Movie Wizard lässt sich nicht Deinstallieren

schrauber · 05.02.2015, 08:19

Das frische FRST log bitte noch, und bitte in Codetags.

hillekattche · 05.02.2015, 10:15

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-02-2015
Ran by Thomas (administrator) on THOMAS-PC on 05-02-2015 09:57:15
Running from C:\Users\Thomas\Desktop\hille sicherung\Downloads
Loaded Profiles: Thomas (Available profiles: Thomas)
Platform: Microsoft Windows 7 Enterprise  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-25] (AVAST Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKU\S-1-5-21-752035569-2837603109-3999526748-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-752035569-2837603109-3999526748-1000\...\Run: [QuickScanner] => C:\Program Files\Defender Pro Quick Scanner\quickscan.exe [14483800 2013-03-21] (Defender Pro)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:65399;https=127.0.0.1:65399
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-752035569-2837603109-3999526748-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-752035569-2837603109-3999526748-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-752035569-2837603109-3999526748-1000 -> DefaultScope {FC71C75F-BB6B-4E53-A768-6106194347B5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-752035569-2837603109-3999526748-1000 -> {FC71C75F-BB6B-4E53-A768-6106194347B5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\9j6ycytz.default-1422181944990
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin HKU\S-1-5-21-752035569-2837603109-3999526748-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Thomas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-25]

Chrome: 
=======
CHR Profile: C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google-Suche) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-29]
CHR Extension: (Google Mail) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-25]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-25] (AVAST Software)
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-25] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-25] ()
S3 athur; system32\DRIVERS\athur.sys [X]
S3 catchme; \??\C:\Users\Thomas\AppData\Local\Temp\catchme.sys [X]
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 13:20 - 2015-02-01 13:20 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-01 13:20 - 2015-02-01 13:20 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-01 13:20 - 2015-02-01 13:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-01 09:56 - 2015-02-01 09:56 - 00001237 _____ () C:\Users\Thomas\Desktop\Landwirtschafts Simulator 15 .lnk
2015-02-01 09:56 - 2015-02-01 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2015
2015-02-01 09:47 - 2015-02-02 22:26 - 00000000 ____D () C:\Program Files\Landwirtschafts Simulator 2015
2015-02-01 09:14 - 2015-02-01 09:14 - 00011607 _____ () C:\ComboFix.txt
2015-02-01 08:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-01 08:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-01 08:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-01 08:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-01 08:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-01 08:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-01 08:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-01 08:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-01 08:54 - 2015-02-01 09:14 - 00000000 ____D () C:\Qoobox
2015-02-01 08:53 - 2015-02-01 09:13 - 00000000 ____D () C:\Windows\erdnt
2015-01-29 19:14 - 2015-02-05 09:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-29 18:20 - 2015-01-29 18:43 - 00014695 _____ () C:\Users\Thomas\Desktop\hille sicherung\Documents\Unbenannt 1.odt
2015-01-29 17:48 - 2015-02-04 20:29 - 00003510 _____ () C:\Windows\PFRO.log
2015-01-29 17:48 - 2015-02-04 20:29 - 00000280 _____ () C:\Windows\setupact.log
2015-01-29 17:48 - 2015-01-29 17:48 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-27 09:38 - 2015-01-27 09:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-27 09:34 - 2015-02-05 09:57 - 00000000 ____D () C:\FRST
2015-01-19 18:10 - 2015-01-19 18:11 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-01-19 18:10 - 2015-01-19 18:10 - 00000000 ____D () C:\Program Files\Free Codec Pack
2015-01-16 19:17 - 2015-02-05 09:39 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-16 19:17 - 2015-02-05 09:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-16 19:06 - 2015-01-16 19:06 - 00000996 _____ () C:\quickscan.xml
2015-01-16 18:31 - 2015-01-16 19:19 - 00000000 ____D () C:\Program Files\Defender Pro Quick Scanner
2015-01-16 18:31 - 2015-01-16 19:06 - 00031952 _____ () C:\quickscan.txt
2015-01-16 18:31 - 2015-01-16 18:31 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\QuickScan
2015-01-16 17:49 - 2015-01-16 17:49 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-16 17:49 - 2015-01-16 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-16 17:48 - 2015-01-16 17:49 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-16 16:14 - 2015-01-16 16:14 - 00007605 _____ () C:\Users\Thomas\AppData\Local\Resmon.ResmonCfg
2015-01-16 15:49 - 2015-01-18 14:40 - 00000000 ____D () C:\Users\Thomas\Desktop\MUSIK
2015-01-14 14:32 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 14:32 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 14:32 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 14:32 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:32 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 14:31 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 09:54 - 2009-07-14 05:34 - 00020944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-05 09:54 - 2009-07-14 05:34 - 00020944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-05 09:38 - 2013-09-14 11:29 - 01460151 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 20:30 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-01 16:25 - 2014-11-25 11:13 - 00000000 ____D () C:\Users\Thomas\mod
2015-02-01 14:43 - 2014-03-07 12:41 - 00000000 ____D () C:\Users\Thomas\Desktop\hille sicherung\Documents\My Games
2015-02-01 13:20 - 2014-11-28 11:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-01 09:14 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2015-02-01 09:11 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2015-01-29 19:14 - 2014-08-18 05:13 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Adobe
2015-01-27 07:40 - 2013-12-10 22:18 - 00000000 ___HD () C:\Users\Thomas\Desktop\hille sicherung\Documents\Neuer Ordner
2015-01-22 10:57 - 2013-09-14 11:29 - 00000000 ____D () C:\Users\Thomas
2015-01-19 23:08 - 2010-06-08 19:59 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-19 23:03 - 2014-11-24 11:47 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\vlc
2015-01-19 18:13 - 2013-09-16 11:00 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
2015-01-19 18:11 - 2013-12-18 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-01-19 18:11 - 2013-12-18 17:45 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2015-01-16 17:55 - 2010-06-08 20:48 - 00000000 ____D () C:\Windows\Panther
2015-01-16 15:52 - 2014-09-26 18:24 - 00000000 ____D () C:\Users\Thomas\Desktop\hille sicherung
2015-01-14 19:15 - 2013-09-16 08:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 19:11 - 2010-06-08 20:04 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-12 15:54 - 2014-09-03 21:20 - 00001004 _____ () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-12 15:54 - 2013-09-14 11:30 - 00001150 _____ () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-06 04:36 - 2010-06-08 20:06 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-07-30 21:47 - 2014-07-30 21:47 - 0000043 _____ () C:\Users\Thomas\AppData\Roaming\WB.CFG
2015-01-16 16:14 - 2015-01-16 16:14 - 0007605 _____ () C:\Users\Thomas\AppData\Local\Resmon.ResmonCfg
2014-09-12 23:22 - 2014-09-12 23:22 - 0000000 _____ () C:\Users\Thomas\AppData\Local\{8FA2309A-56CB-4843-81E3-B12A8D28E52B}
2014-03-19 15:58 - 2014-03-19 16:50 - 0002001 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-27 12:15

==================== End Of Log ============================

--- --- ---

schrauber · 05.02.2015, 12:06

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:65399;https=127.0.0.1:65399

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Nochmal frisches FRST Log bitte.

hillekattche · 06.02.2015, 09:54

Also das mit Windows + R und den Text eingeben funktioniert nicht.Erscheint nur eine Warung das kein programm da ist zum ausführen und ich es suchen soll oder unter Systemsteuerung ein Programm zuordnen soll.

schrauber · 06.02.2015, 13:17

schreibst Du auch notepad in das Ausführen-Fenster, nach dem Drücken von Windows-Taste+R?

hillekattche · 07.02.2015, 12:21

Ja habe ich jetzt,nur jetzt steht da nach starten des FRST soviel wie datei nicht gefunden,also das was ich abspeichern sollte,obwohl ich es mit in den Ordner gespeichert habe.

schrauber · 07.02.2015, 15:56

Zitat:

C:\Users\Thomas\Desktop\hille sicherung\Downloads

FRST läuft entgegen der Anleitung bei Dir aus diesem Ordner, also fixlist auch in diesem Ordner speichern.

05.02.2015, 08:19	#16
schrauber /// the machine /// TB-Ausbilder	Movie Wizard lässt sich nicht Deinstallieren Das frische FRST log bitte noch, und bitte in Codetags. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

06.02.2015, 13:17	#20
schrauber /// the machine /// TB-Ausbilder	Movie Wizard lässt sich nicht Deinstallieren schreibst Du auch notepad in das Ausführen-Fenster, nach dem Drücken von Windows-Taste+R? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Movie Wizard lässt sich nicht Deinstallieren

Log-Analyse und Auswertung: Movie Wizard lässt sich nicht Deinstallieren