43A, EA1615857E93D7CD5391CF48B0709B345D0EDA0DC89841B627DE3C719760985E
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\352f4a72832a1270_0, In Quarantäne, 4056, 755570, , , , , A54FB4291BB201DE686D4DE2E7A50C78, CDFDC65B46EBD80DB4075D1811AA76162E5E198BF234BFBF0295827BD23FC3C6
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\35f3137a35efe120_0, In Quarantäne, 4056, 755570, , , , , D0674B247E7BF78E1324D3BB7AC9BBA5, AA3CD5329684175EB207A5833594D7358A7E0DCDF748EF275BF7EB507CFADC36
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\45e8a7b3a9a39630_0, In Quarantäne, 4056, 755570, , , , , 898CA2A36DF528334D9115B53B74A51E, EF0A20DA8FE34BA2508BC824FDAE872083E7C963D0C33277EA4AA7005050CAD0
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\46a6fa395fd9530d_0, In Quarantäne, 4056, 755570, , , , , 5A6388BB74994C2D7D495B853166EE2C, CE055C3BDCBE6E2064BD361ED34F14FEFA7D310DC3A9DD07085B0B490B31563B
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\4d878491c4e7cd2e_0, In Quarantäne, 4056, 755570, , , , , 8C1232B84CA5CA28D2CBC47CF11B5301, A215DDF10BA65339AE6CC728E0A9AD88BBC083D70EB0246AE21C18DEC1D60516
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\5485729d957c855c_0, In Quarantäne, 4056, 755570, , , , , C564D0DF05997F019A56B8F9FF02530F, FBF326381F55F7700635B375369E817669997924B718FD879A6CE300A43EA4A5
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\595d53319938d099_0, In Quarantäne, 4056, 755570, , , , , AEF38BCE3591226AE1E9BD5E515D47FC, 25C96A1C68A61C9921546C6748B80700EB1E09CF190F8E1D1522D6A438A3D7B0
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\5cd9a4424c65d94b_0, In Quarantäne, 4056, 755570, , , , , ABC18C6F9B50714183D4CB7D6D16CB26, A87553A6737F341F20BD877A56ED481AD877F60DDD27D1DB687BA3D3912CDA2D
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\5e721eec36958a68_0, In Quarantäne, 4056, 755570, , , , , B0DE1F0572F5B12A792FE6F59F0AEDC6, 02D7C691079BF7B12CBF42AD1DCACE1A7C753A6A8A07907FD1F32EB83EDA4C3D
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\5ec195c554dc9470_0, In Quarantäne, 4056, 755570, , , , , B3252AABC5D87B3AD0C43F8C8697C40C, 1933263CF833D18A7210E30D99A5881BC85961F8634F57A4790B7A41616C3114
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\60c9097727b787bf_0, In Quarantäne, 4056, 755570, , , , , C4D2406ED895E549B73D36ED688B2776, 23B3022909D37C7939B84087F882F45071B2161E1960546D047B3E568AC68D48
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\63a038ec765400b9_0, In Quarantäne, 4056, 755570, , , , , 83A5586526E1C7928A562742D2A6931F, 3C0B3837655D6D78E65AF2C3502AA41CE768FE788902F23BBE8EA1B164B966D8
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\6787f2ca849a4301_0, In Quarantäne, 4056, 755570, , , , , D1BA8EB81614966540FDDC75A06C5D48, 04182327FD8CA77913C8B5FD968393172AD20FDA6A10621786156375C62AD39B
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\6e2c1b02ad66785a_0, In Quarantäne, 4056, 755570, , , , , DA394751F6E69BC82B96C7AC5F48BD7B, 8029BA6879D5A83B472485BEF8E065EC73EEF98E7E420BDACE61FE52C9B03CEF
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\72bbe7e1f9676adf_0, In Quarantäne, 4056, 755570, , , , , 08420C0D89CE5EA2BA78FC74EDD5CFF5, 40C0BE197B6E09723B5A63F1D1CD93B1B7E79A9A73934200E14ADD3505998F85
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\748b19c3604992ee_0, In Quarantäne, 4056, 755570, , , , , 33A528F871CECE3FEDE1294EE5726174, C8292BF39173176E199B4755CBD42F94B8764A47864F988A04AC2E02548E286E
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\7e3cdd1d75f89fbe_0, In Quarantäne, 4056, 755570, , , , , D59F667697904FDE0CD5E4CE4E3222EC, B8BF9CFE4B26E61C3E0102CE06AF3EBC9D82C364A5D5C231A2E50EF522DBD185
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\8cbcc018ba039422_0, In Quarantäne, 4056, 755570, , , , , 4295D49942BEC169F585E6EF214C3966, D20620608BAD7675EBF59F4844467C804CCFBAF103E5CAC05A2116B0B87F623F
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\90ab6d09a6c6b39d_0, In Quarantäne, 4056, 755570, , , , , ED12E4882DA02F3AFED8F70303669726, 2ED88FF31B9FB984344DD644CA0EC408BBBB379498EED051276145700478F768
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\a6082fb3b21d1077_0, In Quarantäne, 4056, 755570, , , , , E994A35F3B6AE34F6E53589E3B5215DA, 4A0B35A00B06E76AECC8E0E89CC67693B547A146431635E188C5E1C52A262C3C
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\a6c96b72fbb86b10_0, In Quarantäne, 4056, 755570, , , , , DFB78FD819AE955AFDC659278E147D55, DC92002CF7CA0E7E79D267DFCFACAD38913038B3ADBA8EF776CF2B9837D3E2DF
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\a9150e7a0a3acd82_0, In Quarantäne, 4056, 755570, , , , , 27FC57FADC58F20E6228DFC4EE504941, 311116FF41F0546BDD5FFB4E539C30FB1D1FADFC36C983211D201B62CC83C8CC
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\ac9f0a5aa3748118_0, In Quarantäne, 4056, 755570, , , , , FF513415010601BC49B4E7B04B00CD10, B83B30E33C4489A2465AD4713C610DC07358A3AA6441AE3E38DFF34F07B99341
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\b20e87a3eb331fda_0, In Quarantäne, 4056, 755570, , , , , BA4E0BA7774CDA9E12AB42EBC278CB89, 2808BF3708D5B707A759C604439742DB5C84A952E2DC9FB0FBF8F6828C18B46F
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\b5a4b666678dc2dd_0, In Quarantäne, 4056, 755570, , , , , 36C2E7AF3BFC16260C0A277EBC333F3F, 00A3A542AF41BC5A2C7A88CF7BC9348AAB98B2F776C2ECB9951CC0F40C13613B
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\b70454aa7cc27728_0, In Quarantäne, 4056, 755570, , , , , 7D0A254676F59F83B80B490B20868D65, BF840430735499A16D20B1450845E42DA737C6F2B4EFC181016C7212B0AAE19D
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\b748772023eea3c7_0, In Quarantäne, 4056, 755570, , , , , 417C46F26CB936C7CBA582925CAF3CF2, 17A77AE6AE18632F96D217F471EEB7BB84172CA027378898BCBAB99ED39D360E
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\b80ddf789aa38558_0, In Quarantäne, 4056, 755570, , , , , FC5B2621E5EC2B908790665FD87337CC, CBE3B31E0FE6FA883E2E66E9049A0728F9D814310A48BB3568312E8D03F5D0F1
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\c3d4471413d83af2_0, In Quarantäne, 4056, 755570, , , , , 5D20D526CFAD0C8D416A7C4FCC9EE8DB, 81FD5498245FBDAFEF4A1F469935E11CBC2C2ED7020F21214DB5CD845C0EFF36
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\e8246dd197f1b368_0, In Quarantäne, 4056, 755570, , , , , 4505E9A565EA8CDCCF2CBDC705D773A2, 69D3954A8B9CE68763716EE861B29BDE639FFBEC6C862FF6161248EAA473F8A7
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\e881b4cab038dd39_0, In Quarantäne, 4056, 755570, , , , , 4039FAC0633CBF1617711C83E654864C, 58A01475A0440330C6DC45F529614BE70EFDC52197B8967A2F6042E6320FF622
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\f9e747472a22f67d_0, In Quarantäne, 4056, 755570, , , , , F95AC6D1994D5584BEF49346EF61E1A3, BB44F46B070FE313DA7A38816946EEFF71C1FFE0C13DD8F2D5A95F63EF396DDD
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\fa47d9705dbf072b_0, In Quarantäne, 4056, 755570, , , , , F8F4F2882708ADAB3A4905151B12341A, 60A07AC815907832DE3FEFD865DC85C51486834B6495F28337DF0534ABCBFC69
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\ff3d5dfa391c13c1_0, In Quarantäne, 4056, 755570, , , , , CDAF02EF66F8025410088BD29D4E625B, FD4BB255D6946FA1AF728DADFF4FDC32F76BAAA29FF557E330941A9ABA61BFD1
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Cache\index, In Quarantäne, 4056, 755570, , , , , B9F02D71D006E6DE969A4BC8DEBB18DD, C41B9E00A3DB99D731DB822FBB4C70702383B53882A27A7DD05EF0CA892F30AF
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\databases\file__0\1, In Quarantäne, 4056, 755570, , , , , 22E4DB30925B4E0F197FA51193D1D944, 587B8EAE97D592D8D661CFC2C4DB38A420B937F6524FC7914B3D35F868B83048
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\databases\Databases.db, In Quarantäne, 4056, 755570, , , , , 3559B13E5D513360054FCA42DFCE06AC, 8150EB7888FAAEA36DB3EFF68F4A1A8F6C362DBB7DC7AD11E7C5A969E902D68E
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\databases\Databases.db-journal, In Quarantäne, 4056, 755570, , , , , FA51B2B791A8A47BF182A6C39ADE8EED, 385518606EF89EF0E0FB50A5E69AD9185AAB0C5C7AEA21AF0F5C0A7B35062E2E
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Local Storage\file__0.localstorage, In Quarantäne, 4056, 755570, , , , , 5AEDEA9A3A8C24535DBE8E518D4F390E, 5AC056D0AB7834651AE8F430EAE538A8D49F5C570E112D72C41A921F88A70439
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Local Storage\file__0.localstorage-journal, In Quarantäne, 4056, 755570, , , , , 4B7D57CC3141242DC7A8D1F19B1B7949, B74B98D063A2D7E6EC965EB2FE0646D2FD4BFF49C345F049728B9C20AD593C12
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\cookies, In Quarantäne, 4056, 755570, , , , , 0A149D1DB8612AE149B4B3A03204D29F, 6984F4A4A4CBB11E3B6057314EC765D5210521478FF411F883FC5EC2F31D6768
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\cookies-journal, In Quarantäne, 4056, 755570, , , , , C43C8F303D6A6E691A5A60DD561CA60B, CAE41B3F788236ACD53EC16D5F86075EBEDCF38E67D6116F95F743A63C91E6C4
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\QuotaManager, In Quarantäne, 4056, 755570, , , , , ECB993BF4D60D6030F1EE5BEAC7F3BD2, A0D9CC294AD407370D1CD13095B9B6B310108C0221AB8654EC79CA7413DEC350
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\QuotaManager-journal, In Quarantäne, 4056, 755570, , , , , 305346BFD650099A3A723E30455AC859, 826D4B9797E7F9E9F52EC5DAB9738621613EB9E334CCEF3A0142E42C462FC3C9
PUP.Optional.Messenger2go, C:\Users\Kinder\AppData\Local\Messenger2go\Web Data, In Quarantäne, 4056, 755570, , , , , 2B455F9577D1E7C09F6D417B3005CF94, D8F9AC1C53666153A5387B342FB6ABE5B294A8DC92EA07CAB69ADA9ABBE2B9E7
Generic.Malware/Suspicious, C:\USERS\KINDER\APPDATA\LOCAL\JAYTAM.BIN, In Quarantäne, 0, 392686, 1.0.29643, , shuriken, , CB815A3CE5036992DFF516C378C97326, E073E517502E681EB6164C91745336A97C5680AEC97F957FFEBC97EE8D7F3A63
Generic.Malware/Suspicious, C:\USERS\KINDER\APPDATA\LOCAL\TEMP\CSRSS\COLLECTCHROMEFINGERPRINT.EXE, In Quarantäne, 0, 392686, 1.0.29643, , shuriken, , C07A4F2C1ED89B5044EAE1D832F49FC7, 5A3ED5641F881089FA932992BBB36343E2BEA21B97F7C20342E4524309BEA6D7
Trojan.Dropper, C:\WINDOWS\SYSTEM32\TASKS\Smart Clock, In Quarantäne, 852, 820541, 1.0.29643, , ame, , 21CE69F55B7AC2C2453E26C36C8EA7F4, CEA4EE49822BA06A599C95C471CDBA9382DC935A2519E86341E4011AB54C72EF
RiskWare.Agent, C:\$RECYCLE.BIN\S-1-5-21-1644298985-1144607659-2240355001-1002\$RUIDDWF.RAR, In Quarantäne, 3936, 855483, 1.0.29643, , ame, , C0B837582E43C3F261C03E89E089D54D, 192FAAEC6D69315230B56697B09ACBFD4D0D1A9CA600AD2F649300CFDD628066
Generic.Malware/Suspicious, C:\USERS\KINDER\APPDATA\LOCAL\TEMP\CSRSS\GETCLHASH3.EXE, In Quarantäne, 0, 392686, 1.0.29643, , shuriken, , 08103650C80FE70D1D9647E1BB7B9FC9, FCC0E1D6F7321750DD273164F97473D1E4F1C78AF63A539DBB9DCF900E3C1781
Adware.InstallCore, C:\USERS\KINDER\Desktop\Die Installation von Milfy City Download Free fortsetzen.lnk, In Quarantäne, 507, 845509, , , , , E21BBC25ED85668FA061B7642DC1373D, 6B797BAFFC5DB8A5EBBD7C6F09D8A389A8EF829E5F9C4E1D6EB02DFF6C20A9FC
Adware.InstallCore, C:\USERS\KINDER\APPDATA\LOCAL\TEMP\MILFY CITY DOWNLOAD FREE_3398199498.EXE, In Quarantäne, 507, 845509, 1.0.29643, 4757042DEB73FB3C6098FB39, dds, 00890494, 5B86F805DB0D8EE847718F633CB5DDAC, 4AB65856C9EBEFBA53F6323549779A6FCDB155E04224614603E0CBDF30C04D2B
PUP.Optional.ChipDe, C:\USERS\KINDER\DOWNLOADS\ADWCLEANER - CHIP-INSTALLER - KOPIE.EXE, In Quarantäne, 595, 562568, 1.0.29643, , ame, , 43477B35329B220CDBBA911269FF221D, 087CC8E1227D4AA5899D47E49855F1E36E5934331C1BDC9823ED8E5C2A732972
PUP.Optional.ChipDe, C:\USERS\KINDER\DOWNLOADS\FIREFOX 64 BIT - CHIP-INSTALLER (1).EXE, In Quarantäne, 595, 562568, 1.0.29643, , ame, , C3295C463B6F7D59B772D23A9580A176, 24376904985C9F058CE45507A2379251AD468E82BFCBD8D5D9192787C00917E3
PUP.Optional.BundleInstaller, C:\USERS\KINDER\APPDATA\LOCAL\SETUP85304.EXE, In Quarantäne, 515, 853152, 1.0.29643, , ame, , C7F52865F4C7444AF6480977272F3E1D, FD4673EDB15D18EFD3F554ABC0F4B4A45F15FD4D48BECDB032B6279DAB2E5196
PUP.Optional.BundleInstaller, C:\USERS\KINDER\APPDATA\LOCAL\SETUP42079.EXE, In Quarantäne, 515, 853152, 1.0.29643, , ame, , C7F52865F4C7444AF6480977272F3E1D, FD4673EDB15D18EFD3F554ABC0F4B4A45F15FD4D48BECDB032B6279DAB2E5196
Malware.AI.2449474050, C:\USERS\KINDER\APPDATA\ROAMING\Microsoft\Windows\Recent\Skiddz X V2 (2).lnk, In Quarantäne, 1000000, 0, , , , , 30B1677D67595B7E8CBA38A623D98CCC, 9787E0353B57F7B9B963579948DB1A3359367A150F58E2FDD9BC386288F3ADB9
Malware.AI.2449474050, C:\USERS\KINDER\DOWNLOADS\SKIDDZ X V2.ZIP, In Quarantäne, 1000000, 0, 1.0.29643, C5B9777BB659908192000202, dds, 00890494, E1EC8D4FE38D95D3863DCCD2EDF54193, 5B0A26D49CE8BC6372C7D51857368B09EB15B687AC3718BC1FAB02E7E4310E25
PUP.Optional.BundleInstaller, C:\USERS\KINDER\APPDATA\LOCAL\SETUP29385.EXE, In Quarantäne, 515, 853152, 1.0.29643, , ame, , C7F52865F4C7444AF6480977272F3E1D, FD4673EDB15D18EFD3F554ABC0F4B4A45F15FD4D48BECDB032B6279DAB2E5196
PUP.Optional.BundleInstaller, C:\USERS\KINDER\APPDATA\LOCAL\SETUP25690.EXE, In Quarantäne, 515, 853152, 1.0.29643, , ame, , C7F52865F4C7444AF6480977272F3E1D, FD4673EDB15D18EFD3F554ABC0F4B4A45F15FD4D48BECDB032B6279DAB2E5196
PUP.Optional.BundleInstaller, C:\USERS\KINDER\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\6Q4GSHNH\SETUP[2].EXE, In Quarantäne, 515, 853152, 1.0.29643, , ame, , C7F52865F4C7444AF6480977272F3E1D, FD4673EDB15D18EFD3F554ABC0F4B4A45F15FD4D48BECDB032B6279DAB2E5196

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)

(end)

Hier ist der Scan report!

Liebe Grüße

Tobias

[Maurice Naggar]

Thank you for the report.   I have one ginat favor to ask, that is to always only just attach any / all reports I ask for.  Please just do not use 'copy' & 'paste' into the main body of a reply.

• To upload a repost as a  attachment    please click the link as shown below. Then browse to where your file is located and select it and click the Open button.

.

The last scan with Malwarebytes for Windows found and removed a lot of P U P , mainly in the cache area of Messenger.

.

as a next step,    

I would suggest a free scan with the ESET Online Scanner
Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

 

It will start a download of "esetonlinescanner.exe"
Save the file to your system, such as the Downloads folder, or else to the Desktop.

Go to the saved file, and double click it to get it started.

When presented with the initial ESET options, click on "Computer Scan".

Next, when prompted by Windows, allow it to start by clicking Yes

When prompted for scan type, Click on Full scan

Look at & tick  ( select )   the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click on Start scan button.

Have patience.  The entire process may take an hour or more. There is an initial update download.
There is a progress window display.
You should ignore all prompts to get the ESET antivirus software program.   ( e.g.  their standard program).   You do not need to buy or get or install anything else.

When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.
Click The blue “Save scan log” to save the log.
If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files”  ( in blue, at bottom).
Press Continue when all done.  You should click to off the offer for “periodic scanning”.

[Tobi]

Hier ist die Scan-Log Datei!

Liebe Grüße

Tobias

ESET Scan-Log.txt

[Maurice Naggar]

Hello.   Thank you for the ESET scan log.   That run indicates it found 1 trojan, 1 adware, & 2 problematic DLL files.

I would suggest a follow-up scan using a different security vendor's scan.

TrendMicro HouseCall scan
https://www.trendmicro.com/en_us/forHome/products/housecall.html

First, Download & Save to your Downloads folder the appropriate HouseCallLauncher

Once the download is complete, go to where the Housecalllauncher is saved & double-click it to start it.
The program will check with TrendMicro & do a update run.

Next it will show the Disclosure window.
Click Next to proceed.

The end user license agreement is presented.   Click the Accept radio button & click Next to proceed.

IF you wish a Full scan or a Custom scan, first click on the Settings
then you can select which drives you want to include in the scan.
The default is a Quick scan.
Click Scan now when ready.

The scan progress will then be displayed.   Monitor the progress or just leave it alone until it finishes this phase.

When the scan phase has completed, if any items are tagged, you will see a list, showing  the file & its location, the classification of the threat, the type, risk, and Action option.
If you see an item that you know is safe, you can click the Action  , and select Ignore.
When all done & ready, click the Fix now button.

[AdvancedSetup]

Hello @Tobi

Following up to see if you need any additional further assistance.

Please post a follow up on your status when you have a moment

Thank you

 

[Maurice Naggar]

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks