Antivir meldet: Ihr Computer ist nicht sicher - Echtzeitscanner kaputt?

schrauber · 13.04.2015, 08:09

ok

FritzSteiner · 13.04.2015, 17:43

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-04-2015
Ran by Friedrich at 2015-04-13 16:01:52 Run:1
Running from C:\Users\Friedrich\Desktop
Loaded Profiles: Friedrich (Available profiles: Friedrich)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\$RECYCLE.BIN
RemoveProxy:
Emptytemp:
*****************

C:\$RECYCLE.BIN => Moved successfully.

========= RemoveProxy: =========

"HKU\S-1-5-21-3993219044-2753971007-1908284826-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-3993219044-2753971007-1908284826-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-3993219044-2753971007-1908284826-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.


========= End of RemoveProxy: =========

EmptyTemp: => Removed 556.9 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 16:07:15 ====

schrauber · 14.04.2015, 07:06

Das frische FRST log fehlt noch. Noch Probleme?

FritzSteiner · 14.04.2015, 14:37

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2015
Ran by Friedrich (administrator) on MACK327 on 14-04-2015 15:18:03
Running from C:\Users\Friedrich\Desktop
Loaded Profiles: Friedrich (Available profiles: Friedrich)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Preventon Technologies Limited) C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
(Preventon Technologies Limited) C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(BonSoft) C:\Program Files (x86)\ClocX\ClocX.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ClocX] => C:\Program Files (x86)\ClocX\ClocX.exe [2090496 2013-01-14] (BonSoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [726320 2015-03-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3993219044-2753971007-1908284826-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
HKU\S-1-5-21-3993219044-2753971007-1908284826-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-3993219044-2753971007-1908284826-1000\...\Run: [Microsoft Works Update Detection] => C:\Program Files (x86)\Microsoft Works\WkDetect.exe
HKU\S-1-5-21-3993219044-2753971007-1908284826-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3993219044-2753971007-1908284826-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:tabs
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3993219044-2753971007-1908284826-1000 -> {6FCC6012-E4B7-4DCF-A559-FB107E2F1C64} URL = https://www.google.com/search?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-12] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-12] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-3993219044-2753971007-1908284826-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Friedrich\AppData\Roaming\Mozilla\Firefox\Profiles\0wcira82.Standard-Benutzer
FF Homepage: tvinfo.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-12] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-01-26] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-01-26] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3993219044-2753971007-1908284826-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Friedrich\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Extension: Download videos and MP3s from YouTube - C:\Users\Friedrich\AppData\Roaming\Mozilla\Firefox\Profiles\y83bffm4.default-1415032094794\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-28]
FF Extension: DownloadHelper - C:\Users\Friedrich\AppData\Roaming\Mozilla\Firefox\Profiles\y83bffm4.default-1415032094794\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-11-05]
FF Extension: Classic Theme Restorer - C:\Users\Friedrich\AppData\Roaming\Mozilla\Firefox\Profiles\y83bffm4.default-1415032094794\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015-02-25]
FF Extension: YouTube mp3 - C:\Users\Friedrich\AppData\Roaming\Mozilla\Firefox\Profiles\y83bffm4.default-1415032094794\Extensions\info@youtube-mp3.org.xpi [2015-02-25]
FF Extension: Tree Style Tab - C:\Users\Friedrich\AppData\Roaming\Mozilla\Firefox\Profiles\y83bffm4.default-1415032094794\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2015-02-25]
FF Extension: Adblock Plus - C:\Users\Friedrich\AppData\Roaming\Mozilla\Firefox\Profiles\y83bffm4.default-1415032094794\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-25]
FF HKU\S-1-5-21-3993219044-2753971007-1908284826-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-28]

Chrome: 
=======
CHR Profile: C:\Users\Friedrich\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Friedrich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-25]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [815920 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [434424 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [434424 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1004280 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 AV Engine Scanning Service; C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe [1246744 2012-09-17] (Preventon Technologies Limited)
R2 AV Watch Service; C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe [468064 2012-09-17] (Preventon Technologies Limited)
S4 Common Toolkit 2; C:\Program Files (x86)\Common Files\Common Toolkit Suite\Tools\x64\CommonToolkit2.exe [338432 2013-04-08] (SPAMfighter ApS) [File not signed]
S4 GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent, Inc.)
S4 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [X]
S3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AVFSFilter; C:\Windows\System32\DRIVERS\avfsfilter.sys [13720 2012-09-17] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-24] (Avira Operations GmbH & Co. KG)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-03-17] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 15:18 - 2015-04-14 15:19 - 00016965 _____ () C:\Users\Friedrich\Desktop\FRST.txt
2015-04-12 15:28 - 2015-04-12 15:28 - 00002037 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-04-12 15:26 - 2015-04-12 15:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-12 15:26 - 2015-03-24 14:59 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-04-12 15:26 - 2015-03-24 14:59 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-04-12 15:26 - 2015-03-24 14:59 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-04-12 15:26 - 2015-03-24 14:59 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-04-12 14:10 - 2015-04-12 14:11 - 04625104 _____ (Avira Operations GmbH & Co. KG) C:\Users\Friedrich\Downloads\avira_de_av_552a60ce51114__ws.exe
2015-04-12 14:08 - 2015-04-12 14:08 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-12 14:02 - 2015-04-12 14:02 - 00561064 _____ (Oracle Corporation) C:\Users\Friedrich\Downloads\jxpiinstall.exe
2015-04-12 02:02 - 2015-04-12 02:02 - 00003143 _____ () C:\Windows\IE11_main.log
2015-04-12 01:58 - 2015-04-12 02:02 - 41840320 _____ (Microsoft Corporation) C:\Users\Friedrich\Downloads\Windows-KB890830-x64-V5.22.exe
2015-04-12 00:07 - 2015-04-12 00:07 - 00001194 _____ () C:\Users\Friedrich\Desktop\FRST64(1).exe - Verknüpfung.lnk
2015-04-11 22:31 - 2015-04-11 22:31 - 01187840 _____ (Ruiware) C:\Users\Friedrich\Downloads\wpsetup.exe
2015-04-11 22:29 - 2015-04-11 22:29 - 04625104 _____ (Avira Operations GmbH & Co. KG) C:\Users\Friedrich\Downloads\avira_de_av_55297a1174afe__ws.exe
2015-04-11 20:57 - 2015-04-11 20:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-11 20:03 - 2015-04-11 20:03 - 00001268 _____ () C:\checkup.txt
2015-04-11 19:57 - 2015-04-11 19:57 - 00000795 _____ () C:\Users\Friedrich\Desktop\SecurityCheck.exe - Verknüpfung.lnk
2015-04-11 19:56 - 2015-04-11 19:56 - 00852616 _____ () C:\Users\Friedrich\Downloads\SecurityCheck.exe
2015-04-11 15:44 - 2015-04-11 15:44 - 00001338 _____ () C:\Users\Friedrich\Desktop\esetsmartinstaller_deu(1).exe - Verknüpfung.lnk
2015-04-11 15:43 - 2015-04-11 15:43 - 02347384 _____ (ESET) C:\Users\Friedrich\Downloads\esetsmartinstaller_deu(1).exe
2015-04-10 14:24 - 2015-04-10 14:24 - 00000835 _____ () C:\Users\Friedrich\Desktop\avira_antivirus_de-de.exe - Verknüpfung.lnk
2015-04-10 14:23 - 2015-04-10 14:38 - 186726144 _____ () C:\Users\Friedrich\Downloads\avira_antivirus_de-de.exe
2015-04-10 14:13 - 2015-04-10 14:13 - 01097176 _____ (Avira Operations GmbH & Co. KG) C:\Users\Friedrich\Downloads\avira_registry_cleaner_de.exe
2015-04-10 14:13 - 2015-04-10 14:13 - 00001338 _____ () C:\Users\Friedrich\Desktop\avira_registry_cleaner_de.exe - Verknüpfung.lnk
2015-04-10 13:53 - 2015-04-10 13:53 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MACK327-Windows-7-Home-Premium-(64-bit).dat
2015-04-10 13:53 - 2015-04-10 13:53 - 00000000 ____D () C:\RegBackup
2015-04-10 13:52 - 2015-04-10 13:52 - 02686959 _____ (Thisisu) C:\Users\Friedrich\Downloads\JRT.exe
2015-04-10 13:52 - 2015-04-10 13:52 - 00001134 _____ () C:\Users\Friedrich\Desktop\JRT.exe - Verknüpfung.lnk
2015-04-10 13:24 - 2015-04-10 13:24 - 02217984 _____ () C:\Users\Friedrich\Downloads\AdwCleaner_4.201.exe
2015-04-10 13:24 - 2015-04-10 13:24 - 00001257 _____ () C:\Users\Friedrich\Desktop\AdwCleaner_4.201.exe - Verknüpfung.lnk
2015-04-09 21:47 - 2015-04-09 21:48 - 39074536 _____ (Microsoft Corporation) C:\Users\Friedrich\Downloads\FileFormatConverters(1).exe
2015-04-09 21:26 - 2015-04-09 21:26 - 04922880 _____ () C:\Users\Friedrich\Frhlingserwachen.PPS
2015-04-09 21:08 - 2015-04-09 21:08 - 00021292 _____ () C:\ComboFix.txt
2015-04-09 20:47 - 2015-04-09 21:08 - 00000000 ____D () C:\Qoobox
2015-04-09 20:47 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-09 20:47 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-09 20:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-09 20:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-09 20:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-09 20:47 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-09 20:47 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-09 20:47 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-09 20:46 - 2015-04-09 21:05 - 00000000 ____D () C:\Windows\erdnt
2015-04-09 20:38 - 2015-04-09 20:46 - 00001053 _____ () C:\Users\Friedrich\Desktop\ComboFix.exe - Verknüpfung.lnk
2015-04-09 15:01 - 2015-04-09 15:01 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 22:19 - 2015-04-04 22:19 - 00171328 _____ () C:\Users\Friedrich\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-04 22:06 - 2015-04-12 15:29 - 00000000 ____D () C:\Users\Friedrich\AppData\Roaming\Avira
2015-04-04 20:58 - 2015-04-04 20:58 - 00000000 ____D () C:\Users\Friedrich\AppData\Roaming\AVG2015
2015-04-04 20:55 - 2015-04-04 20:58 - 00000000 ____D () C:\ProgramData\AVG2015
2015-04-04 20:55 - 2015-04-04 20:55 - 00000000 ____D () C:\$AVG
2015-04-04 20:54 - 2015-04-04 20:54 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-04-04 20:47 - 2015-04-09 03:41 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-04 20:47 - 2015-04-04 21:06 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\Avg2015
2015-04-04 20:47 - 2015-04-04 20:47 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\MFAData
2015-04-04 15:00 - 2015-04-09 15:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-03 17:18 - 2015-04-03 17:19 - 00000000 ____D () C:\Users\Friedrich\Documents\Eigene Scans
2015-04-03 01:27 - 2015-04-03 17:27 - 00000000 ____D () C:\Users\Friedrich\Eigene Korrespondenz - PDF
2015-03-25 13:36 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 13:36 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 13:36 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 13:36 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 13:36 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 13:36 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 13:36 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 13:36 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-22 04:39 - 2015-03-22 04:39 - 00000000 _____ () C:\Windows\SysWOW64\shoDB86.tmp
2015-03-22 04:30 - 2015-04-09 21:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 15:18 - 2014-05-28 04:08 - 02086477 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 15:18 - 2014-04-18 19:18 - 00000000 ____D () C:\FRST
2015-04-14 15:14 - 2014-04-18 03:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-14 15:13 - 2015-02-26 02:17 - 00028459 _____ () C:\Windows\setupact.log
2015-04-14 15:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 05:00 - 2012-11-10 13:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-14 03:21 - 2013-10-04 14:30 - 00000000 ___RD () C:\Users\Friedrich\Eigene Bilder
2015-04-14 00:54 - 2013-06-02 19:54 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-14 00:53 - 2013-06-02 19:54 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2015-04-13 18:37 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-13 18:37 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-13 16:46 - 2014-11-14 22:07 - 00000000 ____D () C:\Users\Friedrich\Eigene PDF
2015-04-13 16:02 - 2011-10-12 19:27 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\CrashDumps
2015-04-13 15:59 - 2015-03-03 00:42 - 02096640 _____ (Farbar) C:\Users\Friedrich\Desktop\FRST64.exe
2015-04-13 15:59 - 2015-03-03 00:42 - 00000000 ____D () C:\Users\Friedrich\Downloads\FRST-OlderVersion
2015-04-13 04:11 - 2011-09-23 12:48 - 00000000 ___RD () C:\Users\Friedrich\Eigene Texte
2015-04-12 15:34 - 2015-02-26 02:17 - 03596362 _____ () C:\Windows\PFRO.log
2015-04-12 15:28 - 2013-05-29 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-12 15:14 - 2013-05-29 21:56 - 00000000 ____D () C:\ProgramData\Avira
2015-04-12 14:08 - 2012-11-10 13:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-12 14:08 - 2012-05-08 10:08 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-12 14:08 - 2011-09-28 19:16 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 14:08 - 2011-09-24 20:06 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\Adobe
2015-04-12 14:05 - 2013-10-28 20:12 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-12 14:04 - 2014-10-17 16:29 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-12 14:04 - 2013-07-01 13:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-12 00:12 - 2014-04-18 19:20 - 00047397 _____ () C:\Users\Friedrich\Downloads\Addition.txt
2015-04-12 00:12 - 2014-04-18 19:19 - 00044428 _____ () C:\Users\Friedrich\Downloads\FRST.txt
2015-04-11 22:10 - 2013-07-27 21:16 - 00000000 ____D () C:\Windows\pss
2015-04-11 14:14 - 2011-03-28 20:10 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2015-04-11 14:14 - 2011-03-28 20:10 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2015-04-11 14:14 - 2009-07-14 07:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-10 13:43 - 2014-11-06 18:11 - 00000000 ____D () C:\AdwCleaner
2015-04-10 12:39 - 2012-10-15 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-10 04:37 - 2014-10-25 23:40 - 00000000 ____D () C:\Program Files (x86)\Teachmaster 4.3
2015-04-09 21:51 - 2011-09-21 17:16 - 00000000 ____D () C:\Users\Friedrich
2015-04-09 21:08 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-04-09 21:01 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-09 18:34 - 2013-08-07 13:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-04-09 03:45 - 2014-04-18 01:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-09 03:45 - 2013-05-30 14:06 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution
2015-04-09 03:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-04-09 03:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-04-09 03:43 - 2014-11-08 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-04-09 03:43 - 2012-11-15 00:32 - 00000000 ____D () C:\Users\Friedrich\AppData\Roaming\Stellarium
2015-04-09 03:43 - 2011-11-10 00:53 - 00000000 ____D () C:\ProgramData\clp
2015-04-09 03:43 - 2011-09-25 14:54 - 00000000 ____D () C:\Users\Friedrich\AppData\Roaming\PhotoScape
2015-04-09 03:42 - 2013-12-19 02:56 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2015-04-09 03:42 - 2012-10-23 13:32 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-09 03:42 - 2011-09-21 18:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-04-09 03:40 - 2011-09-21 19:40 - 00000000 ____D () C:\Windows\system32\EventProviders
2015-04-09 03:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-09 03:39 - 2014-11-16 02:27 - 00000000 ____D () C:\ProgramData\Softland
2015-04-09 03:39 - 2014-11-14 21:51 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2015-04-09 03:39 - 2014-11-14 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-04-09 03:39 - 2014-11-14 21:42 - 00000000 ____D () C:\Program Files\Canon
2015-04-09 03:39 - 2014-11-14 21:38 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-04-09 03:39 - 2014-11-08 17:01 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2015-04-09 03:39 - 2014-11-08 16:33 - 00000000 ____D () C:\ProgramData\InstallMate
2015-04-09 03:39 - 2014-11-07 15:40 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-04-09 03:39 - 2014-10-23 15:11 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2015-04-09 03:39 - 2014-05-06 14:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-09 03:39 - 2014-04-18 03:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-09 03:39 - 2013-12-19 02:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2015-04-09 03:39 - 2013-05-28 22:25 - 00000000 ____D () C:\Windows\ERUNT
2015-04-09 03:39 - 2012-12-02 20:39 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-09 03:39 - 2012-11-19 19:44 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\Mozilla
2015-04-09 03:39 - 2012-11-15 00:32 - 00000000 ____D () C:\Program Files\Stellarium
2015-04-09 03:39 - 2012-10-15 19:33 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\Opera
2015-04-09 03:39 - 2012-07-10 02:10 - 00000000 ____D () C:\Program Files\Mythicsoft
2015-04-09 03:39 - 2012-05-20 16:22 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-04-09 03:39 - 2012-04-23 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2015-04-09 03:39 - 2012-04-23 19:45 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-04-09 03:39 - 2011-11-10 00:52 - 00000000 ____D () C:\ProgramData\Common Toolkit Suite
2015-04-09 03:39 - 2011-11-05 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\astro-enc.de
2015-04-09 03:39 - 2011-11-05 01:32 - 00000000 ____D () C:\Program Files\astro-enc.de
2015-04-09 03:39 - 2011-10-31 22:11 - 00000000 ____D () C:\ProgramData\map&guide
2015-04-09 03:39 - 2011-10-21 14:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-09 03:39 - 2011-10-12 19:13 - 00000000 ____D () C:\ProgramData\Nokia
2015-04-09 03:39 - 2011-10-12 18:53 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\Nokia
2015-04-09 03:39 - 2011-10-12 18:53 - 00000000 ____D () C:\ProgramData\PC Suite
2015-04-09 03:39 - 2011-10-12 18:52 - 00000000 ____D () C:\Program Files\DIFX
2015-04-09 03:39 - 2011-10-12 18:50 - 00000000 ____D () C:\ProgramData\NokiaInstallerCache
2015-04-09 03:39 - 2011-10-08 16:21 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\Microsoft Games
2015-04-09 03:39 - 2011-10-03 12:07 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\Google
2015-04-09 03:39 - 2011-09-30 13:39 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-09 03:39 - 2011-09-25 16:00 - 00000000 ____D () C:\Program Files\GIMP-2.0
2015-04-09 03:39 - 2011-09-22 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2015-04-09 03:39 - 2011-09-21 18:36 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-04-09 03:39 - 2011-09-21 17:38 - 00000000 ____D () C:\Windows\Msagent
2015-04-09 03:39 - 2011-09-21 17:17 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\VirtualStore
2015-04-09 03:39 - 2011-04-07 14:16 - 00000000 ____D () C:\Program Files\Windows Live
2015-04-09 03:39 - 2011-04-07 14:16 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-04-09 03:39 - 2011-04-07 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-09 03:39 - 2011-04-07 13:59 - 00000000 ____D () C:\Program Files\Realtek
2015-04-09 03:39 - 2011-04-07 13:58 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-09 03:39 - 2011-03-28 20:05 - 00000000 ____D () C:\Windows\NAPP_Dism_Log
2015-04-09 03:39 - 2010-09-02 10:28 - 00000000 ____D () C:\ProgramData\Norton
2015-04-09 03:39 - 2010-09-02 10:27 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-09 03:39 - 2010-09-02 10:26 - 00000000 ____D () C:\ProgramData\oem
2015-04-09 03:39 - 2010-09-02 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-04-09 03:39 - 2010-09-02 10:23 - 00000000 ____D () C:\ProgramData\Nero
2015-04-09 03:39 - 2010-09-02 10:21 - 00000000 ____D () C:\ProgramData\eMachines
2015-04-09 03:39 - 2010-09-02 10:21 - 00000000 ____D () C:\Program Files\eMachines
2015-04-09 03:39 - 2010-09-02 10:20 - 00000000 ____D () C:\Windows\oem
2015-04-09 03:39 - 2010-09-02 10:20 - 00000000 ____D () C:\Program Files\Preload
2015-04-09 03:39 - 2010-09-02 10:15 - 00000000 ____D () C:\ProgramData\WildTangent
2015-04-09 03:39 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-09 03:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Performance
2015-04-09 03:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-04-09 03:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-09 03:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-04-09 03:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\MSBuild
2015-04-09 03:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2015-04-09 03:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-04-09 03:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-04-09 03:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-04-09 03:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-09 03:39 - 2009-07-14 06:45 - 00000000 ____D () C:\Windows\Setup
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PLA
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Globalization
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-09 03:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2015-04-09 03:38 - 2015-02-07 18:14 - 00000000 ____D () C:\Cambridge
2015-04-09 03:38 - 2014-11-28 06:14 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-04-09 03:38 - 2014-11-14 21:32 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-04-09 03:38 - 2014-11-08 16:33 - 00000000 ____D () C:\Program Files (x86)\Ruiware
2015-04-09 03:38 - 2014-11-06 19:38 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-04-09 03:38 - 2014-11-05 19:30 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-04-09 03:38 - 2014-11-05 18:54 - 00000000 ____D () C:\Program Files (x86)\Kestner
2015-04-09 03:38 - 2014-10-24 03:14 - 00000000 ____D () C:\Program Files (x86)\ClocX
2015-04-09 03:38 - 2014-05-13 03:30 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-04-09 03:38 - 2013-05-31 15:18 - 00000000 ____D () C:\MATS
2015-04-09 03:38 - 2013-03-17 15:14 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 3.6
2015-04-09 03:38 - 2012-12-02 20:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-09 03:38 - 2012-06-11 10:37 - 00000000 ____D () C:\Program Files (x86)\MSECache
2015-04-09 03:38 - 2012-04-23 22:45 - 00000000 ____D () C:\Program Files (x86)\Amazon
2015-04-09 03:38 - 2012-04-23 19:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Picture It! 2002
2015-04-09 03:38 - 2012-04-23 19:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Encarta
2015-04-09 03:38 - 2012-04-23 19:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft AutoRoute
2015-04-09 03:38 - 2011-10-31 22:11 - 00000000 ____D () C:\Program Files (x86)\map&guide
2015-04-09 03:38 - 2011-10-21 14:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-04-09 03:38 - 2011-10-12 18:50 - 00000000 ____D () C:\Program Files (x86)\Nokia
2015-04-09 03:38 - 2011-09-24 21:30 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2015-04-09 03:38 - 2011-09-23 13:07 - 00000000 ____D () C:\Microsoft Office
2015-04-09 03:38 - 2011-09-23 12:46 - 00000000 ____D () C:\OfficeUpdate11
2015-04-09 03:38 - 2011-09-22 15:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works Suite 2002
2015-04-09 03:38 - 2011-09-21 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-04-09 03:38 - 2011-04-07 14:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-04-09 03:38 - 2011-04-07 14:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-04-09 03:38 - 2011-04-07 13:59 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-04-09 03:38 - 2011-04-07 13:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-09 03:38 - 2010-09-02 10:58 - 00000000 ____D () C:\OEM
2015-04-09 03:38 - 2010-09-02 10:26 - 00000000 ____D () C:\Program Files (x86)\Symantec
2015-04-09 03:38 - 2010-09-02 10:26 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-09 03:38 - 2010-09-02 10:23 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-04-09 03:38 - 2010-09-02 10:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-09 03:38 - 2010-09-02 10:20 - 00000000 ____D () C:\Program Files (x86)\eMachines
2015-04-09 03:38 - 2010-09-02 10:15 - 00000000 ____D () C:\Program Files (x86)\eMachines Games
2015-04-09 03:38 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-04-09 03:38 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-04-04 22:19 - 2014-11-08 16:33 - 00000000 ____D () C:\Users\Friedrich\AppData\Roaming\WinPatrol
2015-04-04 22:04 - 2013-11-30 19:42 - 00000000 ____D () C:\Users\Friedrich\.thumbnails
2015-04-04 18:54 - 2013-02-15 21:19 - 00000000 ____D () C:\Users\Friedrich\AppData\Roaming\vlc
2015-04-03 17:24 - 2012-05-25 20:33 - 00000000 ____D () C:\Users\Friedrich\Fremde - PDF
2015-04-01 00:57 - 2014-11-05 19:24 - 00000000 ____D () C:\Users\Friedrich\AppData\Local\dgswb
2015-03-25 16:18 - 2014-12-11 18:13 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-24 03:05 - 2014-04-18 03:25 - 00001115 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-21 22:17 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-17 07:15 - 2014-04-18 03:25 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-17 07:15 - 2014-04-18 03:25 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-17 07:15 - 2014-04-18 03:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

==================== Files in the root of some directories =======

2015-02-24 22:25 - 2015-02-24 22:25 - 0000053 _____ () C:\Users\Friedrich\AppData\Roaming\LogFile.txt
2012-11-06 23:43 - 2013-05-19 18:22 - 0000078 _____ () C:\Users\Friedrich\AppData\Roaming\mbam.context.scan
2014-01-08 01:05 - 2014-10-22 00:05 - 0000093 _____ () C:\Users\Friedrich\AppData\Roaming\WB.CFG
2011-10-12 19:27 - 2013-07-04 22:32 - 0047616 _____ () C:\Users\Friedrich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-12 01:04 - 2015-03-12 01:04 - 0000017 _____ () C:\Users\Friedrich\AppData\Local\resmon.resmoncfg
2014-11-05 19:25 - 2014-11-05 19:25 - 0000290 _____ () C:\ProgramData\wb764821reg.bin

Some content of TEMP:
====================
C:\Users\Friedrich\AppData\Local\Temp\avgnt.exe
C:\Users\Friedrich\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-23 15:38

==================== End Of Log ============================

--- --- ---

--- --- ---

Hallo!
Ich habe nur noch ein Problem:
Auf den Firefox-Reitern der einzelnen Tabs erscheinen immer noch so komische farblich bunte Zeichen...
Ich kann hier bei Euch wohl keine Bilder einstellen, oder?
Du kannst es einsehen bei:
https://www.computerfrage.net/frage/was-sind-das-fuer-komische-zeichen-bei-den-firefox-reitern?foundIn=answer-listing
Dort habe ich die Frage zu den Reitern ebenfalls gestellt und du findest meine eigene Antwort mit einem Bild (Screenshot) der Reiter!
Vielen Dank!
Gruß
Fritz

schrauber · 15.04.2015, 05:58

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

FritzSteiner · 15.04.2015, 17:21

Nach exakter Durchführung der angegebenen Anweisungen besteht weiterhin dasselbe Problem mit den 'farbigen Reitern':

https://www.computerfrage.net/nutzer/FritzvonSteiner/antworten-auf-fragen/1

Gruß
Fritz

schrauber · 16.04.2015, 06:49

Graka Treiber neu nstalliert? Hardwarebeschleunigung mal abschalten in FF. Und nebenbei:

Crossposting ist blöd

FritzSteiner · 17.04.2015, 15:03

Dauernd muss ich mich hier für meine Fehler entschuldigen!

Es tut mir echt leid, dass ich mich nicht so gut auskenne!

Ich weiß auch nicht, was Cross-Posting ist und absichtlich mache ich das ja auch nicht!

Und einen Graka-Treiber kenne ich auch nicht!

Aber trotzdem vielen Dank!

Nach Abschalten der Hardware-Beschleunigung sind nun endlich die komischen Zeichen auf den Reitern verschwunden!

Ich danke recht herzlich für den Tipp und die gute Hilfe!

Kann/soll ich jetzt benutzte, hochgeladene Programme deinstallieren?

Gruß
Fritz

schrauber · 18.04.2015, 08:10

Zitat:

Es tut mir echt leid, dass ich mich nicht so gut auskenne!

Ich weiß auch nicht, was Cross-Posting ist und absichtlich mache ich das ja auch nicht!

Deswegen hab ich es ja auch nur erwähnt (mit Link zum Nachlesen was das ist) und nicht gleich den Thread geschlossen, also Wuuussaaaaa

Zitat:

Und einen Graka-Treiber kenne ich auch nicht!

Treiber deiner Grafikkarte. Und der Tipp war gar nicht mal so schlecht. Wenn der Fehler durch deaktivieren der Hardwarebeschleunigung in Firefox weg ist, ist das eigentliche Problem der Treiber deiner Grafikkarte. Den bitte aktualisieren, dann die Beschleunigung in Firefox wieder einschalten.

Zum Aufräumen:

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

FritzSteiner · 24.04.2015, 01:11

Vor lauter Angst traue ich mich schon gar nicht mehr, noch etwas nachzufragen, wenn ich es jetzt nicht schaffe z.B. Combofix zu deinstallieren!

Gibt es noch ein anderes Forum, wo ich nicht so große Angst haben brauche, wenn ich etwas nicht verstehe?

schrauber · 24.04.2015, 07:36

Hast Du denn vorher schon mal Combofix benutzt? Ich denke nein, also ist es doch völlig normal dass Du damit evtl Schwierigkeiten hast. Und wenn was unklar ist, einfach fragen

.

Das Einzige, was man evtl beachten könnte, wenn du nochmal nachhakst, ist:

Zitat:

wenn ich es jetzt nicht schaffe z.B. Combofix zu deinstallieren

Wenn Du mir sowas schreibst kommt von mir als Antwort "geht das genauer?"

Dieses Forum hier ist der letzte Platz im Netz, bei dem ein User Angst haben muss irgendwas zu fragen, nur solange du eben nicht Bescheid gibst dass Du mit was Probleme hast, kann ich auch nicht weiter helfen

13.04.2015, 08:09	#16
schrauber /// the machine /// TB-Ausbilder	Antivir meldet: Ihr Computer ist nicht sicher - Echtzeitscanner kaputt? ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

14.04.2015, 07:06	#18
schrauber /// the machine /// TB-Ausbilder	Antivir meldet: Ihr Computer ist nicht sicher - Echtzeitscanner kaputt? Das frische FRST log fehlt noch. Noch Probleme? __________________ __________________

16.04.2015, 06:49	#22
schrauber /// the machine /// TB-Ausbilder	Antivir meldet: Ihr Computer ist nicht sicher - Echtzeitscanner kaputt? Graka Treiber neu nstalliert? Hardwarebeschleunigung mal abschalten in FF. Und nebenbei: Crossposting ist blöd __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Antivir meldet: Ihr Computer ist nicht sicher - Echtzeitscanner kaputt?

Plagegeister aller Art und deren Bekämpfung: Antivir meldet: Ihr Computer ist nicht sicher - Echtzeitscanner kaputt?