Windows 7: viele nervige Werbefenster im Firefox, z.B reimageplus.com, cooleh.com

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Heike at 2014-05-29 10:28:38 Run:1
Running from C:\Users\Heike\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
R1 {55685567-4840-4a91-962b-49a412e9485a}Gw64; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys [61112 2014-05-26] (StdLib)
C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys
Task: {02D65882-7E61-4421-8879-E3C5EBAE4FA9} - \Digital Sites No Task File <==== ATTENTION
Reboot:
end
*****************

{55685567-4840-4a91-962b-49a412e9485a}Gw64 => Service stopped successfully.
{55685567-4840-4a91-962b-49a412e9485a}Gw64 => Service deleted successfully.
C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02D65882-7E61-4421-8879-E3C5EBAE4FA9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02D65882-7E61-4421-8879-E3C5EBAE4FA9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites => Key deleted successfully.


The system needed a reboot. 

==== End of Fixlog ====
         

SystemLook 30.07.11 by jpshortstuff
Log created at 10:38 on 29/05/2014 by Heike
Administrator - Elevation successful

========== regfind ==========

Searching for "Codec Pack Packages"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
"DisplayIcon"="C:\Users\Heike\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages\uninstaller.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
"UninstallString"="C:\Users\Heike\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages\uninstaller.exe /Uninstall /NM="Codec Pack Packages" /AN="0D0S1L2Z1P1B0T1P1B2Z" /MBN="Codec Pack Packages""
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
"DisplayName"="Codec Pack Packages"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
"UninstallerPath"="C:\Users\Heike\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages"
[HKEY_USERS\S-1-5-21-124439648-1660473817-2823271538-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
[HKEY_USERS\S-1-5-21-124439648-1660473817-2823271538-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
"DisplayIcon"="C:\Users\Heike\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages\uninstaller.exe"
[HKEY_USERS\S-1-5-21-124439648-1660473817-2823271538-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
"UninstallString"="C:\Users\Heike\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages\uninstaller.exe /Uninstall /NM="Codec Pack Packages" /AN="0D0S1L2Z1P1B0T1P1B2Z" /MBN="Codec Pack Packages""
[HKEY_USERS\S-1-5-21-124439648-1660473817-2823271538-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
"DisplayName"="Codec Pack Packages"
[HKEY_USERS\S-1-5-21-124439648-1660473817-2823271538-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
"UninstallerPath"="C:\Users\Heike\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages"

-= EOF =-
         

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=9029dff17d821b42b73657c8d68ac72d
# engine=18456
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-29 10:23:20
# local_time=2014-05-29 12:23:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 6903 8041336 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 2124151 152988850 0 0
# scanned=144023
# found=20
# cleaned=0
# scan_time=5537
sh=E500C66D5AA5101FFAD9C67FDC1CF7E3883915B7 ft=1 fh=143b7ab7bd560edc vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\updatewebget.exe.vir"
sh=919E402F18510348494235B026AE7D1038744F5F ft=1 fh=86e915f8c2c19aac vn="Variante von Win32/BrowseFox.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\webgetBHO.dll.vir"
sh=C06123DCA1E999A7BD55917800AEBC2ACAA73F51 ft=1 fh=5dc33dc1b78e1b8a vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\webgetUninstall.exe.vir"
sh=E500C66D5AA5101FFAD9C67FDC1CF7E3883915B7 ft=1 fh=143b7ab7bd560edc vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\bin\utilwebget.exe.vir"
sh=2D051BF51FC6A4ABAA9A98DB21AE8362D4E9148D ft=1 fh=0c4144feb13b51e6 vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\bin\webget.PurBrowse64.exe.vir"
sh=79469246BDDECF7B0CBC7E1D77F721360BD19AF4 ft=1 fh=2df8d279d1064e10 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\bin\plugins\webget.Bromon.dll.vir"
sh=42DD96DD24CE4023893AB8323C9D5B61870A4717 ft=1 fh=670f088a68ba6350 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\bin\plugins\webget.BroStats.dll.vir"
sh=A6AEC1D2E59C018838CEA60938E790DF9B80CD31 ft=1 fh=2efa34b3ffa050cc vn="möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\bin\plugins\webget.BrowserAdapterS.dll.vir"
sh=1079C77E1F254325AACDF9A845169F7DEA9E4D4B ft=1 fh=88538715b07df39d vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\bin\plugins\webget.CompatibilityChecker.dll.vir"
sh=7D4F4D546F0EDDCA0A168AA1C5E643A77AB47C4D ft=1 fh=a27677db8d4604de vn="Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\bin\plugins\webget.FFUpdate.dll.vir"
sh=CFC4A28FD26707CB1666384CC4EC4B9E83D47A88 ft=1 fh=ee814dc33e57633b vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\bin\plugins\webget.IEUpdate.dll.vir"
sh=74AA28A1F07C588A62E0D8D49D55783DE70C920B ft=1 fh=a1a89ac06d721ac2 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\webget\bin\plugins\webget.PurBrowseG.dll.vir"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Heike\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages\uninstaller.exe.vir"
sh=5B0A87C45C39902D713DB6C72003B97F06815247 ft=1 fh=1cd136ac2369d0aa vn="Win64/Riskware.NetFilter.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys.vir"
sh=34676E6CB0465F4B432083126341F23B8FEC7B64 ft=1 fh=395457a12514583a vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Heike\Desktop\Heike\zlsSetup_70_483_000_de.exe"
sh=FA5EF34D2FD2BB6F54D410D9F0CD09136F193E11 ft=1 fh=5dfde762694c5d93 vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Heike\Eigene Dateien\Downloads\AVGSecureSearchInstaller(1).exe"
sh=FA5EF34D2FD2BB6F54D410D9F0CD09136F193E11 ft=1 fh=5dfde762694c5d93 vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Heike\Eigene Dateien\Downloads\AVGSecureSearchInstaller.exe"
sh=FC0778FC975EF202DB8511E96308FDDD166A482C ft=1 fh=6c3fba04704945b6 vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Heike\Eigene Dateien\Downloads\SoftonicDownloader_fuer_ikea-home-planer.exe"
sh=34676E6CB0465F4B432083126341F23B8FEC7B64 ft=1 fh=395457a12514583a vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike\Desktop\Heike\zlsSetup_70_483_000_de.exe"
sh=7E663A519D9CE8D8A9244A58FC00A4C7CF7C3CED ft=1 fh=af3f7db17044964f vn="Variante von Win32/SoftPulse.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike\Downloads\New_player.exe"
         

 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 13.0.0.214  
 Adobe Reader XI  
 Mozilla Firefox (29.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````