Adobe deinstalieren, bei Adobe direkt die neue Version laden.
Firefox öffnen > Hilfe > Über Firefox > updaten

Emsisoft AntiMalware.

FRST geht nit weil du FRST nicht auf dem Desktop hast.

Zitat:

Running from C:\Users\hühne\Downloads

Speichere die Fixlist im Downloads Ordner

Mozilla ist aktualisiert und Adobe auch.
Wie kriege ich das FRST auf den Desktop?

OK FRST ist auf dem Desktop.
FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-05-2014
Ran by hühne (administrator) on HÜHNE-PC on 06-05-2014 13:34:50
Running from C:\Users\hühne\Downloads\FRST-OlderVersion\FRST-OlderVersion
Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Spotify Ltd) C:\Users\hühne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-30] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1812264 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [715368 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [385024 2008-02-01] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [Spotify Web Helper] => C:\Users\hühne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [AppSafe] => C:\Program Files\AppSafe\AppSafe.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\music toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files\music toolbar\datamngr\apcrtldr.dll <===== ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Music Toolbar) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [2014-04-29]
CHR Extension: (Google Docs) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-15]
CHR Extension: (Google Drive) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-15]
CHR Extension: (YouTube) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-15]
CHR Extension: (Google-Suche) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-15]
CHR Extension: (Google Wallet) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR Extension: (Google Mail) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-15]
CHR HKLM\...\Chrome\Extension: [aaaaihhnfnbnpbhpagnmoplpcjbediml] - C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181\GC\toolbar.crx [2014-01-27]

========================== Services (Whitelisted) =================

S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-15] (WildTangent)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S2 AntiVirWebService; "C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

==================== Drivers (Whitelisted) ====================

R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [116008 2010-11-12] (ELAN Microelectronics Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)
R4 PxHelp20; System32\Drivers\PxHelp20.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-06 13:33 - 2014-05-06 13:33 - 00006338 _____ () C:\Users\hühne\Desktop\FRST - Verknüpfung.lnk
2014-05-06 13:20 - 2014-05-06 13:30 - 00000000 ___RD () C:\Users\hühne\Downloads\Fixlist
2014-05-06 10:28 - 2014-05-06 13:24 - 00000000 ____D () C:\Users\hühne\Downloads\FRST-OlderVersion
2014-05-06 10:27 - 2014-05-06 10:27 - 00001042 _____ () C:\Users\hühne\Downloads\FRST - Verknüpfung.lnk
2014-05-06 09:59 - 2014-05-06 09:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-06 09:59 - 2014-05-06 09:59 - 00002001 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-06 09:25 - 2014-05-06 09:25 - 00000000 ____D () C:\Windows\system32\syncdb
2014-05-05 20:59 - 2014-05-05 21:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-04 15:44 - 2014-05-04 15:49 - 00000810 _____ () C:\Users\hühne\Desktop\fixlist.txt.txt
2014-05-04 15:33 - 2014-05-04 15:33 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-04 15:33 - 2014-05-04 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-04 15:14 - 2014-05-04 15:14 - 38317592 _____ (Google Inc.) C:\Users\hühne\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe
2014-05-03 15:48 - 2014-05-03 15:48 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (2).exe
2014-05-03 15:42 - 2014-05-03 15:43 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (1).exe
2014-05-03 15:41 - 2014-05-03 15:42 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck.exe
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieUserList
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieSiteList
2014-05-03 15:12 - 2014-05-03 15:12 - 02347384 _____ (ESET) C:\Users\hühne\Downloads\esetsmartinstaller_deu.exe
2014-05-02 08:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-01 06:57 - 2014-05-01 06:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 19:39 - 2014-04-30 19:39 - 00010224 _____ () C:\Users\hühne\Desktop\JRT.txt
2014-04-30 19:18 - 2014-04-30 19:20 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (2).exe
2014-04-30 19:18 - 2014-04-30 19:19 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (1).exe
2014-04-30 19:13 - 2014-04-30 19:13 - 00000000 ____D () C:\ProgramData\2D9F
2014-04-30 19:08 - 2014-04-30 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 19:05 - 2014-04-30 19:06 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT.exe
2014-04-30 18:54 - 2014-04-30 19:10 - 00001606 _____ () C:\Windows\system32\debug.log
2014-04-30 18:16 - 2014-04-30 18:16 - 00001234 _____ () C:\Users\hühne\Desktop\Revo Uninstaller.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-30 18:15 - 2014-04-30 18:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\hühne\Downloads\revosetup95.exe
2014-04-30 12:17 - 2014-05-02 08:48 - 00000000 ____D () C:\AdwCleaner
2014-04-30 12:03 - 2014-04-30 12:06 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner.exe
2014-04-30 07:33 - 2014-05-06 13:09 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-30 07:30 - 2014-04-30 07:30 - 00001072 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-30 07:30 - 2014-04-30 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-30 07:29 - 2014-04-30 07:30 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-30 07:29 - 2014-04-30 07:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-30 07:29 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-30 07:29 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-30 07:29 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-30 07:25 - 2014-04-30 07:25 - 01101794 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-30 07:23 - 2014-04-30 07:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-30 07:23 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-30 07:23 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-29 17:42 - 2014-04-29 17:42 - 00000000 ____D () C:\ProgramData\24206
2014-04-29 07:13 - 2014-04-29 07:13 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\MusicNet
2014-04-29 07:12 - 2014-04-29 07:12 - 00000000 ____D () C:\Users\hühne\Documents\My Received Files
2014-04-29 06:48 - 2014-04-29 07:03 - 00036772 _____ () C:\Users\hühne\Downloads\Addition.txt
2014-04-29 06:44 - 2014-05-03 16:13 - 00033504 _____ () C:\Users\hühne\Downloads\FRST.txt
2014-04-29 06:40 - 2014-05-06 13:34 - 00000000 ____D () C:\FRST
2014-04-29 06:33 - 2014-04-29 06:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181
2014-04-29 06:29 - 2014-05-06 10:28 - 01053184 _____ (Farbar) C:\Users\hühne\Downloads\FRST.exe
2014-04-26 21:29 - 2014-04-30 17:51 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Nico Mak Computing
2014-04-26 21:26 - 2014-04-26 21:27 - 04892480 _____ (WinZip International LLC ) C:\Users\hühne\Downloads\wzmp_8.exe
2014-04-26 17:14 - 2014-04-26 17:14 - 00000043 _____ () C:\Users\hühne\AppData\Roaming\WB.CFG
2014-04-25 16:57 - 2014-05-05 12:00 - 00000240 _____ () C:\Windows\Tasks\AppSafe.job
2014-04-25 16:41 - 2014-04-25 16:42 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer (1).exe
2014-04-25 16:40 - 2014-04-25 16:41 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer.exe
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-25 16:38 - 2014-05-06 13:08 - 00000294 _____ () C:\Windows\Tasks\Price Meter Updater.job
2014-04-25 16:08 - 2014-04-25 16:10 - 04994480 _____ (Adobe Systems Inc.) C:\Users\hühne\Downloads\Shockwave_Installer_Slim.exe
2014-04-25 15:56 - 2014-04-25 15:58 - 02682880 _____ () C:\Users\hühne\Downloads\AdbeRdrSecUpd11005.msp
2014-04-17 20:04 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 20:03 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 20:03 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 20:03 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 20:03 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 20:03 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 20:03 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 20:03 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 20:03 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 20:03 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 20:02 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 20:02 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 20:02 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 20:02 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 20:02 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 20:02 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 20:02 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 20:02 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 20:02 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 20:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 20:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 20:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 20:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 20:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 20:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 20:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-15 20:22 - 2014-04-15 20:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-12 19:09 - 2014-04-12 19:09 - 00003288 ____N () C:\bootsqm.dat
2014-04-10 16:48 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 16:48 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 16:48 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 16:48 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 16:48 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 16:48 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-06 13:34 - 2014-04-29 06:40 - 00000000 ____D () C:\FRST
2014-05-06 13:33 - 2014-05-06 13:33 - 00006338 _____ () C:\Users\hühne\Desktop\FRST - Verknüpfung.lnk
2014-05-06 13:30 - 2014-05-06 13:20 - 00000000 ___RD () C:\Users\hühne\Downloads\Fixlist
2014-05-06 13:30 - 2012-12-04 18:12 - 00000394 _____ () C:\Windows\Tasks\Packard Bell Registration - Reminder Recall task.job
2014-05-06 13:24 - 2014-05-06 10:28 - 00000000 ____D () C:\Users\hühne\Downloads\FRST-OlderVersion
2014-05-06 13:15 - 2012-12-18 20:07 - 00000799 _____ () C:\Users\hühne\Documents\Fixlist.txt
2014-05-06 13:09 - 2014-04-30 07:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-06 13:09 - 2013-10-15 14:39 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-06 13:08 - 2014-04-25 16:38 - 00000294 _____ () C:\Windows\Tasks\Price Meter Updater.job
2014-05-06 10:31 - 2012-09-02 17:26 - 01971542 _____ () C:\Windows\WindowsUpdate.log
2014-05-06 10:28 - 2014-04-29 06:29 - 01053184 _____ (Farbar) C:\Users\hühne\Downloads\FRST.exe
2014-05-06 10:27 - 2014-05-06 10:27 - 00001042 _____ () C:\Users\hühne\Downloads\FRST - Verknüpfung.lnk
2014-05-06 10:01 - 2012-11-30 18:40 - 00000000 ____D () C:\Users\hühne\AppData\Local\Adobe
2014-05-06 09:59 - 2014-05-06 09:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-06 09:59 - 2014-05-06 09:59 - 00002001 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-06 09:58 - 2011-12-16 14:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-06 09:57 - 2011-12-16 14:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-06 09:57 - 2011-12-16 14:00 - 00000000 ____D () C:\Program Files\Adobe
2014-05-06 09:25 - 2014-05-06 09:25 - 00000000 ____D () C:\Windows\system32\syncdb
2014-05-06 09:00 - 2009-07-14 06:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-06 09:00 - 2009-07-14 06:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-05 21:35 - 2013-12-14 21:26 - 00000022 _____ () C:\Users\hühne\Downloads\BTM.zip
2014-05-05 21:08 - 2013-10-15 14:39 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-05 21:02 - 2014-05-05 20:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-05 12:00 - 2014-04-25 16:57 - 00000240 _____ () C:\Windows\Tasks\AppSafe.job
2014-05-05 11:10 - 2009-07-14 06:39 - 00049589 _____ () C:\Windows\setupact.log
2014-05-04 15:49 - 2014-05-04 15:44 - 00000810 _____ () C:\Users\hühne\Desktop\fixlist.txt.txt
2014-05-04 15:33 - 2014-05-04 15:33 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-04 15:33 - 2014-05-04 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-04 15:14 - 2014-05-04 15:14 - 38317592 _____ (Google Inc.) C:\Users\hühne\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe
2014-05-03 16:13 - 2014-04-29 06:44 - 00033504 _____ () C:\Users\hühne\Downloads\FRST.txt
2014-05-03 16:01 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-03 16:00 - 2010-11-20 23:48 - 00300314 _____ () C:\Windows\PFRO.log
2014-05-03 15:48 - 2014-05-03 15:48 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (2).exe
2014-05-03 15:43 - 2014-05-03 15:42 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (1).exe
2014-05-03 15:42 - 2014-05-03 15:41 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck.exe
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieUserList
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieSiteList
2014-05-03 15:12 - 2014-05-03 15:12 - 02347384 _____ (ESET) C:\Users\hühne\Downloads\esetsmartinstaller_deu.exe
2014-05-02 08:52 - 2009-07-14 06:53 - 00025580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-02 08:48 - 2014-04-30 12:17 - 00000000 ____D () C:\AdwCleaner
2014-05-02 08:47 - 2012-12-30 15:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-05-01 06:57 - 2014-05-01 06:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 19:39 - 2014-04-30 19:39 - 00010224 _____ () C:\Users\hühne\Desktop\JRT.txt
2014-04-30 19:20 - 2014-04-30 19:18 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (2).exe
2014-04-30 19:19 - 2014-04-30 19:18 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (1).exe
2014-04-30 19:13 - 2014-04-30 19:13 - 00000000 ____D () C:\ProgramData\2D9F
2014-04-30 19:10 - 2014-04-30 18:54 - 00001606 _____ () C:\Windows\system32\debug.log
2014-04-30 19:08 - 2014-04-30 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 19:06 - 2014-04-30 19:05 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT.exe
2014-04-30 19:02 - 2013-06-09 12:34 - 00000000 ____D () C:\Users\hühne\AppData\Local\CrashDumps
2014-04-30 18:48 - 2013-02-03 12:06 - 00000000 ____D () C:\ProgramData\Avira
2014-04-30 18:16 - 2014-04-30 18:16 - 00001234 _____ () C:\Users\hühne\Desktop\Revo Uninstaller.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-30 18:15 - 2014-04-30 18:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\hühne\Downloads\revosetup95.exe
2014-04-30 17:51 - 2014-04-26 21:29 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Nico Mak Computing
2014-04-30 17:48 - 2011-12-16 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-04-30 17:48 - 2011-12-16 13:37 - 00000000 ____D () C:\Program Files\Packard Bell
2014-04-30 12:06 - 2014-04-30 12:03 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner.exe
2014-04-30 07:30 - 2014-04-30 07:30 - 00001072 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-30 07:30 - 2014-04-30 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-30 07:30 - 2014-04-30 07:29 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-30 07:29 - 2014-04-30 07:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-30 07:25 - 2014-04-30 07:25 - 01101794 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-30 07:25 - 2014-04-30 07:23 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 17:42 - 2014-04-29 17:42 - 00000000 ____D () C:\ProgramData\24206
2014-04-29 07:13 - 2014-04-29 07:13 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\MusicNet
2014-04-29 07:12 - 2014-04-29 07:12 - 00000000 ____D () C:\Users\hühne\Documents\My Received Files
2014-04-29 07:03 - 2014-04-29 06:48 - 00036772 _____ () C:\Users\hühne\Downloads\Addition.txt
2014-04-29 06:33 - 2014-04-29 06:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181
2014-04-26 21:27 - 2014-04-26 21:26 - 04892480 _____ (WinZip International LLC ) C:\Users\hühne\Downloads\wzmp_8.exe
2014-04-26 17:14 - 2014-04-26 17:14 - 00000043 _____ () C:\Users\hühne\AppData\Roaming\WB.CFG
2014-04-25 16:42 - 2014-04-25 16:41 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer (1).exe
2014-04-25 16:41 - 2014-04-25 16:40 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer.exe
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-25 16:10 - 2014-04-25 16:08 - 04994480 _____ (Adobe Systems Inc.) C:\Users\hühne\Downloads\Shockwave_Installer_Slim.exe
2014-04-25 15:58 - 2014-04-25 15:56 - 02682880 _____ () C:\Users\hühne\Downloads\AdbeRdrSecUpd11005.msp
2014-04-25 08:31 - 2012-12-30 16:04 - 00000000 ____D () C:\Users\hühne\Desktop\Musik
2014-04-20 12:55 - 2013-03-06 09:53 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Spotify
2014-04-20 12:38 - 2012-12-04 18:12 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Skype
2014-04-18 08:16 - 2013-03-06 09:53 - 00000000 ____D () C:\Users\hühne\AppData\Local\Spotify
2014-04-17 20:33 - 2010-11-20 23:01 - 01619832 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 20:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-16 11:17 - 2014-04-02 14:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\Windows Live
2014-04-15 20:24 - 2011-12-16 13:32 - 00000000 ____D () C:\Program Files\WildTangent Games
2014-04-15 20:22 - 2014-04-15 20:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-14 04:11 - 2014-04-30 07:23 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:07 - 2014-04-30 07:23 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-12 19:09 - 2014-04-12 19:09 - 00003288 ____N () C:\bootsqm.dat

Some content of TEMP:
====================
C:\Users\hühne\AppData\Local\Temp\7.8.20.2-EasyShrx.Dll
C:\Users\hühne\AppData\Local\Temp\AskSLib.dll
C:\Users\hühne\AppData\Local\Temp\avgnt.exe
C:\Users\hühne\AppData\Local\Temp\BackupSetup.exe
C:\Users\hühne\AppData\Local\Temp\install_flashplayer13x32au_mssa_aaa_aih.exe
C:\Users\hühne\AppData\Local\Temp\install_reader11_de_mssa_aaa_aih.exe
C:\Users\hühne\AppData\Local\Temp\IrsoDLL.dll
C:\Users\hühne\AppData\Local\Temp\Quarantine.exe
C:\Users\hühne\AppData\Local\Temp\SEVINST.EXE
C:\Users\hühne\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-04 13:17

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

Jetzt weiß ich nicht wie ich die Fixlist in den Downloadordner kriege:-(

Is das echt so schwer?

FRST sowie die Fixlist müssen am gleichen Platz liegen. Entweder beides auf dem Desktop, oder beides im Download Ordner. Jeweils einfach dahin ziehen.

Von mir aus kannste auch beides neben den Bildern der letzten Party speichern, Hauptsache am gleichen Ort

FRST und Fixlist sind beide auf dem Desktop und wenn ich FRST starte und den Fix Button klicke sagt er mir "no fixlist found".

Unmöglich . Screenshot vom Desktop bitte.

ich hab den screenshot vom desktop in word gespeichert,verrate mir mal,wie ich den hier posten kann,bitte.

Unten in der Antwortbox auf erweitert klicken, runter scrollen, Anhänge verwalten.

Dateien anhängen
Erlaubte Dateierweiterungen: 7z doc gif jpe jpeg jpg log pdf png psd rar speccy txt xlsx zip
screenshot desktop3.txt (9 Bytes)

haha,da kannst sicher was mit anfangen.wenn ich die Datei hochgeladen habe,wie bekomme ich sie in den Antwortkasten?ich weiß,ich bin sowas von anstrengend,da musst Du Dich schon etwas klarer ausdrücken

noch ein Versuch...

Ein Screenshot ist ein Bild, du hängst hier Textdateien an. Weißt Du wie man einen Screenshot macht?

also,die "Druck"Taste drücken und dann in Word speichern,da hab ich dann auch das Bild vom Desktop.Aber ich kriegs hier im Forum nicht hochgeladen.Was mache ich denn falsch?Geb mir mal genaue Instruktionen,ich weiß nicht weiter.

Noch ein Versuch,diesmal mit Paint.

wie ich es mir schon dachte.....

FRST ist als Verknüpfung auf dem Desktop. Das is scheisse, das war so niemals die Anweisung. FRST löschen, neu laden, auf dem Desktop speichern, dann funzt das auch

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:11-05-2014
Ran by hühne at 2014-05-11 19:47:12 Run:1
Running from C:\Users\hühne\Documents
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\...\AppCertDlls: [x64] -> c:\program files\music toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files\music toolbar\datamngr\apcrtldr.dll <===== ATTENTION
c:\program files\music toolbar
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-30] ()
C:\Windows\system32\GfxCUIServiceInstall.vbs
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [AppSafe] => C:\Program Files\AppSafe\AppSafe.exe
CHR HKLM\...\Chrome\Extension: [aaaaihhnfnbnpbhpagnmoplpcjbediml] - C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181\GC\toolbar.crx [2014-01-27]
CHR Extension: (Music Toolbar) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [2014-04-29]
*****************

HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Value deleted successfully.
"c:\program files\music toolbar" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GfxServiceInstall => Value deleted successfully.
C:\Windows\system32\GfxCUIServiceInstall.vbs => Moved successfully.
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AppSafe => Value deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml => Key deleted successfully.
C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181\GC\toolbar.crx => Moved successfully.
C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml => Moved successfully.

==== End of Fixlog ====

Getting user folders.

Stopping running processes.

Emptying Temp folders.


User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: hühne
->Temp folder emptied: 1279406193 bytes
->Temporary Internet Files folder emptied: 32349330 bytes
->FireFox cache emptied: 49857002 bytes
->Google Chrome cache emptied: 438951358 bytes
->Flash cache emptied: 674 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 727161277 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 21061762 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 9722602 bytes
Process complete!

Total Files Cleaned = 2.440,00 mb


FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014 01
Ran by hühne (administrator) on HÜHNE-PC on 11-05-2014 19:59:53
Running from C:\Users\hühne\Downloads
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1812264 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [715368 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [385024 2008-02-01] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [Spotify Web Helper] => C:\Users\hühne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-1313469467-449356098-3674421868-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\hühne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-1313469467-449356098-3674421868-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AppSafe] => C:\Program Files\AppSafe\AppSafe.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-15]
CHR Extension: (Google Drive) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-15]
CHR Extension: (YouTube) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-15]
CHR Extension: (Google-Suche) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-15]
CHR Extension: (Google Wallet) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR Extension: (Google Mail) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-15]

========================== Services (Whitelisted) =================

S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-15] (WildTangent)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S2 AntiVirWebService; "C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

==================== Drivers (Whitelisted) ====================

R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [116008 2010-11-12] (ELAN Microelectronics Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-11 19:51 - 2014-05-11 19:51 - 00448512 _____ (OldTimer Tools) C:\Users\hühne\Downloads\TFC.exe
2014-05-11 19:46 - 2014-05-11 19:46 - 00001136 _____ () C:\Users\hühne\Desktop\FRST (1) - Verknüpfung.lnk
2014-05-11 19:44 - 2014-05-11 19:36 - 01055232 _____ (Farbar) C:\Users\hühne\Documents\FRST (1).exe
2014-05-11 19:39 - 2014-05-11 19:39 - 00000000 ____D () C:\Users\hühne\Downloads\FRST
2014-05-11 06:46 - 2014-05-11 06:46 - 00000000 __RHD () C:\MSOCache
2014-05-10 21:00 - 2014-05-10 21:00 - 00004215 _____ () C:\Users\hühne\Documents\screenshot desktop3 (3).txt
2014-05-09 21:32 - 2014-05-09 21:32 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (7).txt
2014-05-09 21:28 - 2014-05-09 21:29 - 00000008 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (6).txt
2014-05-09 21:27 - 2014-05-09 21:27 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (5).txt
2014-05-09 21:23 - 2014-05-09 21:23 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (4).txt
2014-05-09 21:20 - 2014-05-09 21:20 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (3).txt
2014-05-09 21:17 - 2014-05-09 21:17 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (2).txt
2014-05-09 21:15 - 2014-05-09 21:15 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (1).txt
2014-05-09 21:14 - 2014-05-09 21:15 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3.txt
2014-05-09 21:13 - 2014-05-09 21:21 - 00000009 _____ () C:\Users\hühne\Documents\screenshot desktop3.txt
2014-05-09 21:09 - 2014-05-09 21:09 - 00220994 _____ () C:\Users\hühne\Documents\screenshot desktop2.odt
2014-05-08 13:57 - 2014-05-08 13:57 - 00000000 ____D () C:\Users\hühne\AppData\Local\{F171E67C-A017-4C4E-A69A-AD12A3927D7B}
2014-05-06 13:20 - 2014-05-06 13:30 - 00000000 ___RD () C:\Users\hühne\Downloads\Fixlist
2014-05-06 10:28 - 2014-05-11 19:59 - 00000000 ____D () C:\Users\hühne\Downloads\FRST-OlderVersion
2014-05-06 10:27 - 2014-05-06 10:27 - 00001042 _____ () C:\Users\hühne\Downloads\FRST - Verknüpfung.lnk
2014-05-06 09:59 - 2014-05-06 09:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-06 09:59 - 2014-05-06 09:59 - 00002001 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-06 09:25 - 2014-05-06 09:25 - 00000000 ____D () C:\Windows\system32\syncdb
2014-05-05 20:59 - 2014-05-05 21:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-04 15:44 - 2014-05-06 13:46 - 00000810 _____ () C:\Users\hühne\Desktop\fixlist.txt.txt
2014-05-04 15:33 - 2014-05-04 15:33 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-04 15:33 - 2014-05-04 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-04 15:14 - 2014-05-04 15:14 - 38317592 _____ (Google Inc.) C:\Users\hühne\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe
2014-05-03 15:48 - 2014-05-03 15:48 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (2).exe
2014-05-03 15:42 - 2014-05-03 15:43 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (1).exe
2014-05-03 15:41 - 2014-05-03 15:42 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck.exe
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieUserList
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieSiteList
2014-05-03 15:12 - 2014-05-03 15:12 - 02347384 _____ (ESET) C:\Users\hühne\Downloads\esetsmartinstaller_deu.exe
2014-05-02 08:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-01 06:57 - 2014-05-01 06:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 19:39 - 2014-04-30 19:39 - 00010224 _____ () C:\Users\hühne\Desktop\JRT.txt
2014-04-30 19:18 - 2014-04-30 19:20 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (2).exe
2014-04-30 19:18 - 2014-04-30 19:19 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (1).exe
2014-04-30 19:13 - 2014-04-30 19:13 - 00000000 ____D () C:\ProgramData\2D9F
2014-04-30 19:08 - 2014-04-30 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 19:05 - 2014-04-30 19:06 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT.exe
2014-04-30 18:54 - 2014-04-30 19:10 - 00001606 _____ () C:\Windows\system32\debug.log
2014-04-30 18:16 - 2014-04-30 18:16 - 00001234 _____ () C:\Users\hühne\Desktop\Revo Uninstaller.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-30 18:15 - 2014-04-30 18:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\hühne\Downloads\revosetup95.exe
2014-04-30 12:17 - 2014-05-02 08:48 - 00000000 ____D () C:\AdwCleaner
2014-04-30 12:03 - 2014-04-30 12:06 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner.exe
2014-04-30 07:33 - 2014-05-11 19:25 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-30 07:30 - 2014-04-30 07:30 - 00001072 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-30 07:30 - 2014-04-30 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-30 07:29 - 2014-04-30 07:30 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-30 07:29 - 2014-04-30 07:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-30 07:29 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-30 07:29 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-30 07:29 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-30 07:25 - 2014-04-30 07:25 - 01101794 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-30 07:23 - 2014-04-30 07:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-30 07:23 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-30 07:23 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-29 17:42 - 2014-04-29 17:42 - 00000000 ____D () C:\ProgramData\24206
2014-04-29 07:13 - 2014-04-29 07:13 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\MusicNet
2014-04-29 07:12 - 2014-04-29 07:12 - 00000000 ____D () C:\Users\hühne\Documents\My Received Files
2014-04-29 06:48 - 2014-04-29 07:03 - 00036772 _____ () C:\Users\hühne\Downloads\Addition.txt
2014-04-29 06:44 - 2014-05-11 19:59 - 00011430 _____ () C:\Users\hühne\Downloads\FRST.txt
2014-04-29 06:40 - 2014-05-11 19:59 - 00000000 ____D () C:\FRST
2014-04-29 06:33 - 2014-04-29 06:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181
2014-04-29 06:29 - 2014-05-11 19:59 - 01056256 _____ (Farbar) C:\Users\hühne\Downloads\FRST.exe
2014-04-26 21:29 - 2014-04-30 17:51 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Nico Mak Computing
2014-04-26 21:26 - 2014-04-26 21:27 - 04892480 _____ (WinZip International LLC ) C:\Users\hühne\Downloads\wzmp_8.exe
2014-04-26 17:14 - 2014-04-26 17:14 - 00000043 _____ () C:\Users\hühne\AppData\Roaming\WB.CFG
2014-04-25 16:57 - 2014-05-05 12:00 - 00000240 _____ () C:\Windows\Tasks\AppSafe.job
2014-04-25 16:41 - 2014-04-25 16:42 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer (1).exe
2014-04-25 16:40 - 2014-04-25 16:41 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer.exe
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-25 16:38 - 2014-05-11 19:38 - 00000294 _____ () C:\Windows\Tasks\Price Meter Updater.job
2014-04-25 16:08 - 2014-04-25 16:10 - 04994480 _____ (Adobe Systems Inc.) C:\Users\hühne\Downloads\Shockwave_Installer_Slim.exe
2014-04-25 15:56 - 2014-04-25 15:58 - 02682880 _____ () C:\Users\hühne\Downloads\AdbeRdrSecUpd11005.msp
2014-04-17 20:04 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 20:03 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 20:03 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 20:03 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 20:03 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 20:03 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 20:03 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 20:03 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 20:03 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 20:03 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 20:02 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 20:02 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 20:02 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 20:02 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 20:02 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 20:02 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 20:02 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 20:02 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 20:02 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 20:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 20:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 20:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 20:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 20:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 20:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 20:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-15 20:22 - 2014-04-15 20:22 - 00000000 ____D () C:\ProgramData\BlueStacks

==================== One Month Modified Files and Folders =======

2014-05-11 20:00 - 2014-04-29 06:44 - 00011430 _____ () C:\Users\hühne\Downloads\FRST.txt
2014-05-11 20:00 - 2012-12-04 18:12 - 00000394 _____ () C:\Windows\Tasks\Packard Bell Registration - Reminder Recall task.job
2014-05-11 19:59 - 2014-05-06 10:28 - 00000000 ____D () C:\Users\hühne\Downloads\FRST-OlderVersion
2014-05-11 19:59 - 2014-04-29 06:40 - 00000000 ____D () C:\FRST
2014-05-11 19:59 - 2014-04-29 06:29 - 01056256 _____ (Farbar) C:\Users\hühne\Downloads\FRST.exe
2014-05-11 19:55 - 2013-10-15 14:39 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-11 19:52 - 2013-06-22 21:02 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\SoftGrid Client
2014-05-11 19:51 - 2014-05-11 19:51 - 00448512 _____ (OldTimer Tools) C:\Users\hühne\Downloads\TFC.exe
2014-05-11 19:51 - 2013-03-06 09:53 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Spotify
2014-05-11 19:46 - 2014-05-11 19:46 - 00001136 _____ () C:\Users\hühne\Desktop\FRST (1) - Verknüpfung.lnk
2014-05-11 19:39 - 2014-05-11 19:39 - 00000000 ____D () C:\Users\hühne\Downloads\FRST
2014-05-11 19:38 - 2014-04-25 16:38 - 00000294 _____ () C:\Windows\Tasks\Price Meter Updater.job
2014-05-11 19:36 - 2014-05-11 19:44 - 01055232 _____ (Farbar) C:\Users\hühne\Documents\FRST (1).exe
2014-05-11 19:25 - 2014-04-30 07:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-11 19:23 - 2012-09-02 17:26 - 01093274 _____ () C:\Windows\WindowsUpdate.log
2014-05-11 07:08 - 2013-03-06 09:53 - 00000000 ____D () C:\Users\hühne\AppData\Local\Spotify
2014-05-11 06:52 - 2013-10-15 14:39 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-11 06:46 - 2014-05-11 06:46 - 00000000 __RHD () C:\MSOCache
2014-05-10 21:00 - 2014-05-10 21:00 - 00004215 _____ () C:\Users\hühne\Documents\screenshot desktop3 (3).txt
2014-05-09 21:32 - 2014-05-09 21:32 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (7).txt
2014-05-09 21:29 - 2014-05-09 21:28 - 00000008 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (6).txt
2014-05-09 21:27 - 2014-05-09 21:27 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (5).txt
2014-05-09 21:23 - 2014-05-09 21:23 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (4).txt
2014-05-09 21:21 - 2014-05-09 21:13 - 00000009 _____ () C:\Users\hühne\Documents\screenshot desktop3.txt
2014-05-09 21:20 - 2014-05-09 21:20 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (3).txt
2014-05-09 21:17 - 2014-05-09 21:17 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (2).txt
2014-05-09 21:15 - 2014-05-09 21:15 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3 (1).txt
2014-05-09 21:15 - 2014-05-09 21:14 - 00000009 _____ () C:\Users\hühne\Downloads\screenshot desktop3.txt
2014-05-09 21:09 - 2014-05-09 21:09 - 00220994 _____ () C:\Users\hühne\Documents\screenshot desktop2.odt
2014-05-09 12:18 - 2009-07-14 06:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-09 12:18 - 2009-07-14 06:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-09 12:08 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-09 12:05 - 2009-07-14 06:53 - 00026084 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-09 12:04 - 2009-07-14 06:39 - 00049645 _____ () C:\Windows\setupact.log
2014-05-09 12:04 - 2009-07-14 06:33 - 00263408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-09 12:03 - 2012-12-01 09:33 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-09 12:03 - 2010-11-20 23:48 - 00303450 _____ () C:\Windows\PFRO.log
2014-05-08 13:57 - 2014-05-08 13:57 - 00000000 ____D () C:\Users\hühne\AppData\Local\{F171E67C-A017-4C4E-A69A-AD12A3927D7B}
2014-05-08 13:51 - 2013-06-22 21:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\Windows Live Writer
2014-05-08 13:50 - 2014-04-02 14:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\Windows Live
2014-05-08 13:50 - 2012-11-30 18:37 - 00059096 _____ () C:\Users\hühne\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-06 13:46 - 2014-05-04 15:44 - 00000810 _____ () C:\Users\hühne\Desktop\fixlist.txt.txt
2014-05-06 13:30 - 2014-05-06 13:20 - 00000000 ___RD () C:\Users\hühne\Downloads\Fixlist
2014-05-06 10:27 - 2014-05-06 10:27 - 00001042 _____ () C:\Users\hühne\Downloads\FRST - Verknüpfung.lnk
2014-05-06 10:01 - 2012-11-30 18:40 - 00000000 ____D () C:\Users\hühne\AppData\Local\Adobe
2014-05-06 09:59 - 2014-05-06 09:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-06 09:59 - 2014-05-06 09:59 - 00002001 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-06 09:58 - 2011-12-16 14:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-06 09:57 - 2011-12-16 14:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-06 09:57 - 2011-12-16 14:00 - 00000000 ____D () C:\Program Files\Adobe
2014-05-06 09:25 - 2014-05-06 09:25 - 00000000 ____D () C:\Windows\system32\syncdb
2014-05-05 21:35 - 2013-12-14 21:26 - 00000022 _____ () C:\Users\hühne\Downloads\BTM.zip
2014-05-05 21:02 - 2014-05-05 20:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-05 12:00 - 2014-04-25 16:57 - 00000240 _____ () C:\Windows\Tasks\AppSafe.job
2014-05-04 15:33 - 2014-05-04 15:33 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-04 15:33 - 2014-05-04 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-04 15:14 - 2014-05-04 15:14 - 38317592 _____ (Google Inc.) C:\Users\hühne\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe
2014-05-03 15:48 - 2014-05-03 15:48 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (2).exe
2014-05-03 15:43 - 2014-05-03 15:42 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (1).exe
2014-05-03 15:42 - 2014-05-03 15:41 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck.exe
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieUserList
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieSiteList
2014-05-03 15:12 - 2014-05-03 15:12 - 02347384 _____ (ESET) C:\Users\hühne\Downloads\esetsmartinstaller_deu.exe
2014-05-02 08:48 - 2014-04-30 12:17 - 00000000 ____D () C:\AdwCleaner
2014-05-02 08:47 - 2012-12-30 15:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-05-01 06:57 - 2014-05-01 06:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 19:39 - 2014-04-30 19:39 - 00010224 _____ () C:\Users\hühne\Desktop\JRT.txt
2014-04-30 19:20 - 2014-04-30 19:18 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (2).exe
2014-04-30 19:19 - 2014-04-30 19:18 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (1).exe
2014-04-30 19:13 - 2014-04-30 19:13 - 00000000 ____D () C:\ProgramData\2D9F
2014-04-30 19:10 - 2014-04-30 18:54 - 00001606 _____ () C:\Windows\system32\debug.log
2014-04-30 19:08 - 2014-04-30 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 19:06 - 2014-04-30 19:05 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT.exe
2014-04-30 19:02 - 2013-06-09 12:34 - 00000000 ____D () C:\Users\hühne\AppData\Local\CrashDumps
2014-04-30 18:48 - 2013-02-03 12:06 - 00000000 ____D () C:\ProgramData\Avira
2014-04-30 18:16 - 2014-04-30 18:16 - 00001234 _____ () C:\Users\hühne\Desktop\Revo Uninstaller.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-30 18:15 - 2014-04-30 18:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\hühne\Downloads\revosetup95.exe
2014-04-30 17:51 - 2014-04-26 21:29 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Nico Mak Computing
2014-04-30 17:48 - 2011-12-16 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-04-30 17:48 - 2011-12-16 13:37 - 00000000 ____D () C:\Program Files\Packard Bell
2014-04-30 12:06 - 2014-04-30 12:03 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner.exe
2014-04-30 07:30 - 2014-04-30 07:30 - 00001072 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-30 07:30 - 2014-04-30 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-30 07:30 - 2014-04-30 07:29 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-30 07:29 - 2014-04-30 07:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-30 07:25 - 2014-04-30 07:25 - 01101794 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-30 07:25 - 2014-04-30 07:23 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 17:42 - 2014-04-29 17:42 - 00000000 ____D () C:\ProgramData\24206
2014-04-29 07:13 - 2014-04-29 07:13 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\MusicNet
2014-04-29 07:12 - 2014-04-29 07:12 - 00000000 ____D () C:\Users\hühne\Documents\My Received Files
2014-04-29 07:03 - 2014-04-29 06:48 - 00036772 _____ () C:\Users\hühne\Downloads\Addition.txt
2014-04-29 06:33 - 2014-04-29 06:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181
2014-04-26 21:27 - 2014-04-26 21:26 - 04892480 _____ (WinZip International LLC ) C:\Users\hühne\Downloads\wzmp_8.exe
2014-04-26 17:14 - 2014-04-26 17:14 - 00000043 _____ () C:\Users\hühne\AppData\Roaming\WB.CFG
2014-04-25 16:42 - 2014-04-25 16:41 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer (1).exe
2014-04-25 16:41 - 2014-04-25 16:40 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer.exe
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-25 16:10 - 2014-04-25 16:08 - 04994480 _____ (Adobe Systems Inc.) C:\Users\hühne\Downloads\Shockwave_Installer_Slim.exe
2014-04-25 15:58 - 2014-04-25 15:56 - 02682880 _____ () C:\Users\hühne\Downloads\AdbeRdrSecUpd11005.msp
2014-04-25 08:31 - 2012-12-30 16:04 - 00000000 ____D () C:\Users\hühne\Desktop\Musik
2014-04-20 12:38 - 2012-12-04 18:12 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Skype
2014-04-17 20:33 - 2010-11-20 23:01 - 01619832 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 20:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-15 20:24 - 2011-12-16 13:32 - 00000000 ____D () C:\Program Files\WildTangent Games
2014-04-15 20:22 - 2014-04-15 20:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-14 04:11 - 2014-04-30 07:23 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:07 - 2014-04-30 07:23 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-10 12:32

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

FRST hab ich nur als Verknüpfung auf dem Desktop hingekriegt,aber diesmal hats funktioniert.Security Check und TFC weiß ich auch nicht,wie ich das auf das auf den Desktop kriege.LG

Passt schon

Fertig

Die Reihenfolge ist hier entscheidend.

1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
   • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
   • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
   • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
3. Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
   • Schließe alle offenen Programme.
   • Starte die delfix.exe mit einem Doppelklick.
   • Setze vor jede Funktion ein Häkchen.
   • Klicke auf Start.
   • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
   • Starte deinen Rechner abschließend neu.
4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

• Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
• Windows Updates
  • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
  • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
• Gehe sicher das die automatischen Updates aktiviert sind.
• Software Updates
  Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
  Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

• Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

• MalwareBytes Anti Malware
  Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
  Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
  Ein Tutorial zur Verwendung findest Du hier.
• WinPatrol
  Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

• SpywareBlaster
  Eine kurze Einführung findest du Hier
• MVPs hosts file
  Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
• WOT (Web of trust)
  Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

• Opera
• Mozilla Firefox.
  • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    
  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
    Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts

• Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
• verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
• Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
• Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.