Habe die Yahoo Smartbar bereits aus firefox entfernt. Aus dem Internet Explorer bekomme ich sie nicht, kann sie nur deaktivieren. In der "Systemsteuerung/Programme deinstallieren" passiert wenn ich die Smartbar deinstallieren will nichts. Ich hoffe mir kann hier geholfen werden

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Additions Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:29-08-2014 01
Ran by Ich at 2014-08-31 19:32:22
Running from C:\Users\Ich\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


AAU 6.0.00.16 (HKLM\...\Acer Acer Bio Protection 6.0.00.16) (Version:  - )
Acer Bio Protection
Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3010 - Acer Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.30 - Atheros Communications Inc.)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
CCS64 V3.8 (HKLM\...\{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}) (Version: 1.0.0 - Computerbrains C.C.S.)
Downlooad koeeper (HKLM\...\{C1A27135-69EB-8D44-7358-34727DD7B820}) (Version: 2.2.0.1771 - DoawnLoaid keepeir) <==== ATTENTION
FL Studio 10 (HKLM\...\FL Studio 10) (Version:  - Image-Line)
Free MP4 Video Converter version 5.0.29.925 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.29.925 - DVDVideoSoft Ltd.)
Free Video Editor version 1.4.3.716 (HKLM\...\Free Video Editor_is1) (Version: 1.4.3.716 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.42.716 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.42.716 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.11.812 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.11.812 - DVDVideoSoft Ltd.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
IL Download Manager (HKLM\...\IL Download Manager) (Version:  - Image-Line)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Launch Manager (HKLM\...\LManager) (Version:  - )
LibUSB-Win32-0.1.10.1 (HKLM\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
LPT System Updater Service (Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Nero 7 Essentials (HKLM\...\{81CD6232-10F5-4832-B3DA-1B88B1571031}) (Version: 7.02.5851 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA Grafiktreiber 306.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.82.513 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.02 (Version: 306.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
reFX Nexus VSTi RTAS v2.2.0 (HKLM\...\reFX Nexus_is1) (Version:  - )
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
Smart File Advisor 1.1.1 (HKLM\...\Smart File Advisor_is1) (Version: 1.1.1 - Filefacts.net)
SmootherWeb (HKCU Version: 1.0 - SmootherWeb LLC) Hidden
SPBA 5.8 (HKLM\...\{ECCD28B2-8798-4D16-8126-625D728294A1}) (Version: 5.8.2.4218 - UPEK Inc.)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Viscomsoft Free Face Off Maker (HKLM\...\Viscomsoft Free Face Off Maker for Window_is1) (Version:  - ViscomsoftOnline.com)
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.623  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - Intel (NETw5v32) net  (05/28/2009 12.4.3.9) (HKLM\...\6C69862D99A6D18374D3619F0854C49073CD3370) (Version: 05/28/2009 12.4.3.9 - Intel)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Yahoo Community Smartbar (HKLM\...\{6818F6FB-6270-4DE8-9827-40E852111F2A}) (Version: 11.88.66.18547 - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU\...\{023382b0-7b22-476e-adc8-5bb6ddd683c6}) (Version: 11.88.66.18547 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

28-08-2014 02:29:17 Installed SpyHunter
28-08-2014 03:48:32 Removed SpyHunter
28-08-2014 03:49:26 Removed SpyHunter
28-08-2014 13:54:53 Removed Yahoo Community Smartbar
29-08-2014 15:19:00 OpenOffice 4.1.1 wird entfernt
29-08-2014 15:19:31 OpenOffice 4.1.1 wird entfernt
29-08-2014 15:26:07 Removed Yahoo Community Smartbar
29-08-2014 15:38:55 Installed Microsoft Office Enterprise 2007
30-08-2014 00:45:43 Removed Yahoo Community Smartbar

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {148F9437-4C1B-448C-8784-E62DB9F8C84F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2006-11-02] (Microsoft Corporation)
Task: {5A2D6FE0-2206-47DD-8914-4A810DF865CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06] (Google Inc.)
Task: {66D2BD02-D937-4AF4-AE4B-75FC248254EE} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {7D1BB921-B206-481E-B6C4-317ED1016C08} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {7FB0FE12-3D90-4666-96C9-084697BA58AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06] (Google Inc.)
Task: {9EB44560-63F6-4CA3-8294-048D3F7D340B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {E3B6193A-F7D0-41AE-9F84-94DBEA6427C2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2006-11-02] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-05 23:48 - 2012-10-05 23:48 - 00080896 _____ () C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll
2012-10-05 23:05 - 2008-08-19 14:27 - 00024576 _____ () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
2012-10-05 23:06 - 2012-10-05 23:06 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3010.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2012-10-05 23:06 - 2012-10-05 23:06 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3010.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2012-10-05 23:06 - 2012-10-05 23:06 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3010.0__3036420f80dd6947\Framework.Library.dll
2012-10-05 23:06 - 2012-10-05 23:06 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3010.0__672b450de5a7e94a\Framework.Host.dll
2012-10-05 23:06 - 2012-10-05 23:06 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3010.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2012-10-05 23:48 - 2012-10-05 23:48 - 03521024 _____ () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
2014-07-21 14:28 - 2014-07-21 14:28 - 00034088 _____ () C:\Program Files\LPT\srpts.exe
2014-07-21 14:28 - 2014-07-21 14:33 - 00043816 _____ () C:\Program Files\LPT\srptc.dll
2014-07-21 14:27 - 2014-07-21 14:32 - 00018216 _____ () C:\Program Files\LPT\Smartbar.Common.dll
2014-07-21 14:28 - 2014-07-21 14:33 - 00035624 _____ () C:\Program Files\LPT\srptsl.exe
2014-07-21 14:28 - 2014-07-21 14:33 - 00069928 _____ () C:\Program Files\LPT\srut.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00023848 _____ () C:\Users\Ich\AppData\Local\LPT\srptm.exe
2014-07-21 14:33 - 2014-07-21 14:33 - 00083240 _____ () C:\Users\Ich\AppData\Local\LPT\srpt.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00043816 _____ () C:\Users\Ich\AppData\Local\LPT\srptc.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00018216 _____ () C:\Users\Ich\AppData\Local\LPT\Smartbar.Common.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00069928 _____ () C:\Users\Ich\AppData\Local\LPT\srut.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00067880 _____ () C:\Users\Ich\AppData\Local\LPT\sppsm.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00159528 _____ () C:\Users\Ich\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00027944 _____ () C:\Users\Ich\AppData\Local\LPT\Smartbar.Personalization.Common.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00166696 _____ () C:\Users\Ich\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00046888 _____ () C:\Users\Ich\AppData\Local\LPT\srbu.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00025896 _____ () C:\Users\Ich\AppData\Local\LPT\srpdm.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00027432 _____ () C:\Users\Ich\AppData\Local\LPT\ProxySettings.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00044840 _____ () C:\Users\Ich\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00055080 _____ () C:\Users\Ich\AppData\Local\LPT\srprl.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00050472 _____ () C:\Users\Ich\AppData\Local\LPT\lrrot.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00054056 _____ () C:\Users\Ich\AppData\Local\LPT\Proxy.Lib.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00028456 _____ () C:\Users\Ich\AppData\Local\LPT\sreu.dll
2014-08-28 04:06 - 2014-08-28 04:06 - 00904704 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2014-07-30 17:42 - 2014-07-30 17:43 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00317224 _____ () C:\Users\Ich\AppData\Local\LPT\Resources\ntdis_32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Ich\Desktop\Dragonball.Z.Battle.of.Gods.GER.SUB.AAC.1080p.BluRay.x264-DBT.mp4:TOC.WMV

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/31/2014 07:30:00 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (08/31/2014 07:30:00 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\system32\Secur32.dll4

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll4

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: DFSRC:\Windows\System32\DfsrPerf.dll4

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\system32\bitsperf.dll4

Error: (08/31/2014 07:13:22 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16

Error: (08/30/2014 02:38:49 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16


System errors:
=============
Error: (08/28/2014 03:43:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: AFD
avipbb
avkmgr
DfsC
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
ssmdrv
Tcpip
tdx
Wanarpv6

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: TCP/IP Registry CompatibilityTCP/IP-Protokolltreiber%%31

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NLA (Network Location Awareness)TCP/IP-Protokolltreiber%%31

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: IP-HilfsdienstNetzwerkspeicher-Schnittstellendienst%%1068


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-08-28 15:07:51.567
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-28 15:07:51.530
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-28 15:07:51.492
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-28 15:07:51.455
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-28 15:07:50.977
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-28 15:07:50.938
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-28 15:07:50.900
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-28 15:07:50.851
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-23 06:07:16.708
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\BitGuard\271832~1.68\{C16C1~1\BitGuard.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-22 19:43:02.631
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\BitGuard\271832~1.68\{C16C1~1\BitGuard.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Percentage of memory in use: 41%
Total physical RAM: 3066.07 MB
Available physical RAM: 1795.24 MB
Total Pagefile: 6313.36 MB
Available Pagefile: 4981.28 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:144.04 GB) (Free:9.92 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:140.5 GB) (Free:42.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 27BCEB28)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=140.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3.5 GB) - (Type=12)

==================== End Of Log ============================
         

--- --- ---

Hoffe es ist das, was du suchst. Schon einmal großes Dankeschön im vorraus.

fehlt noch die FRST.txt

Entschuldigung, aber ich kenn mich nicht so gut aus. Wo finde ich dieses FRST.txt? Ist es ebenfalls nach dem Scan mit dabei ?


FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-08-2014 01
Ran by Ich (administrator) on ICH-PC on 31-08-2014 19:31:33
Running from C:\Users\Ich\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
() C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
(hxxp://libusb-win32.sourceforge.net) C:\Windows\System32\libusbd-nt.exe
() C:\Program Files\LPT\srpts.exe
() C:\Program Files\LPT\srptsl.exe
() C:\Users\Ich\AppData\Local\LPT\srptm.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1006264 2012-10-06] (Microsoft Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [817672 2008-06-04] (Dritek System Inc.)
HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3673600 2012-10-05] (Arachnoid Biometrics Identification Group Corp.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG)
HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [Vidalia] => "C:\Program Files\Vidalia Relay Bundle\Vidalia\vidalia.exe"
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Ich\AppData\Local\Smartbar\Application\Smartbar.exe [28968 2014-07-21] (Smartbar)
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [smoother] => C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] ()
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\MountPoints2: {48dd213b-1614-11e2-b3ba-001e68f7a252} - G:\Startme.exe
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\MountPoints2: {53c9f23a-1ca1-11e3-af91-001e68f7a252} - G:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\MountPoints2: {86dc23d5-29cd-11e2-876a-001e68f7a252} - G:\Menu.exe
HKU\S-1-5-21-3325081473-2881869368-4166051970-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArWlQY0RTFQ1Ekh2jbMwtZMWV-iic08Tjcctx8-qkO8ugsmP5oOyCI0ev-KOSzH3m8odt4rrYxQAcLryJTHHAzS28I5oggPFRGwC8,
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1409191619&from=slbnew&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708A1513115131
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default
FF NewTab: www.google.de
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArWlQY0RTFQ1Ekh2jbMwtZMWV-iic08Tjcctx8-qkO8ugsmP5oOyCI0ev-KOSzH3m8odt4rrYxQAcLryJTHHAzS28I5oggPFRGwC8,
FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\ich@maltegoetz.de [2014-07-23]
FF Extension: YouTube Unblocker - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\youtubeunblocker@unblocker.yt [2014-07-05]
FF Extension: Smoother Web - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-28]
FF Extension: Tab Converter - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{40f3666d-0746-451b-893f-6be81e8d1e33}.xpi [2014-07-12]
FF Extension: {519dc759-96fc-494f-8786-1ada2fcc4f8f} - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{519dc759-96fc-494f-8786-1ada2fcc4f8f}.xpi [2014-07-06]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-22]
FF Extension: Adblock Plus - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-28]
FF HKCU\...\Firefox\Extensions: [{60525b7e-56a2-4031-a4f4-35eb2c9dd4d8}] - C:\Program Files\LyriXeeker\130.xpi
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [File not signed]
R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3521024 2012-10-05] () [File not signed]
R2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 LPTSystemUpdater; C:\Program Files\LPT\srpts.exe [34088 2014-07-21] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2012-10-05] (Alfa Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48640 2007-05-09] (JMicron Technology Corp.)
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)
R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-21] (Avira GmbH)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 19:31 - 2014-08-31 19:31 - 00017903 _____ () C:\Users\Ich\Desktop\FRST.txt
2014-08-31 19:31 - 2014-08-31 19:31 - 00000000 ____D () C:\FRST
2014-08-30 03:22 - 2014-08-30 03:22 - 01095680 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe
2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-29 17:47 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-08-29 17:39 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-29 17:39 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 __RHD () C:\MSOCache
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help
2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml
2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini
2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-28 04:29 - 2014-08-28 05:50 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-08-28 04:07 - 2014-08-28 04:18 - 00000000 ____D () C:\Program Files\Bench
2014-08-28 04:07 - 2014-08-28 04:16 - 00000003 _____ () C:\Users\Ich\AppData\Local\proxy.log
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\SmootherWeb
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Program Files\LPT
2014-08-28 04:06 - 2014-08-28 15:42 - 00001810 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-28 04:06 - 2014-08-28 04:20 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb
2014-08-28 04:06 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar
2014-08-28 04:06 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\LPT
2014-08-28 03:57 - 2014-08-28 04:13 - 00000000 ____D () C:\Program Files\FLVM Player
2014-08-27 19:00 - 2010-03-05 16:01 - 00420352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-27 19:00 - 2009-12-04 09:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-27 16:27 - 2009-03-08 23:09 - 00391536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-27 16:27 - 2009-03-08 13:41 - 05937152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-27 16:27 - 2009-03-08 13:39 - 11063808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-27 16:27 - 2009-03-08 13:35 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-27 16:27 - 2009-03-08 13:34 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-27 16:27 - 2009-03-08 13:34 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe
2014-08-27 16:27 - 2009-03-08 13:34 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\PDMSetup.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-27 16:27 - 2009-03-08 13:32 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-27 16:27 - 2009-03-08 13:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-27 16:27 - 2009-03-08 13:32 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-27 16:27 - 2009-03-08 13:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-27 16:27 - 2009-03-08 13:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-27 16:27 - 2009-03-08 13:30 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-27 16:27 - 2009-03-08 13:22 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-27 16:27 - 2009-03-08 13:22 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-27 16:27 - 2009-03-08 13:11 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-27 16:27 - 2009-02-07 06:07 - 03698584 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-27 16:26 - 2014-08-27 16:42 - 00058468 _____ () C:\Windows\ie8_main.log
2014-08-27 16:23 - 2014-08-27 18:57 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini
2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll
2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll
2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo
2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice
2014-08-23 03:21 - 2014-08-23 03:25 - 164858324 _____ () C:\Users\Ich\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe
2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA
2014-08-08 00:44 - 2014-08-08 00:50 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv
2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software
2014-08-06 19:05 - 2014-08-06 19:07 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-08-06 19:01 - 2014-08-06 19:02 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe
2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU
2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-08-06 18:57 - 2014-08-06 18:58 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-08-06 18:57 - 2012-03-23 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 19:31 - 2014-08-31 19:31 - 00017903 _____ () C:\Users\Ich\Desktop\FRST.txt
2014-08-31 19:31 - 2014-08-31 19:31 - 00000000 ____D () C:\FRST
2014-08-31 19:19 - 2012-10-06 00:25 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-31 19:13 - 2006-11-02 12:33 - 00810610 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 19:11 - 2006-11-02 14:52 - 01688187 _____ () C:\Windows\WindowsUpdate.log
2014-08-31 19:08 - 2012-10-06 00:25 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-31 19:07 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-31 19:07 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-31 19:07 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-31 02:07 - 2006-11-02 15:01 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-31 01:43 - 2014-01-24 20:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-30 18:17 - 2012-10-28 17:56 - 00000000 ____D () C:\Users\Ich\Desktop\Controller - Gamepad
2014-08-30 03:22 - 2014-08-30 03:22 - 01095680 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe
2014-08-29 18:13 - 2012-10-05 21:13 - 00100432 _____ () C:\Users\Ich\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-29 18:12 - 2006-11-02 14:47 - 00374776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 18:11 - 2012-10-06 04:20 - 00080010 _____ () C:\Windows\PFRO.log
2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-29 17:47 - 2014-08-29 17:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-08-29 17:45 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-29 17:44 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew
2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-29 17:43 - 2012-10-27 17:28 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-08-29 17:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-29 17:40 - 2006-11-02 12:23 - 00000219 _____ () C:\Windows\win.ini
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 __RHD () C:\MSOCache
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help
2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml
2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\TOP 20 Deutsche Single Charts April 2013 - YouTube.URL
2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\Top 20 Deutsche Charts Mai 2013 - YouTube.URL
2014-08-28 15:42 - 2014-08-28 04:06 - 00001810 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-28 15:42 - 2012-10-05 23:12 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-28 15:42 - 2012-10-05 21:13 - 00000949 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini
2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-28 05:50 - 2014-08-28 04:29 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-08-28 04:20 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb
2014-08-28 04:18 - 2014-08-28 04:07 - 00000000 ____D () C:\Program Files\Bench
2014-08-28 04:16 - 2014-08-28 04:07 - 00000003 _____ () C:\Users\Ich\AppData\Local\proxy.log
2014-08-28 04:13 - 2014-08-28 03:57 - 00000000 ____D () C:\Program Files\FLVM Player
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\SmootherWeb
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Program Files\LPT
2014-08-28 04:06 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar
2014-08-28 04:06 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\LPT
2014-08-27 18:57 - 2014-08-27 16:23 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-08-27 18:07 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-27 16:42 - 2014-08-27 16:26 - 00058468 _____ () C:\Windows\ie8_main.log
2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini
2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll
2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll
2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo
2014-08-24 17:57 - 2012-10-06 00:14 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Winamp
2014-08-24 03:19 - 2012-10-06 03:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\vlc
2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice
2014-08-23 03:25 - 2014-08-23 03:21 - 164858324 _____ () C:\Users\Ich\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-08-23 03:25 - 2012-09-04 15:31 - 00000000 ____D () C:\Users\Ich\Desktop\Dwb projekte
2014-08-23 03:24 - 2012-10-06 03:59 - 00037888 _____ () C:\Users\Ich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe
2014-08-17 15:29 - 2014-06-20 12:51 - 00000000 ____D () C:\Users\Ich\Desktop\Handyvertrag
2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA
2014-08-12 20:58 - 2013-07-13 04:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-12 20:56 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-08 00:50 - 2014-08-08 00:44 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv
2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software
2014-08-06 19:07 - 2014-08-06 19:05 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-08-06 19:04 - 2013-09-27 18:25 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-08-06 19:04 - 2012-11-01 18:22 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\DVDVideoSoft
2014-08-06 19:03 - 2014-07-23 19:08 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenCandy
2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-08-06 19:03 - 2012-11-01 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-06 19:02 - 2014-08-06 19:01 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe
2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU
2014-08-06 18:58 - 2014-08-06 18:57 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-08-04 12:45 - 2012-09-04 21:50 - 00000000 ____D () C:\temp

Some content of TEMP:
====================
C:\Users\Ich\AppData\Local\Temp\APNStub.exe
C:\Users\Ich\AppData\Local\Temp\avgnt.exe
C:\Users\Ich\AppData\Local\Temp\insAD60.tmp.exe
C:\Users\Ich\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Ich\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Ich\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Ich\AppData\Local\Temp\ose00000.exe
C:\Users\Ich\AppData\Local\Temp\post1.exe
C:\Users\Ich\AppData\Local\Temp\post2.dll
C:\Users\Ich\AppData\Local\Temp\post2.exe
C:\Users\Ich\AppData\Local\Temp\setup.exe
C:\Users\Ich\AppData\Local\Temp\SHSetup.exe
C:\Users\Ich\AppData\Local\Temp\VistaInfo32.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-31 19:14

==================== End Of Log ============================
         

--- --- ---

--- --- ---

Adware & Co. deinstallieren

• Lade Dir bitte von hier Revo Uninstaller herunter.
• Installiere und starte das Programm.
• Suche im Uninstallerfeld nach den Programmen, die unter:
  
  diesen Zusatz haben:
  
• Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
• Wähle anschließend den Modus "Moderat" aus.
  
• Reste löschen:
  Klicke auf dann auf und dann auf .

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Habe jetzt die schritte unter " Adware & Co. deinstallieren " durchgeführt. In der Systemsteuerung/Programme deinstalliern ist die " Yahoo Community Smartbar" jetzt nicht mehr vorhanden. Beim Systemstart taucht jedoch das Yahoo Smartbar Zeichen immer noch rechts unten auf. Über diesem Zeichen steht aber "search protect". Soweit aufjedenfall schon einmal danke... Hab hier mal ein Screenshot hinzugefügt. Vielleicht erkennen Sie da noch etwas, was gefährlich oder unötig ist.

Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 14-08-31.01 - Ich 02.09.2014  20:01:45.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.49.1031.18.3066.2136 [GMT 2:00]
ausgeführt von:: c:\users\Ich\Downloads\ComboFix.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-08-02 bis 2014-09-02  ))))))))))))))))))))))))))))))
.
.
2014-09-02 18:08 . 2014-09-02 18:08	--------	d-----w-	c:\users\Ich\AppData\Local\temp
2014-09-02 18:08 . 2014-09-02 18:08	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-09-02 18:08 . 2014-09-02 18:08	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-09-02 13:33 . 2014-09-02 13:33	--------	d-----w-	c:\program files\VS Revo Group
2014-09-01 16:36 . 2014-09-01 16:37	--------	d-----w-	c:\program files\FreeHideIP
2014-08-31 17:31 . 2014-08-31 17:33	--------	d-----w-	C:\FRST
2014-08-29 15:47 . 2006-10-26 17:56	33104	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2014-08-29 15:47 . 2006-10-26 17:56	32592	----a-w-	c:\windows\system32\msonpmon.dll
2014-08-29 15:45 . 2014-08-29 15:45	--------	d-----w-	c:\program files\Microsoft Works
2014-08-29 15:43 . 2014-08-29 15:43	--------	d-----w-	c:\windows\PCHEALTH
2014-08-29 15:41 . 2014-08-29 15:41	--------	d-----w-	c:\program files\Microsoft Visual Studio 8
2014-08-29 15:39 . 2014-08-29 15:39	--------	d-----w-	c:\users\Ich\AppData\Local\Microsoft Help
2014-08-29 15:39 . 2014-08-29 15:47	--------	d-----w-	c:\programdata\Microsoft Help
2014-08-29 15:39 . 2014-08-29 15:39	--------	d-----r-	C:\MSOCache
2014-08-28 03:51 . 2014-08-28 03:51	--------	d-----w-	c:\programdata\Malwarebytes
2014-08-28 02:29 . 2014-08-28 02:29	--------	d-----w-	c:\program files\Enigma Software Group
2014-08-28 02:29 . 2014-08-28 03:50	--------	d-----w-	c:\windows\455F074C814E4520B69B5584BD90400C.TMP
2014-08-28 02:29 . 2014-08-28 02:29	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2014-08-28 02:14 . 2014-08-29 15:45	--------	d-----w-	c:\windows\system32\wbem\AutoRecover
2014-08-28 02:07 . 2014-08-28 02:07	--------	d-----w-	c:\programdata\WindowsMangerProtect
2014-08-28 02:07 . 2014-08-28 02:18	--------	d-----w-	c:\program files\Bench
2014-08-28 02:07 . 2014-08-28 02:07	--------	d-----w-	c:\program files\LPT
2014-08-28 02:07 . 2014-08-28 02:07	--------	d-----w-	C:\SmootherWeb
2014-08-28 02:06 . 2014-08-28 02:20	--------	d-----w-	c:\users\Ich\AppData\Roaming\SmootherWeb
2014-08-28 02:06 . 2014-08-28 02:06	--------	d-----w-	c:\users\Ich\AppData\Local\LPT
2014-08-28 02:06 . 2014-08-28 02:06	--------	d-----w-	c:\users\Ich\AppData\Local\Smartbar
2014-08-28 01:57 . 2014-08-28 02:13	--------	d-----w-	c:\program files\FLVM Player
2014-08-27 17:00 . 2010-03-05 14:01	420352	----a-w-	c:\windows\system32\vbscript.dll
2014-08-27 14:23 . 2014-08-27 16:57	--------	d-----w-	c:\program files\CyberGhost 5
2014-08-27 14:15 . 2014-08-27 14:15	8704	----a-w-	c:\windows\system32\SpOrder.dll
2014-08-27 14:15 . 2014-08-27 14:15	73728	----a-w-	c:\windows\system32\VistaInfo32.dll
2014-08-27 13:59 . 2014-08-27 13:59	--------	d-----w-	c:\users\Ich\AppData\Roaming\JonDo
2014-08-23 01:40 . 2014-08-23 01:40	--------	d-----w-	c:\users\Ich\AppData\Roaming\OpenOffice
2014-08-21 15:41 . 2014-08-21 15:41	--------	d-----w-	c:\users\Ich\AppData\Local\Adobe
2014-08-16 14:33 . 2014-08-16 14:33	--------	d-----w-	c:\users\Ich\AppData\Roaming\NVIDIA
2014-08-06 17:07 . 2014-08-06 17:07	--------	d-----w-	c:\users\Ich\AppData\Local\TuneUp Software
2014-08-06 17:05 . 2014-08-06 17:07	--------	d-----w-	c:\program files\TuneUp Utilities 2014
2014-08-06 16:58 . 2014-08-06 16:58	--------	d-----w-	c:\users\Ich\AppData\Roaming\AVS4YOU
2014-08-06 16:57 . 2014-08-06 17:01	--------	d-----w-	c:\program files\Common Files\AVSMedia
2014-08-06 16:57 . 2014-08-06 17:01	--------	d-----w-	c:\program files\AVS4YOU
2014-08-06 16:57 . 2014-08-06 16:58	--------	d-----w-	c:\programdata\AVS4YOU
2014-08-06 16:57 . 2012-03-23 17:59	24576	----a-w-	c:\windows\system32\msxml3a.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 01:45 . 2013-08-22 17:03	71344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 01:45 . 2013-08-22 17:03	699056	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-06-24 11:32 . 2013-09-21 03:08	97648	----a-w-	c:\windows\system32\drivers\avgntflt.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Browser Infrastructure Helper"="c:\users\Ich\AppData\Local\Smartbar\Application\Smartbar.exe" [2014-07-21 28968]
"smoother"="c:\users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe" [2014-08-12 489603]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-06-04 817672]
"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2012-10-05 3673600]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-12-09 74752]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]
"Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-08-14 751184]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 279456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2012-10-05 21:49	3116032	----a-w-	c:\program files\Acer\Acer Bio Protection\WinNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2008-03-25 13:24	567560	----a-w-	c:\program files\Common Files\SPBA\homefus2.dll
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-24 01:45]
.
2014-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-05 22:25]
.
2014-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-05 22:25]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArWlQY0RTFQ1Ekh2jbMwtZMWV-iic08Tjcctx8-qkO8ugsmP5oOyCI0ev-KOSzH3m8odt4rrYxQAcLryJTGexmCuacK1eFpKn7BmE,
mStart Page = about:blank
uInternet Settings,ProxyServer = http=;ftp=;https=;
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEtAuuu6P9-HYXMVDmZb8,&q={searchTerms}
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/?gfe_rd=cr&ei=NPsFVOX3HqiF8QfCtYCgDQ&gws_rd=ssl
FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEtAuuu6P9-HYXMVDmZb8,&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-09-02 20:08
Windows 6.0.6000  NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(416)
c:\windows\System32\netshell.dll
c:\progra~1\MICROS~3\Office12\GR326C~1.DLL
.
Zeit der Fertigstellung: 2014-09-02  20:10:17
ComboFix-quarantined-files.txt  2014-09-02 18:10
ComboFix2.txt  2014-09-02 17:49
.
Vor Suchlauf: 19 Verzeichnis(se), 24.129.421.312 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 23.997.681.664 Bytes frei
.
- - End Of File - - 399E72BB120B9B55FC5EF6865853E6FB
         

--- --- ---
5C616939100B85E558DA92B899A0FC36

Habe hier nochmal ein Screenshoot. Das angewählte Feld "search" gehört glaube ich auch dazu, ist aber in Systemsteuerung/Programme deinstallieren nicht aufgeführt. Seit heute ist auch plötzlich eine Internet Explorer Verknüpfung auf dem Desktop aufgetaucht. Es erscheint sofort die Yahoo Startseite, wenn ich den Internet Explorer öffne.

Die IE Verknüpfung ist normal, das war COmbofix.


Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 03.09.2014 13:56:00, SYSTEM, ICH-PC, Protection, Malware Protection, Starting,
Protection, 03.09.2014 13:56:00, SYSTEM, ICH-PC, Protection, Malware Protection, Started,
Protection, 03.09.2014 13:56:00, SYSTEM, ICH-PC, Protection, Malicious Website Protection, Starting,
Protection, 03.09.2014 13:56:03, SYSTEM, ICH-PC, Protection, Malicious Website Protection, Started,
Update, 03.09.2014 13:56:25, SYSTEM, ICH-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.8.21.1,
Update, 03.09.2014 13:56:40, SYSTEM, ICH-PC, Manual, Malware Database, 2014.3.4.9, 2014.9.3.3,

(end)

# AdwCleaner v3.309 - Bericht erstellt am 03/09/2014 um 14:28:36
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium (32 bits)
# Benutzername : Ich - ICH-PC
# Gestartet von : C:\Users\Ich\Downloads\adwcleaner_3.309.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
Datei Gefunden : C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\foxydeal.sqlite
Datei Gefunden : C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\invalidprefs.js
Ordner Gefunden : C:\Program Files\Gemeinsame Dateien
Ordner Gefunden : C:\Users\Ich\AppData\Local\Smartbar
Ordner Gefunden : C:\Users\Ich\AppData\LocalLow\Smartbar
Ordner Gefunden : C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
Ordner Gefunden : C:\Users\Ich\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Ich\AppData\Roaming\SmootherWeb

***** [ Tasks ] *****

Task Gefunden : BitGuard
Task Gefunden : EPUpdater
Task Gefunden : LyricXeeker Update

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Optimizer Pro
Schlüssel Gefunden : HKLM\SOFTWARE\AdvertisingSupport
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [smoother]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]

***** [ Browser ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\prefs.js ]

Zeile gefunden : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gefunden : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gefunden : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gefunden : user_pref("extensions.helperbar.Visibility", false);
Zeile gefunden : user_pref("extensions.helperbar.keepAliveLastevent", "1409331772");
Zeile gefunden : user_pref("extensions.helperbar.lastExternalJsUpdate", "1409320777974");

*************************

AdwCleaner[R0].txt - [6473 octets] - [03/09/2014 14:16:30]
AdwCleaner[R1].txt - [6088 octets] - [03/09/2014 14:28:36]
AdwCleaner[S0].txt - [726 octets] - [03/09/2014 14:26:28]

Ich habe jetzt die Punkte unter adwcleaner abgearbeitet, dann folgte der erwünschte Neustart. LEider fährt mein Pc jetzt nicht mehr hoch, nach der Passworteingabe für meinen Benutzer wird der bildschirm schwarz und bleibt auch schwarz. schreibe jetzt hier im abgesicherten Modus. Was kann ich tun das ich wieder normal auf mein Pc zugreifen kann? Alles weitere wird jetzt im abgesicherten Modus durchgeführt.JRT Logfile:

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Ich on 03.09.2014 at 15:13:58,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\optimizer pro
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bandobjectattribute
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.dockingpanel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbarbandobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbardisplaystate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbarmenuform



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Ich\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Ich\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\Ich\appdata\locallow\smartbar"



~~~ FireFox

Successfully deleted: [File] C:\Users\Ich\AppData\Roaming\mozilla\firefox\profiles\p6x5vqq2.default\invalidprefs.js
Successfully deleted the following from C:\Users\Ich\AppData\Roaming\mozilla\firefox\profiles\p6x5vqq2.default\prefs.js

user_pref("extensions.helperbar.SmartbarDisabled", false);
user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Emptied folder: C:\Users\Ich\AppData\Roaming\mozilla\firefox\profiles\p6x5vqq2.default\minidumps [152 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.09.2014 at 15:16:03,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

--- --- ---

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014
Ran by Ich (administrator) on ICH-PC on 03-09-2014 15:25:14
Running from C:\Users\Ich\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [817672 2008-06-04] (Dritek System Inc.)
HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3673600 2012-10-05] (Arachnoid Biometrics Identification Group Corp.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG)
HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\RunOnce: [FreeHideIPunstall] => [X]
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [smoother] => C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] ()
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [404080 2014-06-12] (CyberGhost S.R.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=;ftp=;https=;
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default
FF NewTab: www.google.de
FF Homepage: https://www.google.de/?gfe_rd=cr&ei=NPsFVOX3HqiF8QfCtYCgDQ&gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\ich@maltegoetz.de [2014-07-23]
FF Extension: YouTube Unblocker - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\youtubeunblocker@unblocker.yt [2014-07-05]
FF Extension: Smoother Web - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-28]
FF Extension: Tab Converter - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{40f3666d-0746-451b-893f-6be81e8d1e33}.xpi [2014-07-12]
FF Extension: {519dc759-96fc-494f-8786-1ada2fcc4f8f} - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{519dc759-96fc-494f-8786-1ada2fcc4f8f}.xpi [2014-07-06]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-22]
FF Extension: Adblock Plus - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-28]
FF HKCU\...\Firefox\Extensions: [{60525b7e-56a2-4031-a4f4-35eb2c9dd4d8}] - C:\Program Files\LyriXeeker\130.xpi
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
S2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [File not signed]
S2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3521024 2012-10-05] () [File not signed]
S2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2012-10-05] (Alfa Corporation)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)
S2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48640 2007-05-09] (JMicron Technology Corp.)
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)
R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-03] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-21] (Avira GmbH)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 15:25 - 2014-09-03 15:25 - 00001307 _____ () C:\Users\Ich\Desktop\FRST.txt
2014-09-03 15:25 - 2014-09-03 15:25 - 00000000 ____D () C:\Users\Ich\Desktop\FRST-OlderVersion
2014-09-03 15:19 - 2014-09-03 15:19 - 00000632 _____ () C:\Users\Ich\Desktop\JRT.txt
2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 14:57 - 2014-09-03 14:57 - 01016261 _____ (Thisisu) C:\Users\Ich\Downloads\JRT.exe
2014-09-03 14:16 - 2014-09-03 14:29 - 00000000 ____D () C:\AdwCleaner
2014-09-03 14:15 - 2014-09-03 14:15 - 01370483 _____ () C:\Users\Ich\Downloads\adwcleaner_3.309.exe
2014-09-03 14:13 - 2014-09-03 14:13 - 00000646 _____ () C:\Users\Ich\Desktop\Malwarebytes.txt
2014-09-03 13:55 - 2014-09-03 15:12 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 13:55 - 2014-09-03 13:55 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-03 13:55 - 2014-09-03 13:55 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-09-03 13:55 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-03 13:55 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-03 13:55 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-03 13:54 - 2014-09-03 13:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ich\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-03 13:50 - 2014-09-03 13:50 - 00000000 ____D () C:\Users\Ich\AppData\Local\CyberGhost
2014-09-03 13:49 - 2014-09-03 13:49 - 00001720 _____ () C:\Users\Ich\Desktop\CyberGhost 5.lnk
2014-09-03 13:49 - 2014-09-03 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2014-09-03 13:49 - 2014-09-03 13:49 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-09-03 13:48 - 2014-09-03 13:49 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe
2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt
2014-09-02 20:00 - 2014-09-02 20:10 - 00000000 ____D () C:\ComboFix
2014-09-02 19:31 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-02 19:31 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-02 19:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-02 19:30 - 2014-09-02 20:10 - 00000000 ____D () C:\Qoobox
2014-09-02 19:30 - 2014-09-02 19:47 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 19:29 - 2014-09-02 19:55 - 05576326 ____R (Swearware) C:\Users\Ich\Downloads\ComboFix.exe
2014-09-02 15:33 - 2014-09-02 15:33 - 00001057 _____ () C:\Users\Ich\Desktop\Revo Uninstaller.lnk
2014-09-02 15:33 - 2014-09-02 15:33 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-02 15:32 - 2014-09-02 15:33 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ich\Downloads\revosetup95.exe
2014-08-31 19:31 - 2014-09-03 15:25 - 00000000 ____D () C:\FRST
2014-08-30 03:22 - 2014-09-03 15:25 - 01096704 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe
2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-29 17:47 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-08-29 17:39 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-29 17:39 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help
2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml
2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini
2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-28 04:29 - 2014-08-28 05:50 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
2014-08-28 04:06 - 2014-09-03 14:26 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar
2014-08-28 04:06 - 2014-08-28 15:42 - 00001810 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-28 04:06 - 2014-08-28 04:20 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb
2014-08-27 19:00 - 2010-03-05 16:01 - 00420352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-27 19:00 - 2009-12-04 09:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-27 16:27 - 2009-03-08 23:09 - 00391536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-27 16:27 - 2009-03-08 13:41 - 05937152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-27 16:27 - 2009-03-08 13:39 - 11063808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-27 16:27 - 2009-03-08 13:35 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-27 16:27 - 2009-03-08 13:34 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-27 16:27 - 2009-03-08 13:34 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe
2014-08-27 16:27 - 2009-03-08 13:34 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\PDMSetup.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-27 16:27 - 2009-03-08 13:32 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-27 16:27 - 2009-03-08 13:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-27 16:27 - 2009-03-08 13:32 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-27 16:27 - 2009-03-08 13:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-27 16:27 - 2009-03-08 13:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-27 16:27 - 2009-03-08 13:30 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-27 16:27 - 2009-03-08 13:22 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-27 16:27 - 2009-03-08 13:22 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-27 16:27 - 2009-03-08 13:11 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-27 16:27 - 2009-02-07 06:07 - 03698584 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-27 16:26 - 2014-08-27 16:42 - 00058468 _____ () C:\Windows\ie8_main.log
2014-08-27 16:23 - 2014-09-03 13:50 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini
2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll
2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll
2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo
2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice
2014-08-23 03:21 - 2014-08-23 03:25 - 164858324 _____ () C:\Users\Ich\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe
2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA
2014-08-08 00:44 - 2014-08-08 00:50 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv
2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software
2014-08-06 19:05 - 2014-08-06 19:07 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-08-06 19:01 - 2014-08-06 19:02 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe
2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU
2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-08-06 18:57 - 2014-08-06 18:58 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-08-06 18:57 - 2012-03-23 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 15:25 - 2014-09-03 15:25 - 00001307 _____ () C:\Users\Ich\Desktop\FRST.txt
2014-09-03 15:25 - 2014-09-03 15:25 - 00000000 ____D () C:\Users\Ich\Desktop\FRST-OlderVersion
2014-09-03 15:25 - 2014-08-31 19:31 - 00000000 ____D () C:\FRST
2014-09-03 15:25 - 2014-08-30 03:22 - 01096704 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe
2014-09-03 15:19 - 2014-09-03 15:19 - 00000632 _____ () C:\Users\Ich\Desktop\JRT.txt
2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 15:12 - 2014-09-03 13:55 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 15:11 - 2006-11-02 12:33 - 00810610 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-03 14:59 - 2012-10-06 00:25 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-03 14:59 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-03 14:59 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 14:59 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 14:57 - 2014-09-03 14:57 - 01016261 _____ (Thisisu) C:\Users\Ich\Downloads\JRT.exe
2014-09-03 14:53 - 2012-10-06 04:20 - 00082770 _____ () C:\Windows\PFRO.log
2014-09-03 14:48 - 2006-11-02 15:01 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-03 14:43 - 2014-01-24 20:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-03 14:43 - 2006-11-02 14:52 - 01744238 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 14:29 - 2014-09-03 14:16 - 00000000 ____D () C:\AdwCleaner
2014-09-03 14:26 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar
2014-09-03 14:19 - 2012-10-06 00:25 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-03 14:15 - 2014-09-03 14:15 - 01370483 _____ () C:\Users\Ich\Downloads\adwcleaner_3.309.exe
2014-09-03 14:13 - 2014-09-03 14:13 - 00000646 _____ () C:\Users\Ich\Desktop\Malwarebytes.txt
2014-09-03 13:55 - 2014-09-03 13:55 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-03 13:55 - 2014-09-03 13:55 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-09-03 13:54 - 2014-09-03 13:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ich\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-03 13:50 - 2014-09-03 13:50 - 00000000 ____D () C:\Users\Ich\AppData\Local\CyberGhost
2014-09-03 13:50 - 2014-08-27 16:23 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-09-03 13:49 - 2014-09-03 13:49 - 00001720 _____ () C:\Users\Ich\Desktop\CyberGhost 5.lnk
2014-09-03 13:49 - 2014-09-03 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2014-09-03 13:49 - 2014-09-03 13:49 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-09-03 13:49 - 2014-09-03 13:48 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe
2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt
2014-09-02 20:10 - 2014-09-02 20:00 - 00000000 ____D () C:\ComboFix
2014-09-02 20:10 - 2014-09-02 19:30 - 00000000 ____D () C:\Qoobox
2014-09-02 20:08 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-09-02 19:55 - 2014-09-02 19:29 - 05576326 ____R (Swearware) C:\Users\Ich\Downloads\ComboFix.exe
2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-09-02 19:47 - 2014-09-02 19:30 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 19:42 - 2006-11-02 12:22 - 38010880 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-02 19:42 - 2006-11-02 12:22 - 25427968 _____ () C:\Windows\system32\config\COMPON~1.bak
2014-09-02 19:42 - 2006-11-02 12:22 - 20709376 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-02 15:33 - 2014-09-02 15:33 - 00001057 _____ () C:\Users\Ich\Desktop\Revo Uninstaller.lnk
2014-09-02 15:33 - 2014-09-02 15:33 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-02 15:33 - 2014-09-02 15:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ich\Downloads\revosetup95.exe
2014-08-30 18:17 - 2012-10-28 17:56 - 00000000 ____D () C:\Users\Ich\Desktop\Controller - Gamepad
2014-08-29 18:13 - 2012-10-05 21:13 - 00100432 _____ () C:\Users\Ich\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-29 18:12 - 2006-11-02 14:47 - 00374776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-29 17:47 - 2014-08-29 17:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-08-29 17:45 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-29 17:44 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew
2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-29 17:43 - 2012-10-27 17:28 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-08-29 17:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-29 17:40 - 2006-11-02 12:23 - 00000219 _____ () C:\Windows\win.ini
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help
2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml
2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\TOP 20 Deutsche Single Charts April 2013 - YouTube.URL
2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\Top 20 Deutsche Charts Mai 2013 - YouTube.URL
2014-08-28 15:42 - 2014-08-28 04:06 - 00001810 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-28 15:42 - 2012-10-05 23:12 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-28 15:42 - 2012-10-05 21:13 - 00000949 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini
2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-28 05:50 - 2014-08-28 04:29 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-08-28 04:20 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
2014-08-27 18:07 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-27 16:42 - 2014-08-27 16:26 - 00058468 _____ () C:\Windows\ie8_main.log
2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini
2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll
2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll
2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo
2014-08-24 17:57 - 2012-10-06 00:14 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Winamp
2014-08-24 03:19 - 2012-10-06 03:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\vlc
2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice
2014-08-23 03:25 - 2014-08-23 03:21 - 164858324 _____ () C:\Users\Ich\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-08-23 03:25 - 2012-09-04 15:31 - 00000000 ____D () C:\Users\Ich\Desktop\Dwb projekte
2014-08-23 03:24 - 2012-10-06 03:59 - 00037888 _____ () C:\Users\Ich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe
2014-08-17 15:29 - 2014-06-20 12:51 - 00000000 ____D () C:\Users\Ich\Desktop\Handyvertrag
2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA
2014-08-12 20:58 - 2013-07-13 04:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-12 20:56 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-08 00:50 - 2014-08-08 00:44 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv
2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software
2014-08-06 19:07 - 2014-08-06 19:05 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-08-06 19:04 - 2013-09-27 18:25 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-08-06 19:04 - 2012-11-01 18:22 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\DVDVideoSoft
2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-08-06 19:03 - 2012-11-01 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-06 19:02 - 2014-08-06 19:01 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe
2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU
2014-08-06 18:58 - 2014-08-06 18:57 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-08-04 12:45 - 2012-09-04 21:50 - 00000000 ____D () C:\temp

Some content of TEMP:
====================
C:\Users\Ich\AppData\Local\temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-03 15:21

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=7cdd9974f7621946bdd8c29fb8d825ae
# engine=20001
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-04 04:21:21
# local_time=2014-09-04 06:21:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6000 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 5644 30114899 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 30114760 247380409 0 0
# scanned=176924
# found=6
# cleaned=0
# scan_time=5180
sh=8068EB4D7B7FCDC91FE23D8EBC325E55A654DDE6 ft=1 fh=aca2fb68c7a53c8e vn="Variante von Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Smart File Advisor\sfa.exe"
sh=A893D4F8C879E48BCC8EF252C92FF6FE51DE5F03 ft=1 fh=7af50601de6215a5 vn="Variante von Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Smart File Advisor\sfa_inst.exe"
sh=822DEDDF890FC279C11CC5772CF5D9F2F741C916 ft=1 fh=e993d618cab0597f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\FreeVideoFlipAndRotate.exe"
sh=596D78A7F03D1DAEE86BCCE8DD7713AA60E8F9E4 ft=1 fh=8eaf1d336ac02ccc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\FreeYouTubeToMP3Converter34.exe"
sh=CD6DCE4B916C39E4FCE0BD2A97F6619A901231C2 ft=1 fh=d62f2cecbd4afc01 vn="Win32/WinloadSDA.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\ProxMate-fr-Firefox-lnstall.exe"
sh=B56101CE038ACE9C0DFB8EB7E0F4CCB59C491374 ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\62e472.msi"

Habe noch ein frage bezüglich des ESET. Warum sollen die bedrohlichen Dateien nicht gelöscht werden?

Results of screen317's Security Check version 0.99.87
Windows Vista x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 8 Out of date!
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2014
TuneUp Utilities 2014 (de-DE)
TuneUp Utilities 2014
Java 7 Update 60
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 14.0.0.145
Adobe Reader 10.1.11 Adobe Reader out of Date!
Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````


FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014
Ran by Ich (administrator) on ICH-PC on 04-09-2014 18:40:29
Running from C:\Users\Ich\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
() C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
(hxxp://libusb-win32.sourceforge.net) C:\Windows\System32\libusbd-nt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [817672 2008-06-04] (Dritek System Inc.)
HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3673600 2012-10-05] (Arachnoid Biometrics Identification Group Corp.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG)
HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [smoother] => C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] ()
HKU\S-1-5-21-3325081473-2881869368-4166051970-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=;ftp=;https=;
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default
FF NewTab: www.google.de
FF Homepage: https://www.google.de/?gfe_rd=cr&ei=NPsFVOX3HqiF8QfCtYCgDQ&gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\ich@maltegoetz.de [2014-07-23]
FF Extension: YouTube Unblocker - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\youtubeunblocker@unblocker.yt [2014-07-05]
FF Extension: Smoother Web - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-28]
FF Extension: Tab Converter - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{40f3666d-0746-451b-893f-6be81e8d1e33}.xpi [2014-07-12]
FF Extension: {519dc759-96fc-494f-8786-1ada2fcc4f8f} - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{519dc759-96fc-494f-8786-1ada2fcc4f8f}.xpi [2014-07-06]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-22]
FF Extension: Adblock Plus - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-28]
FF HKCU\...\Firefox\Extensions: [{60525b7e-56a2-4031-a4f4-35eb2c9dd4d8}] - C:\Program Files\LyriXeeker\130.xpi
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [File not signed]
R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3521024 2012-10-05] () [File not signed]
R2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2012-10-05] (Alfa Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48640 2007-05-09] (JMicron Technology Corp.)
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)
R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-21] (Avira GmbH)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 18:40 - 2014-09-04 18:40 - 00013609 _____ () C:\Users\Ich\Desktop\FRST.txt
2014-09-04 18:31 - 2014-09-04 18:31 - 00854417 _____ () C:\Users\Ich\Downloads\SecurityCheck.exe
2014-09-03 20:00 - 2014-09-03 20:00 - 00000000 ____D () C:\Users\Ich\Desktop\Microsoft office
2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 13:48 - 2014-09-03 13:49 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe
2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt
2014-09-02 20:00 - 2014-09-02 20:10 - 00000000 ____D () C:\ComboFix
2014-09-02 19:31 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-02 19:31 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-02 19:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-02 19:31 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-02 19:30 - 2014-09-02 20:10 - 00000000 ____D () C:\Qoobox
2014-09-02 19:30 - 2014-09-02 19:47 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 15:33 - 2014-09-03 19:40 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-31 19:31 - 2014-09-04 18:40 - 00000000 ____D () C:\FRST
2014-08-30 03:22 - 2014-09-03 15:25 - 01096704 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe
2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-29 17:47 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-08-29 17:39 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-29 17:39 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help
2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml
2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini
2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-28 04:29 - 2014-08-28 05:50 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
2014-08-28 04:06 - 2014-09-03 14:26 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar
2014-08-28 04:06 - 2014-08-28 04:20 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb
2014-08-27 19:00 - 2010-03-05 16:01 - 00420352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-27 19:00 - 2009-12-04 09:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-27 16:27 - 2009-03-08 23:09 - 00391536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-27 16:27 - 2009-03-08 13:41 - 05937152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-27 16:27 - 2009-03-08 13:39 - 11063808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-27 16:27 - 2009-03-08 13:35 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-27 16:27 - 2009-03-08 13:34 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-27 16:27 - 2009-03-08 13:34 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe
2014-08-27 16:27 - 2009-03-08 13:34 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-27 16:27 - 2009-03-08 13:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\PDMSetup.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-27 16:27 - 2009-03-08 13:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-27 16:27 - 2009-03-08 13:33 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-27 16:27 - 2009-03-08 13:32 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-27 16:27 - 2009-03-08 13:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-27 16:27 - 2009-03-08 13:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-27 16:27 - 2009-03-08 13:32 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-27 16:27 - 2009-03-08 13:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-27 16:27 - 2009-03-08 13:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-27 16:27 - 2009-03-08 13:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-27 16:27 - 2009-03-08 13:30 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-27 16:27 - 2009-03-08 13:22 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-27 16:27 - 2009-03-08 13:22 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-27 16:27 - 2009-03-08 13:11 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-27 16:27 - 2009-02-07 06:07 - 03698584 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-27 16:26 - 2014-08-27 16:42 - 00058468 _____ () C:\Windows\ie8_main.log
2014-08-27 16:23 - 2014-09-03 19:40 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini
2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll
2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll
2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo
2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice
2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe
2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA
2014-08-08 00:44 - 2014-08-08 00:50 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv
2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software
2014-08-06 19:05 - 2014-08-06 19:07 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-08-06 19:01 - 2014-08-06 19:02 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe
2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU
2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-08-06 18:57 - 2014-08-06 18:58 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-08-06 18:57 - 2012-03-23 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 18:41 - 2014-09-04 18:40 - 00013609 _____ () C:\Users\Ich\Desktop\FRST.txt
2014-09-04 18:40 - 2014-08-31 19:31 - 00000000 ____D () C:\FRST
2014-09-04 18:40 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-04 18:40 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-04 18:31 - 2014-09-04 18:31 - 00854417 _____ () C:\Users\Ich\Downloads\SecurityCheck.exe
2014-09-04 18:19 - 2012-10-06 00:25 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-04 17:43 - 2014-01-24 20:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-04 16:46 - 2006-11-02 12:33 - 00810610 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-04 16:43 - 2006-11-02 14:52 - 01781606 _____ () C:\Windows\WindowsUpdate.log
2014-09-04 16:41 - 2012-10-06 00:25 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-04 16:40 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-04 06:13 - 2006-11-02 15:01 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-04 04:25 - 2012-10-06 03:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\vlc
2014-09-04 04:11 - 2012-10-06 03:59 - 00061440 _____ () C:\Users\Ich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-04 02:18 - 2012-10-06 00:14 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Winamp
2014-09-03 21:03 - 2014-06-20 12:51 - 00000000 ____D () C:\Users\Ich\Desktop\Handyvertrag
2014-09-03 20:00 - 2014-09-03 20:00 - 00000000 ____D () C:\Users\Ich\Desktop\Microsoft office
2014-09-03 19:44 - 2012-10-06 04:20 - 00083330 _____ () C:\Windows\PFRO.log
2014-09-03 19:40 - 2014-09-02 15:33 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-03 19:40 - 2014-08-27 16:23 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-09-03 15:25 - 2014-08-30 03:22 - 01096704 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe
2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 14:26 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar
2014-09-03 13:49 - 2014-09-03 13:48 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe
2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt
2014-09-02 20:10 - 2014-09-02 20:00 - 00000000 ____D () C:\ComboFix
2014-09-02 20:10 - 2014-09-02 19:30 - 00000000 ____D () C:\Qoobox
2014-09-02 20:08 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-09-02 19:47 - 2014-09-02 19:30 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 19:42 - 2006-11-02 12:22 - 38010880 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-02 19:42 - 2006-11-02 12:22 - 25427968 _____ () C:\Windows\system32\config\COMPON~1.bak
2014-09-02 19:42 - 2006-11-02 12:22 - 20709376 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-08-30 18:17 - 2012-10-28 17:56 - 00000000 ____D () C:\Users\Ich\Desktop\Controller - Gamepad
2014-08-29 18:13 - 2012-10-05 21:13 - 00100432 _____ () C:\Users\Ich\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-29 18:12 - 2006-11-02 14:47 - 00374776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-29 17:47 - 2014-08-29 17:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-08-29 17:45 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-29 17:44 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew
2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-29 17:43 - 2012-10-27 17:28 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-08-29 17:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-29 17:40 - 2006-11-02 12:23 - 00000219 _____ () C:\Windows\win.ini
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache
2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help
2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml
2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\TOP 20 Deutsche Single Charts April 2013 - YouTube.URL
2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\Top 20 Deutsche Charts Mai 2013 - YouTube.URL
2014-08-28 15:42 - 2012-10-05 23:12 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-28 15:42 - 2012-10-05 21:13 - 00000949 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini
2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-28 05:50 - 2014-08-28 04:29 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-08-28 04:20 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb
2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
2014-08-27 18:07 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-27 16:42 - 2014-08-27 16:26 - 00058468 _____ () C:\Windows\ie8_main.log
2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini
2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll
2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll
2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo
2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice
2014-08-23 03:25 - 2012-09-04 15:31 - 00000000 ____D () C:\Users\Ich\Desktop\Dwb projekte
2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe
2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA
2014-08-12 20:58 - 2013-07-13 04:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-12 20:56 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-08 00:50 - 2014-08-08 00:44 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv
2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software
2014-08-06 19:07 - 2014-08-06 19:05 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-08-06 19:04 - 2013-09-27 18:25 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-08-06 19:04 - 2012-11-01 18:22 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\DVDVideoSoft
2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-08-06 19:03 - 2012-11-01 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-06 19:02 - 2014-08-06 19:01 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe
2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU
2014-08-06 18:58 - 2014-08-06 18:57 - 00000000 ____D () C:\ProgramData\AVS4YOU

Some content of TEMP:
====================
C:\Users\Ich\AppData\Local\temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-04 16:46

==================== End Of Log ============================
         

--- --- ---

--- --- ---

Java, Flash und Adobe updaten.

Windows updaten, da fehlen 5 Jahre Updates und Servicepacks!

So, danke nochmal. Ja ich weiss, aber immer wenn ich java updaten will, funktioniert das nicht. Zum Windows Update, welches kommt da in Frage. Dachte das passiert immer automatisch. Weiss nicht warum. Seit gestern öffnet sich direkt nach dem Start das hier...

[IMG][/IMG]

jetzt hängt sich auch noch Firefox immer wieder auf und wenn man dann schließen will erscheint das hier...



Im Internet explorer kommt diese Meldung...

beide Servicepacks fehlen. Die erstmal installieren.

Ich habe jetzt bei Windows Update nachgesehen. Es gab ein Update, welches ich runtergeladen und installiert hab.