FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-09-2014
Ran by Madeleine (administrator) on MADELEINE-PC on 15-09-2014 21:03:27
Running from C:\Users\Madeleine\Desktop\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(AVM Berlin GmbH) C:\Program Files\avmwlanstick\FRITZWLanMini.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(Adobe Systems Incorporated.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrodist.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Spotify Ltd) C:\Users\Madeleine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\FRITZWLANMini.exe [343552 2006-06-23] (AVM Berlin GmbH)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [757248 2009-06-26] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [118640 2009-07-24] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421736 2012-03-27] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMgBHADMASwAtADgANwBXAFUAVQAtADIAVABWAEgAQQAtAFgANgBEAEYAOAAtAEwANgBQAEEATgA"&"inst=NwA3AC0ANAA0AD (the data entry has 293 more characters).
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [ICQ] => C:\Program Files\ICQ7.2\ICQ.exe [133432 2011-01-05] (ICQ, LLC.)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [GoogleChromeAutoLaunch_8F8DCD463458B8C70FE6ACB3E05E83C2] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Madeleine\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=a2c67ac9e276bc7c749248a5af60a882-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=1213b
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [Spotify] => C:\Users\Madeleine\AppData\Roaming\Spotify\Spotify.exe [6621752 2014-08-31] (Spotify Ltd)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [Spotify Web Helper] => C:\Users\Madeleine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-31] (Spotify Ltd)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\MountPoints2: G - G:\pushinst.exe
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\MountPoints2: {4b5558a8-0427-11df-8b42-0022685d8ab7} - E:\pushinst.exe
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\MountPoints2: {6712b8a9-854a-11e1-8aea-0022685d8ab7} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\MountPoints2: {f6386fd5-e721-11de-b041-0022685d8ab7} - K:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nokia Nseries PC Suite.lnk
ShortcutTarget: Nokia Nseries PC Suite.lnk -> C:\Program Files\Nokia\NNPCS\RunLauncher.exe ()
Startup: C:\Users\Madeleine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 01FotoBank -> {489d8d66-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 02FotoBank -> {489d8d67-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 03FotoBank -> {489d8d68-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 04FotoBank -> {489d8d6A-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 05FotoBank -> {489d8d6B-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 06FotoBank -> {489d8d6C-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 07FotoBank -> {489d8d6D-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 08FotoBank -> {489d8d6E-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x20656961367BCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Madeleine\AppData\Roaming\Mozilla\Firefox\Profiles\znn0mjrh.default-1410381468474
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Madeleine\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-09-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-14]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [350876 2006-04-06] (AVM Berlin) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-03-03] (Macrovision Europe Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [300544 2007-06-15] (Nokia.) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [264704 2006-04-06] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2010-04-19] (Apple Inc.) [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41984 2011-02-18] (Apple, Inc.) [File not signed]
S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1956096 2009-06-26] (Microsoft Corporation)
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-13 13:26 - 2014-09-13 13:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-12 13:55 - 2014-09-12 13:55 - 00001177 _____ () C:\Suchlaufprotokoll.txt
2014-09-12 13:54 - 2014-09-12 13:54 - 00001172 _____ () C:\Users\Madeleine\Desktop\Mawarebystes.txt
2014-09-12 10:48 - 2014-09-15 21:00 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 10:48 - 2014-09-12 10:48 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-12 10:48 - 2014-09-12 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-12 10:48 - 2014-09-12 10:48 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-09-12 10:48 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-12 10:48 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-12 10:48 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-11 22:29 - 2014-09-11 23:15 - 00004531 _____ () C:\folders.log
2014-09-11 22:29 - 2014-09-11 22:29 - 00000000 ____D () C:\zoek
2014-09-11 22:17 - 2014-09-11 22:32 - 00004748 _____ () C:\zoek-results.log
2014-09-11 22:17 - 2014-09-11 22:17 - 00000441 _____ () C:\Users\Madeleine\Desktop\zoeck.txt
2014-09-11 22:15 - 2014-09-11 22:32 - 00002821 _____ () C:\runcheck.txt
2014-09-11 22:11 - 2014-09-11 23:07 - 00000000 ____D () C:\zoek_backup
2014-09-11 22:10 - 2014-09-11 22:10 - 00029334 _____ () C:\Users\Madeleine\Desktop\ADWCleaner_Resp..txt
2014-09-11 20:01 - 2014-09-15 21:03 - 00000000 ____D () C:\FRST
2014-09-11 19:03 - 2014-09-11 19:03 - 00000000 _____ () C:\Users\Madeleine\defogger_reenable
2014-09-11 17:27 - 2014-08-15 16:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 17:27 - 2014-08-15 16:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 17:27 - 2014-08-15 16:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 17:27 - 2014-08-15 16:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 17:27 - 2014-08-15 16:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 17:27 - 2014-08-15 16:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 17:27 - 2014-08-15 16:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 17:27 - 2014-08-15 16:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-11 17:27 - 2014-08-15 16:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 17:27 - 2014-08-15 16:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 17:27 - 2014-08-15 16:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 17:27 - 2014-08-15 16:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-11 17:27 - 2014-08-15 16:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-10 23:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-10 23:56 - 2014-09-11 22:01 - 00000000 ____D () C:\AdwCleaner
2014-09-10 22:16 - 2014-09-10 22:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Madeleine\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-28 14:49 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 14:49 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 18:43 - 2014-08-19 18:00 - 19402103 _____ () C:\Users\Madeleine\Desktop\20140819_175929.mp4
2014-08-16 22:05 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 22:05 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 22:05 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 22:05 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-16 10:35 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-16 10:35 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-16 10:35 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-16 10:35 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-16 10:35 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-16 10:35 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-16 10:35 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-16 10:35 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 21:03 - 2014-09-11 20:01 - 00000000 ____D () C:\FRST
2014-09-15 21:03 - 2014-08-11 19:07 - 00000000 ____D () C:\Users\Madeleine\AppData\Roaming\Spotify
2014-09-15 21:02 - 2009-12-15 17:10 - 00000000 ____D () C:\Users\Madeleine\Tracing
2014-09-15 21:00 - 2014-09-12 10:48 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 21:00 - 2010-05-19 19:46 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-15 20:59 - 2006-11-02 15:01 - 00032536 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-15 20:59 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 20:59 - 2006-11-02 14:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 20:59 - 2006-11-02 14:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 20:57 - 2009-12-12 15:32 - 01079415 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 20:55 - 2009-12-12 20:58 - 00000000 ____D () C:\Windows\Minidump
2014-09-15 20:49 - 2010-06-22 01:15 - 00000000 ____D () C:\Users\Madeleine\AppData\Local\DVDVideoSoft
2014-09-15 20:49 - 2009-12-15 17:20 - 00000000 ____D () C:\Users\Madeleine\AppData\Local\Google
2014-09-15 20:48 - 2012-09-10 19:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 20:43 - 2012-06-21 11:19 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-15 20:40 - 2010-05-19 19:47 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 15:03 - 2014-08-11 19:08 - 00000000 ____D () C:\Users\Madeleine\AppData\Local\Spotify
2014-09-14 22:50 - 2014-08-06 19:14 - 00000000 ____D () C:\Users\Madeleine\Desktop\Neuer Ordner
2014-09-14 21:55 - 2013-11-18 16:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-13 19:44 - 2010-05-04 14:31 - 00000000 ____D () C:\Users\Madeleine\AppData\Roaming\vlc
2014-09-13 13:26 - 2014-09-13 13:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-12 21:25 - 2009-04-11 18:55 - 08276472 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-12 20:47 - 2008-01-21 04:47 - 00169022 _____ () C:\Windows\PFRO.log
2014-09-12 19:30 - 2014-01-30 15:11 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-12 19:17 - 2006-11-02 13:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-12 17:56 - 2010-02-10 21:26 - 00000000 _____ () C:\Users\Madeleine\AppData\Local\prvlcl.dat
2014-09-12 13:55 - 2014-09-12 13:55 - 00001177 _____ () C:\Suchlaufprotokoll.txt
2014-09-12 13:54 - 2014-09-12 13:54 - 00001172 _____ () C:\Users\Madeleine\Desktop\Mawarebystes.txt
2014-09-12 10:48 - 2014-09-12 10:48 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-12 10:48 - 2014-09-12 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-12 10:48 - 2014-09-12 10:48 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-09-11 23:15 - 2014-09-11 22:29 - 00004531 _____ () C:\folders.log
2014-09-11 23:07 - 2014-09-11 22:11 - 00000000 ____D () C:\zoek_backup
2014-09-11 22:32 - 2014-09-11 22:17 - 00004748 _____ () C:\zoek-results.log
2014-09-11 22:32 - 2014-09-11 22:15 - 00002821 _____ () C:\runcheck.txt
2014-09-11 22:29 - 2014-09-11 22:29 - 00000000 ____D () C:\zoek
2014-09-11 22:17 - 2014-09-11 22:17 - 00000441 _____ () C:\Users\Madeleine\Desktop\zoeck.txt
2014-09-11 22:10 - 2014-09-11 22:10 - 00029334 _____ () C:\Users\Madeleine\Desktop\ADWCleaner_Resp..txt
2014-09-11 22:01 - 2014-09-10 23:56 - 00000000 ____D () C:\AdwCleaner
2014-09-11 22:01 - 2013-11-18 16:59 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-11 22:01 - 2009-12-12 15:37 - 00000987 _____ () C:\Users\Madeleine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-11 19:52 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-11 19:03 - 2014-09-11 19:03 - 00000000 _____ () C:\Users\Madeleine\defogger_reenable
2014-09-11 19:03 - 2009-12-12 15:37 - 00000000 ____D () C:\Users\Madeleine
2014-09-11 17:25 - 2009-08-18 07:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 17:23 - 2013-08-15 00:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 17:03 - 2006-11-02 12:24 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-10 23:55 - 2011-01-04 19:54 - 00000000 ____D () C:\Users\Madeleine\AppData\Roaming\DVDVideoSoft
2014-09-10 22:18 - 2013-08-09 14:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 22:16 - 2014-09-10 22:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Madeleine\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-10 22:08 - 2010-05-19 19:46 - 00000000 ___RD () C:\Program Files\Skype
2014-09-10 22:08 - 2010-05-19 19:46 - 00000000 ____D () C:\ProgramData\Skype
2014-09-10 22:03 - 2009-12-25 00:02 - 00000000 ____D () C:\Program Files\Java
2014-09-10 21:28 - 2012-09-10 19:59 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 21:28 - 2011-12-12 18:48 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-10 21:26 - 2010-06-14 20:54 - 00000000 ____D () C:\Users\Madeleine\AppData\Local\Adobe
2014-09-04 10:35 - 2014-03-31 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-04 10:35 - 2013-11-18 16:43 - 00000862 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-29 15:27 - 2006-11-02 14:47 - 03835752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-23 03:03 - 2014-08-28 14:49 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 01:26 - 2014-08-28 14:49 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 15:36 - 2010-06-08 19:28 - 00007944 _____ () C:\Users\Madeleine\AppData\Local\d3d9caps.dat
2014-08-19 18:00 - 2014-08-19 18:43 - 19402103 _____ () C:\Users\Madeleine\Desktop\20140819_175929.mp4
2014-08-17 17:02 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-17 16:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE

Some content of TEMP:
====================
C:\Users\Madeleine\AppData\Local\Temp\7za.exe
C:\Users\Madeleine\AppData\Local\Temp\First15.exe
C:\Users\Madeleine\AppData\Local\Temp\hijackthis.exe
C:\Users\Madeleine\AppData\Local\Temp\NirCmd.exe
C:\Users\Madeleine\AppData\Local\Temp\ose00000.exe
C:\Users\Madeleine\AppData\Local\Temp\PEVZ.EXE
C:\Users\Madeleine\AppData\Local\Temp\PicasaCD.exe
C:\Users\Madeleine\AppData\Local\Temp\Quarantine.exe
C:\Users\Madeleine\AppData\Local\Temp\remove.exe
C:\Users\Madeleine\AppData\Local\Temp\sed.exe
C:\Users\Madeleine\AppData\Local\Temp\shortcut.exe
C:\Users\Madeleine\AppData\Local\Temp\swreg.exe
C:\Users\Madeleine\AppData\Local\Temp\swxcacls.exe
C:\Users\Madeleine\AppData\Local\Temp\VP6Install.exe
C:\Users\Madeleine\AppData\Local\Temp\VP6VFW.dll
C:\Users\Madeleine\AppData\Local\Temp\wget.exe
C:\Users\Madeleine\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-14 22:07

==================== End Of Log ============================
         

--- --- ---

--- --- ---


Guten Abend,

vielen Dank für die geniale Hilfe!
Aktuell habe augenscheinlich keine
Probleme mehr. Bis auf die Kleinigkeit,
dass mir nach dem Start wieder das
Infofenster "Apple Aplication was not found"
angezeigt wird.

Ich bin mir nicht sicher ob
es überhaupt mit Apple zutun hat, aber
scheinbar geht es um I-tunes - die ich nicht
verwendet habe, weil ich kein Applegerät
habe... Außerdem steht da ich soll die Software
deinstallieren - finde sie aber nicht im System

Liebe Grüße

Hi,
die anderen Schritte vorher ausgeführt?

FIX
BEREINIGUNG
SCAN

*check*

Wo ist das Fixlog?

Übrigens,

Code: Alles auswählenAufklappen

ATTFilter

iTunes (HKLM\...\{23B8A91D-680B-462B-87AD-3D70F7341731}) (Version: 10.6.1.7 - Apple Inc.)
         

scheint installiert zu sein. Schau mal mit Revo ob Du es deinstallieren kannst. Software welche Du nicht brauchst sollte deinstalliert werden.

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-09-2014
Ran by Madeleine at 2014-09-15 20:49:43 Run:8
Running from C:\Users\Madeleine\Desktop\Desktop
Boot Mode: Normal



==============================================

Content of fixlist:
*****************
C:\Users\Madeleine\AppData\Local\DVDVideoSoft\tbDVD0.dll
C:\Users\Madeleine\AppData\Local\DVDVideoSoft\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll
C:\Users\Madeleine\AppData\LocalLow\DVDVideoSoft\ldrtbDVD2.dll
C:\Users\Madeleine\AppData\LocalLow\DVDVideoSoft\tbDVD0.dll
C:\Users\Madeleine\AppData\LocalLow\DVDVideoSoft\tbDVD1.dll
C:\Users\Madeleine\AppData\LocalLow\DVDVideoSoft\tbDVD2.dll
C:\Users\Madeleine\AppData\LocalLow\DVDVideoSoft\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll
C:\Users\Madeleine\AppData\LocalLow\MAX_DE_Atube\tbMAX_.dll
C:\Users\Madeleine\AppData\Roaming\Sun\Java\Deployment\cache\6.0
C:\Users\Madeleine\Desktop\Neuer Ordner\Alte Firefox-Daten\33js4w13.default\prefs-1.js
C:\Program Files\Google\Chrome
C:\Users\Madeleine\AppData\Local\Google\Chrome
*****************

C:\Users\Madeleine\AppData\Local\DVDVideoSoft\tbDVD0.dll => Moved successfully.
C:\Users\Madeleine\AppData\Local\DVDVideoSoft\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll => Moved successfully.
C:\Users\Madeleine\AppData\LocalLow\DVDVideoSoft\ldrtbDVD2.dll => Moved successfully.
C:\Users\Madeleine\AppData\LocalLow\DVDVideoSoft\tbDVD0.dll => Moved successfully.
C:\Users\Madeleine\AppData\LocalLow\DVDVideoSoft\tbDVD1.dll => Moved successfully.
C:\Users\Madeleine\AppData\LocalLow\DVDVideoSoft\tbDVD2.dll => Moved successfully.
C:\Users\Madeleine\AppData\LocalLow\DVDVideoSoft\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll => Moved successfully.
C:\Users\Madeleine\AppData\LocalLow\MAX_DE_Atube\tbMAX_.dll => Moved successfully.
C:\Users\Madeleine\AppData\Roaming\Sun\Java\Deployment\cache\6.0 => Moved successfully.
C:\Users\Madeleine\Desktop\Neuer Ordner\Alte Firefox-Daten\33js4w13.default\prefs-1.js => Moved successfully.
"C:\Program Files\Google\Chrome" => File/Directory not found.
C:\Users\Madeleine\AppData\Local\Google\Chrome => Moved successfully.

==== End of Fixlog ====
         

Kannst Du itunes deinstallieren?

Hat das mit der Datenträgerbereinigung geklappt?

Hi Jürgen,

zu Punkt 1:

I-Tunes wird mir nicht angezeigt.
Habe es auch schon seit längerem deinstalliert.
Revo findet auch nichts. Und unter der Windows-
Suchleiste leider auch gar nichts...

Im Internet habe ich gerade folgende Information
gefunden:



Deinstallieren Sie iTunes und installieren Sie es erneut. In den meisten Fällen wird so der Fehler behoben.
Suchen Sie in Ihren Downloads nach der heruntergeladenen iTunes-Datei. Klicken Sie auf diese mit einem Rechtsklick und öffnen Sie sie anschließend mit dem Programm WinRar. Danach wählen Sie "AppleApplicationSupport.msi" mit einem Rechtsklick aus. Extrahieren Sie und öffnen Sie dann diese Datei.
Ist Ihr Windows auf dem neusten Stand? Manchmal verhindern Updates, dass iTunes korrekt läuft. Suchen Sie nach neuen Aktualisierungen und installieren Sie diese gegebenenfalls.
Falls Ihnen alles nicht weiterhelfen wollte, wenden Sie sich an Apples Support und melden Sie den Fehler "Apple Application Support was not found".

- scheint so als müsste ich Itunes nochmal installieren, oder?

Datenträgerbereinigung hat geklappt. Keine Fehlermeldung erhalten, ganz normaler Abschluss des Vorgags

Grüße

Oder kann ich die Updates ausschalten nur so eine Idee

Nö,

mach mal bitte folgenden Fix (und brich FRST bitte nicht ab sondern warte):

Schritt 1



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code: Alles auswählenAufklappen

ATTFilter

CloseProcesses:
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421736 2012-03-27] (Apple Inc.)
C:\Program Files\iTunes\
Hosts:
EmptyTemp:
         

Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

• Starte FRST und drücke auf den Fix-Button.
• Das Tool erstellt eine "Fixlog.txt" -Datei.
• Poste mir bitte deren Inhalt.

Schritt 2



Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Programm hängt sich beim Fix-Vorgang auf

ich kann in die Vergangenheit sehen ->
das hatten wir bereits...

Zitat:

Zitat von Mena

Programm hängt sich beim Fix-Vorgang auf

Und das sollte eigentlich nicht sein...

Keine Fortschritte? Dann FRST-Scan bitte.

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-09-2014
Ran by Madeleine (administrator) on MADELEINE-PC on 15-09-2014 22:43:53
Running from C:\Users\Madeleine\Desktop\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Spotify Ltd) C:\Users\Madeleine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\FRITZWLANMini.exe [343552 2006-06-23] (AVM Berlin GmbH)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [757248 2009-06-26] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [118640 2009-07-24] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMgBHADMASwAtADgANwBXAFUAVQAtADIAVABWAEgAQQAtAFgANgBEAEYAOAAtAEwANgBQAEEATgA"&"inst=NwA3AC0ANAA0AD (the data entry has 293 more characters).
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [ICQ] => C:\Program Files\ICQ7.2\ICQ.exe [133432 2011-01-05] (ICQ, LLC.)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [GoogleChromeAutoLaunch_8F8DCD463458B8C70FE6ACB3E05E83C2] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Madeleine\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=a2c67ac9e276bc7c749248a5af60a882-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=1213b
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [Spotify] => C:\Users\Madeleine\AppData\Roaming\Spotify\Spotify.exe [6621752 2014-08-31] (Spotify Ltd)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\Run: [Spotify Web Helper] => C:\Users\Madeleine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-31] (Spotify Ltd)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\MountPoints2: G - G:\pushinst.exe
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\MountPoints2: {4b5558a8-0427-11df-8b42-0022685d8ab7} - E:\pushinst.exe
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\MountPoints2: {6712b8a9-854a-11e1-8aea-0022685d8ab7} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta
HKU\S-1-5-21-491985906-3955461640-2065506893-1000\...\MountPoints2: {f6386fd5-e721-11de-b041-0022685d8ab7} - K:\pushinst.exe
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ICQ] => C:\Program Files\ICQ7.2\ICQ.exe [133432 2011-01-05] (ICQ, LLC.)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_8F8DCD463458B8C70FE6ACB3E05E83C2] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Madeleine\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=a2c67ac9e276bc7c749248a5af60a882-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=1213b
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Madeleine\AppData\Roaming\Spotify\Spotify.exe [6621752 2014-08-31] (Spotify Ltd)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Madeleine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-31] (Spotify Ltd)
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: G - G:\pushinst.exe
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4b5558a8-0427-11df-8b42-0022685d8ab7} - E:\pushinst.exe
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6712b8a9-854a-11e1-8aea-0022685d8ab7} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta
HKU\S-1-5-21-491985906-3955461640-2065506893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f6386fd5-e721-11de-b041-0022685d8ab7} - K:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nokia Nseries PC Suite.lnk
ShortcutTarget: Nokia Nseries PC Suite.lnk -> C:\Program Files\Nokia\NNPCS\RunLauncher.exe ()
Startup: C:\Users\Madeleine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 01FotoBank -> {489d8d66-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 02FotoBank -> {489d8d67-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 03FotoBank -> {489d8d68-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 04FotoBank -> {489d8d6A-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 05FotoBank -> {489d8d6B-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 06FotoBank -> {489d8d6C-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 07FotoBank -> {489d8d6D-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)
ShellIconOverlayIdentifiers: 08FotoBank -> {489d8d6E-38d6-4dd3-83d5-9a7e07b65904} => C:\Program Files\FAST Gigabank\FotoBanker.dll (FAST LTA AG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x20656961367BCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Madeleine\AppData\Roaming\Mozilla\Firefox\Profiles\znn0mjrh.default-1410381468474
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Madeleine\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-09-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-14]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [350876 2006-04-06] (AVM Berlin) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-03-03] (Macrovision Europe Ltd.) [File not signed]
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [300544 2007-06-15] (Nokia.) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [264704 2006-04-06] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2010-04-19] (Apple Inc.) [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41984 2011-02-18] (Apple, Inc.) [File not signed]
S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1956096 2009-06-26] (Microsoft Corporation)
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-13 13:26 - 2014-09-13 13:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-12 13:55 - 2014-09-12 13:55 - 00001177 _____ () C:\Suchlaufprotokoll.txt
2014-09-12 13:54 - 2014-09-12 13:54 - 00001172 _____ () C:\Users\Madeleine\Desktop\Mawarebystes.txt
2014-09-12 10:48 - 2014-09-15 21:00 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 10:48 - 2014-09-12 10:48 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-12 10:48 - 2014-09-12 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-12 10:48 - 2014-09-12 10:48 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-09-12 10:48 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-12 10:48 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-12 10:48 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-11 22:29 - 2014-09-11 23:15 - 00004531 _____ () C:\folders.log
2014-09-11 22:29 - 2014-09-11 22:29 - 00000000 ____D () C:\zoek
2014-09-11 22:17 - 2014-09-11 22:32 - 00004748 _____ () C:\zoek-results.log
2014-09-11 22:17 - 2014-09-11 22:17 - 00000441 _____ () C:\Users\Madeleine\Desktop\zoeck.txt
2014-09-11 22:15 - 2014-09-11 22:32 - 00002821 _____ () C:\runcheck.txt
2014-09-11 22:11 - 2014-09-11 23:07 - 00000000 ____D () C:\zoek_backup
2014-09-11 22:10 - 2014-09-11 22:10 - 00029334 _____ () C:\Users\Madeleine\Desktop\ADWCleaner_Resp..txt
2014-09-11 20:01 - 2014-09-15 22:43 - 00000000 ____D () C:\FRST
2014-09-11 19:03 - 2014-09-11 19:03 - 00000000 _____ () C:\Users\Madeleine\defogger_reenable
2014-09-11 17:27 - 2014-08-15 16:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 17:27 - 2014-08-15 16:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 17:27 - 2014-08-15 16:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 17:27 - 2014-08-15 16:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 17:27 - 2014-08-15 16:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 17:27 - 2014-08-15 16:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 17:27 - 2014-08-15 16:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 17:27 - 2014-08-15 16:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 17:27 - 2014-08-15 16:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-11 17:27 - 2014-08-15 16:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 17:27 - 2014-08-15 16:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 17:27 - 2014-08-15 16:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 17:27 - 2014-08-15 16:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-11 17:27 - 2014-08-15 16:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-10 23:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-10 23:56 - 2014-09-11 22:01 - 00000000 ____D () C:\AdwCleaner
2014-09-10 22:16 - 2014-09-10 22:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Madeleine\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-28 14:49 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 14:49 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 18:43 - 2014-08-19 18:00 - 19402103 _____ () C:\Users\Madeleine\Desktop\20140819_175929.mp4
2014-08-16 22:05 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 22:05 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 22:05 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 22:05 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-16 10:35 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-16 10:35 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-16 10:35 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-16 10:35 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-16 10:35 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-16 10:35 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-16 10:35 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-16 10:35 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 22:43 - 2014-09-11 20:01 - 00000000 ____D () C:\FRST
2014-09-15 22:43 - 2014-08-11 19:07 - 00000000 ____D () C:\Users\Madeleine\AppData\Roaming\Spotify
2014-09-15 22:23 - 2006-11-02 14:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 22:23 - 2006-11-02 14:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 22:06 - 2010-05-19 19:47 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 22:02 - 2009-12-12 15:32 - 01079511 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 21:48 - 2012-09-10 19:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 21:02 - 2009-12-15 17:10 - 00000000 ____D () C:\Users\Madeleine\Tracing
2014-09-15 21:00 - 2014-09-12 10:48 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 21:00 - 2010-05-19 19:46 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-15 20:59 - 2006-11-02 15:01 - 00032536 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-15 20:59 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 20:55 - 2009-12-12 20:58 - 00000000 ____D () C:\Windows\Minidump
2014-09-15 20:49 - 2010-06-22 01:15 - 00000000 ____D () C:\Users\Madeleine\AppData\Local\DVDVideoSoft
2014-09-15 20:49 - 2009-12-15 17:20 - 00000000 ____D () C:\Users\Madeleine\AppData\Local\Google
2014-09-15 20:43 - 2012-06-21 11:19 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-15 15:03 - 2014-08-11 19:08 - 00000000 ____D () C:\Users\Madeleine\AppData\Local\Spotify
2014-09-14 22:50 - 2014-08-06 19:14 - 00000000 ____D () C:\Users\Madeleine\Desktop\Neuer Ordner
2014-09-14 21:55 - 2013-11-18 16:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-13 19:44 - 2010-05-04 14:31 - 00000000 ____D () C:\Users\Madeleine\AppData\Roaming\vlc
2014-09-13 13:26 - 2014-09-13 13:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-12 21:25 - 2009-04-11 18:55 - 08276472 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-12 20:47 - 2008-01-21 04:47 - 00169022 _____ () C:\Windows\PFRO.log
2014-09-12 19:30 - 2014-01-30 15:11 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-12 19:17 - 2006-11-02 13:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-12 17:56 - 2010-02-10 21:26 - 00000000 _____ () C:\Users\Madeleine\AppData\Local\prvlcl.dat
2014-09-12 13:55 - 2014-09-12 13:55 - 00001177 _____ () C:\Suchlaufprotokoll.txt
2014-09-12 13:54 - 2014-09-12 13:54 - 00001172 _____ () C:\Users\Madeleine\Desktop\Mawarebystes.txt
2014-09-12 10:48 - 2014-09-12 10:48 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-12 10:48 - 2014-09-12 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-12 10:48 - 2014-09-12 10:48 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-09-11 23:15 - 2014-09-11 22:29 - 00004531 _____ () C:\folders.log
2014-09-11 23:07 - 2014-09-11 22:11 - 00000000 ____D () C:\zoek_backup
2014-09-11 22:32 - 2014-09-11 22:17 - 00004748 _____ () C:\zoek-results.log
2014-09-11 22:32 - 2014-09-11 22:15 - 00002821 _____ () C:\runcheck.txt
2014-09-11 22:29 - 2014-09-11 22:29 - 00000000 ____D () C:\zoek
2014-09-11 22:17 - 2014-09-11 22:17 - 00000441 _____ () C:\Users\Madeleine\Desktop\zoeck.txt
2014-09-11 22:10 - 2014-09-11 22:10 - 00029334 _____ () C:\Users\Madeleine\Desktop\ADWCleaner_Resp..txt
2014-09-11 22:01 - 2014-09-10 23:56 - 00000000 ____D () C:\AdwCleaner
2014-09-11 22:01 - 2013-11-18 16:59 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-11 22:01 - 2009-12-12 15:37 - 00000987 _____ () C:\Users\Madeleine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-11 19:52 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-11 19:03 - 2014-09-11 19:03 - 00000000 _____ () C:\Users\Madeleine\defogger_reenable
2014-09-11 19:03 - 2009-12-12 15:37 - 00000000 ____D () C:\Users\Madeleine
2014-09-11 17:25 - 2009-08-18 07:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 17:23 - 2013-08-15 00:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 17:03 - 2006-11-02 12:24 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-10 23:55 - 2011-01-04 19:54 - 00000000 ____D () C:\Users\Madeleine\AppData\Roaming\DVDVideoSoft
2014-09-10 22:18 - 2013-08-09 14:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 22:16 - 2014-09-10 22:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Madeleine\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-10 22:08 - 2010-05-19 19:46 - 00000000 ___RD () C:\Program Files\Skype
2014-09-10 22:08 - 2010-05-19 19:46 - 00000000 ____D () C:\ProgramData\Skype
2014-09-10 22:03 - 2009-12-25 00:02 - 00000000 ____D () C:\Program Files\Java
2014-09-10 21:28 - 2012-09-10 19:59 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 21:28 - 2011-12-12 18:48 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-10 21:26 - 2010-06-14 20:54 - 00000000 ____D () C:\Users\Madeleine\AppData\Local\Adobe
2014-09-04 10:35 - 2014-03-31 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-04 10:35 - 2013-11-18 16:43 - 00000862 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-29 15:27 - 2006-11-02 14:47 - 03835752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-23 03:03 - 2014-08-28 14:49 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 01:26 - 2014-08-28 14:49 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 15:36 - 2010-06-08 19:28 - 00007944 _____ () C:\Users\Madeleine\AppData\Local\d3d9caps.dat
2014-08-19 18:00 - 2014-08-19 18:43 - 19402103 _____ () C:\Users\Madeleine\Desktop\20140819_175929.mp4
2014-08-17 17:02 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-17 16:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE

Some content of TEMP:
====================
C:\Users\Madeleine\AppData\Local\Temp\7za.exe
C:\Users\Madeleine\AppData\Local\Temp\First15.exe
C:\Users\Madeleine\AppData\Local\Temp\hijackthis.exe
C:\Users\Madeleine\AppData\Local\Temp\NirCmd.exe
C:\Users\Madeleine\AppData\Local\Temp\ose00000.exe
C:\Users\Madeleine\AppData\Local\Temp\PEVZ.EXE
C:\Users\Madeleine\AppData\Local\Temp\PicasaCD.exe
C:\Users\Madeleine\AppData\Local\Temp\Quarantine.exe
C:\Users\Madeleine\AppData\Local\Temp\remove.exe
C:\Users\Madeleine\AppData\Local\Temp\sed.exe
C:\Users\Madeleine\AppData\Local\Temp\shortcut.exe
C:\Users\Madeleine\AppData\Local\Temp\swreg.exe
C:\Users\Madeleine\AppData\Local\Temp\swxcacls.exe
C:\Users\Madeleine\AppData\Local\Temp\VP6Install.exe
C:\Users\Madeleine\AppData\Local\Temp\VP6VFW.dll
C:\Users\Madeleine\AppData\Local\Temp\wget.exe
C:\Users\Madeleine\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-15 21:05

==================== End Of Log ============================
         

--- --- ---

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Nein augenscheinlich keine!

Das Problem mit der Browserwerbung
ist definitiv weg...

Und der itunes-schmarrn?

Der Itunes Schmarrn ist auch fort ! Habe gerade einen Neustart gemacht !