Trojaner-Board - "Yahoo Community Smartbar Engine" lässt sich nicht entfernen

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - "Yahoo Community Smartbar Engine" lässt sich nicht entfernen (https://www.trojaner-board.de/158118-yahoo-community-smartbar-engine-laesst-entfernen.html)

"Yahoo Community Smartbar Engine" lässt sich nicht entfernen

Habe die Yahoo Smartbar bereits aus firefox entfernt. Aus dem Internet Explorer bekomme ich sie nicht, kann sie nur deaktivieren. In der "Systemsteuerung/Programme deinstallieren" passiert wenn ich die Smartbar deinstallieren will nichts. Ich hoffe mir kann hier geholfen werden

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:29-08-2014 01

Ran by Ich at 2014-08-31 19:32:22

Running from C:\Users\Ich\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 

AAU 6.0.00.16 (HKLM\...\Acer Acer Bio Protection 6.0.00.16) (Version:  - )

Acer Bio Protection

Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3010 - Acer Incorporated)

Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Reader X (10.1.11) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.30 - Atheros Communications Inc.)

Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)

CCS64 V3.8 (HKLM\...\{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}) (Version: 1.0.0 - Computerbrains C.C.S.)

Downlooad koeeper (HKLM\...\{C1A27135-69EB-8D44-7358-34727DD7B820}) (Version: 2.2.0.1771 - DoawnLoaid keepeir) <==== ATTENTION

FL Studio 10 (HKLM\...\FL Studio 10) (Version:  - Image-Line)

Free MP4 Video Converter version 5.0.29.925 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.29.925 - DVDVideoSoft Ltd.)

Free Video Editor version 1.4.3.716 (HKLM\...\Free Video Editor_is1) (Version: 1.4.3.716 - DVDVideoSoft Ltd.)

Free YouTube Download version 3.2.42.716 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.42.716 - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.12.11.812 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.11.812 - DVDVideoSoft Ltd.)

Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden

IL Download Manager (HKLM\...\IL Download Manager) (Version:  - Image-Line)

Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)

Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden

JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

Launch Manager (HKLM\...\LManager) (Version:  - )

LibUSB-Win32-0.1.10.1 (HKLM\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)

LPT System Updater Service (Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)

Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

Nero 7 Essentials (HKLM\...\{81CD6232-10F5-4832-B3DA-1B88B1571031}) (Version: 7.02.5851 - Nero AG)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)

NVIDIA Grafiktreiber 306.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.02 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.82.513 - NVIDIA Corporation) Hidden

NVIDIA PhysX (Version: 9.12.0604 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)

NVIDIA Systemsteuerung 306.02 (Version: 306.02 - NVIDIA Corporation) Hidden

NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden

Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)

reFX Nexus VSTi RTAS v2.2.0 (HKLM\...\reFX Nexus_is1) (Version:  - )

SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)

Smart File Advisor 1.1.1 (HKLM\...\Smart File Advisor_is1) (Version: 1.1.1 - Filefacts.net)

SmootherWeb (HKCU Version: 1.0 - SmootherWeb LLC) Hidden

SPBA 5.8 (HKLM\...\{ECCD28B2-8798-4D16-8126-625D728294A1}) (Version: 5.8.2.4218 - UPEK Inc.)

TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden

TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.275 - TuneUp Software)

TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden

Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Viscomsoft Free Face Off Maker (HKLM\...\Viscomsoft Free Face Off Maker for Window_is1) (Version:  - ViscomsoftOnline.com)

VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)

Winamp (HKLM\...\Winamp) (Version: 5.623  - Nullsoft, Inc)

Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)

Windows-Treiberpaket - Intel (NETw5v32) net  (05/28/2009 12.4.3.9) (HKLM\...\6C69862D99A6D18374D3619F0854C49073CD3370) (Version: 05/28/2009 12.4.3.9 - Intel)

WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

Yahoo Community Smartbar (HKLM\...\{6818F6FB-6270-4DE8-9827-40E852111F2A}) (Version: 11.88.66.18547 - Linkury Inc.) <==== ATTENTION

Yahoo Community Smartbar Engine (HKCU\...\{023382b0-7b22-476e-adc8-5bb6ddd683c6}) (Version: 11.88.66.18547 - Linkury Inc.) <==== ATTENTION
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 

==================== Restore Points  =========================
 

28-08-2014 02:29:17 Installed SpyHunter

28-08-2014 03:48:32 Removed SpyHunter

28-08-2014 03:49:26 Removed SpyHunter

28-08-2014 13:54:53 Removed Yahoo Community Smartbar

29-08-2014 15:19:00 OpenOffice 4.1.1 wird entfernt

29-08-2014 15:19:31 OpenOffice 4.1.1 wird entfernt

29-08-2014 15:26:07 Removed Yahoo Community Smartbar

29-08-2014 15:38:55 Installed Microsoft Office Enterprise 2007

30-08-2014 00:45:43 Removed Yahoo Community Smartbar
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1             localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {148F9437-4C1B-448C-8784-E62DB9F8C84F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2006-11-02] (Microsoft Corporation)

Task: {5A2D6FE0-2206-47DD-8914-4A810DF865CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06] (Google Inc.)

Task: {66D2BD02-D937-4AF4-AE4B-75FC248254EE} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION

Task: {7D1BB921-B206-481E-B6C4-317ED1016C08} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION

Task: {7FB0FE12-3D90-4666-96C9-084697BA58AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06] (Google Inc.)

Task: {9EB44560-63F6-4CA3-8294-048D3F7D340B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries

Task: {E3B6193A-F7D0-41AE-9F84-94DBEA6427C2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2006-11-02] ()
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2012-10-05 23:48 - 2012-10-05 23:48 - 00080896 _____ () C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll

2012-10-05 23:05 - 2008-08-19 14:27 - 00024576 _____ () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

2012-10-05 23:06 - 2012-10-05 23:06 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3010.0__14bcaafdb44b5951\Framework.Model.Controller.dll

2012-10-05 23:06 - 2012-10-05 23:06 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3010.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll

2012-10-05 23:06 - 2012-10-05 23:06 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3010.0__3036420f80dd6947\Framework.Library.dll

2012-10-05 23:06 - 2012-10-05 23:06 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3010.0__672b450de5a7e94a\Framework.Host.dll

2012-10-05 23:06 - 2012-10-05 23:06 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3010.0__9ecdf03bb2054f94\Framework.PluginInterface.dll

2012-10-05 23:48 - 2012-10-05 23:48 - 03521024 _____ () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

2014-07-21 14:28 - 2014-07-21 14:28 - 00034088 _____ () C:\Program Files\LPT\srpts.exe

2014-07-21 14:28 - 2014-07-21 14:33 - 00043816 _____ () C:\Program Files\LPT\srptc.dll

2014-07-21 14:27 - 2014-07-21 14:32 - 00018216 _____ () C:\Program Files\LPT\Smartbar.Common.dll

2014-07-21 14:28 - 2014-07-21 14:33 - 00035624 _____ () C:\Program Files\LPT\srptsl.exe

2014-07-21 14:28 - 2014-07-21 14:33 - 00069928 _____ () C:\Program Files\LPT\srut.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00023848 _____ () C:\Users\Ich\AppData\Local\LPT\srptm.exe

2014-07-21 14:33 - 2014-07-21 14:33 - 00083240 _____ () C:\Users\Ich\AppData\Local\LPT\srpt.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00043816 _____ () C:\Users\Ich\AppData\Local\LPT\srptc.dll

2014-07-21 14:32 - 2014-07-21 14:32 - 00018216 _____ () C:\Users\Ich\AppData\Local\LPT\Smartbar.Common.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00069928 _____ () C:\Users\Ich\AppData\Local\LPT\srut.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00067880 _____ () C:\Users\Ich\AppData\Local\LPT\sppsm.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00159528 _____ () C:\Users\Ich\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00027944 _____ () C:\Users\Ich\AppData\Local\LPT\Smartbar.Personalization.Common.dll

2014-07-21 14:32 - 2014-07-21 14:32 - 00166696 _____ () C:\Users\Ich\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00046888 _____ () C:\Users\Ich\AppData\Local\LPT\srbu.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00025896 _____ () C:\Users\Ich\AppData\Local\LPT\srpdm.dll

2014-07-21 14:32 - 2014-07-21 14:32 - 00027432 _____ () C:\Users\Ich\AppData\Local\LPT\ProxySettings.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00044840 _____ () C:\Users\Ich\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00055080 _____ () C:\Users\Ich\AppData\Local\LPT\srprl.dll

2014-07-21 14:32 - 2014-07-21 14:32 - 00050472 _____ () C:\Users\Ich\AppData\Local\LPT\lrrot.dll

2014-07-21 14:32 - 2014-07-21 14:32 - 00054056 _____ () C:\Users\Ich\AppData\Local\LPT\Proxy.Lib.dll

2014-07-21 14:33 - 2014-07-21 14:33 - 00028456 _____ () C:\Users\Ich\AppData\Local\LPT\sreu.dll

2014-08-28 04:06 - 2014-08-28 04:06 - 00904704 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll

2014-07-30 17:42 - 2014-07-30 17:43 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

2014-07-21 14:32 - 2014-07-21 14:32 - 00317224 _____ () C:\Users\Ich\AppData\Local\LPT\Resources\ntdis_32.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Users\Ich\Desktop\Dragonball.Z.Battle.of.Gods.GER.SUB.AAC.1080p.BluRay.x264-DBT.mp4:TOC.WMV
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (08/31/2014 07:30:00 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
 

Error: (08/31/2014 07:30:00 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
 

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4
 

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: LsaC:\Windows\system32\Secur32.dll4
 

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: ESENTC:\Windows\system32\esentprf.dll4
 

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1010) (User: )

Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
 

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: DFSRC:\Windows\System32\DfsrPerf.dll4
 

Error: (08/31/2014 07:29:58 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\system32\bitsperf.dll4
 

Error: (08/31/2014 07:13:22 PM) (Source: LoadPerf) (EventID: 3012) (User: )

Description: Performance16
 

Error: (08/30/2014 02:38:49 PM) (Source: LoadPerf) (EventID: 3012) (User: )

Description: Performance16
 
 

System errors:

=============

Error: (08/28/2014 03:43:04 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}
 

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068
 

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068
 

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068
 

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068
 

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: AFD

avipbb

avkmgr

DfsC

NetBIOS

netbt

nsiproxy

PSched

RasAcd

rdbss

Smb

spldr

ssmdrv

Tcpip

tdx

Wanarpv6
 

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068
 

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: TCP/IP Registry CompatibilityTCP/IP-Protokolltreiber%%31
 

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: NLA (Network Location Awareness)TCP/IP-Protokolltreiber%%31
 

Error: (08/28/2014 03:40:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: IP-HilfsdienstNetzwerkspeicher-Schnittstellendienst%%1068
 
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-08-28 15:07:51.567

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-08-28 15:07:51.530

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-08-28 15:07:51.492

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-08-28 15:07:51.455

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-08-28 15:07:50.977

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-08-28 15:07:50.938

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-08-28 15:07:50.900

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-08-28 15:07:50.851

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-11-23 06:07:16.708

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\BitGuard\271832~1.68\{C16C1~1\BitGuard.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-11-22 19:43:02.631

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\BitGuard\271832~1.68\{C16C1~1\BitGuard.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz

Percentage of memory in use: 41%

Total physical RAM: 3066.07 MB

Available physical RAM: 1795.24 MB

Total Pagefile: 6313.36 MB

Available Pagefile: 4981.28 MB

Total Virtual: 2047.88 MB

Available Virtual: 1932.11 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:144.04 GB) (Free:9.92 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (DATA) (Fixed) (Total:140.5 GB) (Free:42.86 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 27BCEB28)

Partition 1: (Not Active) - (Size=10 GB) - (Type=27)

Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=140.5 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=3.5 GB) - (Type=12)
 

==================== End Of Log ============================

--- --- ---

Hoffe es ist das, was du suchst. Schon einmal großes Dankeschön im vorraus.

fehlt noch die FRST.txt :)

Entschuldigung, aber ich kenn mich nicht so gut aus. Wo finde ich dieses FRST.txt? Ist es ebenfalls nach dem Scan mit dabei ?

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-08-2014 01

Ran by Ich (administrator) on ICH-PC on 31-08-2014 19:31:33

Running from C:\Users\Ich\Desktop

Platform: Microsoft® Windows Vista™ Home Premium  (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 8

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe

(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

() C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

(hxxp://libusb-win32.sourceforge.net) C:\Windows\System32\libusbd-nt.exe

() C:\Program Files\LPT\srpts.exe

() C:\Program Files\LPT\srptsl.exe

() C:\Users\Ich\AppData\Local\LPT\srptm.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Microsoft Corporation) C:\Windows\System32\conime.exe

(Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE

(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1006264 2012-10-06] (Microsoft Corporation)

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [817672 2008-06-04] (Dritek System Inc.)

HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3673600 2012-10-05] (Arachnoid Biometrics Identification Group Corp.)

HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)

HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG)

HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)

Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)

Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [Vidalia] => "C:\Program Files\Vidalia Relay Bundle\Vidalia\vidalia.exe"

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Ich\AppData\Local\Smartbar\Application\Smartbar.exe [28968 2014-07-21] (Smartbar)

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [smoother] => C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] ()

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\MountPoints2: {48dd213b-1614-11e2-b3ba-001e68f7a252} - G:\Startme.exe

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\MountPoints2: {53c9f23a-1ca1-11e3-af91-001e68f7a252} - G:\setup\rsrc\Autorun.exe

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\MountPoints2: {86dc23d5-29cd-11e2-876a-001e68f7a252} - G:\Menu.exe

HKU\S-1-5-21-3325081473-2881869368-4166051970-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q={searchTerms}

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q={searchTerms}

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArWlQY0RTFQ1Ekh2jbMwtZMWV-iic08Tjcctx8-qkO8ugsmP5oOyCI0ev-KOSzH3m8odt4rrYxQAcLryJTHHAzS28I5oggPFRGwC8,

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1409191619&from=slbnew&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708A1513115131

SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q={searchTerms}

SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q={searchTerms}

SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q={searchTerms}

BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

BHO: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default

FF NewTab: www.google.de

FF DefaultSearchEngine: Web Search

FF SelectedSearchEngine: Web Search

FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArWlQY0RTFQ1Ekh2jbMwtZMWV-iic08Tjcctx8-qkO8ugsmP5oOyCI0ev-KOSzH3m8odt4rrYxQAcLryJTHHAzS28I5oggPFRGwC8,

FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEscdxy-Uk3lHJO1err-4,&q=

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)

FF SearchPlugin: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\searchplugins\Web Search.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: ProxTube - Unblock YouTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\ich@maltegoetz.de [2014-07-23]

FF Extension: YouTube Unblocker - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\youtubeunblocker@unblocker.yt [2014-07-05]

FF Extension: Smoother Web - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-28]

FF Extension: Tab Converter - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{40f3666d-0746-451b-893f-6be81e8d1e33}.xpi [2014-07-12]

FF Extension: {519dc759-96fc-494f-8786-1ada2fcc4f8f} - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{519dc759-96fc-494f-8786-1ada2fcc4f8f}.xpi [2014-07-06]

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-22]

FF Extension: Adblock Plus - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-28]

FF HKCU\...\Firefox\Extensions: [{60525b7e-56a2-4031-a4f4-35eb2c9dd4d8}] - C:\Program Files\LyriXeeker\130.xpi

FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 

Chrome: 

=======
 

========================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)

S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)

R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [File not signed]

R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3521024 2012-10-05] () [File not signed]

R2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]

R2 LPTSystemUpdater; C:\Program Files\LPT\srpts.exe [34088 2014-07-21] ()

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2012-10-05] (Alfa Corporation)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)

R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]

S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48640 2007-05-09] (JMicron Technology Corp.)

R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)

R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]

S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-21] (Avira GmbH)

S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)

R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
 

==================== NetSvcs (Whitelisted) ===================
 
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-08-31 19:31 - 2014-08-31 19:31 - 00017903 _____ () C:\Users\Ich\Desktop\FRST.txt

2014-08-31 19:31 - 2014-08-31 19:31 - 00000000 ____D () C:\FRST

2014-08-30 03:22 - 2014-08-30 03:22 - 01095680 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe

2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-08-29 17:47 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll

2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH

2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8

2014-08-29 17:39 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-08-29 17:39 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 __RHD () C:\MSOCache

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help

2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml

2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini

2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-28 04:29 - 2014-08-28 05:50 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard

2014-08-28 04:07 - 2014-08-28 04:18 - 00000000 ____D () C:\Program Files\Bench

2014-08-28 04:07 - 2014-08-28 04:16 - 00000003 _____ () C:\Users\Ich\AppData\Local\proxy.log

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\SmootherWeb

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Program Files\LPT

2014-08-28 04:06 - 2014-08-28 15:42 - 00001810 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

2014-08-28 04:06 - 2014-08-28 04:20 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb

2014-08-28 04:06 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar

2014-08-28 04:06 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\LPT

2014-08-28 03:57 - 2014-08-28 04:13 - 00000000 ____D () C:\Program Files\FLVM Player

2014-08-27 19:00 - 2010-03-05 16:01 - 00420352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-27 19:00 - 2009-12-04 09:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-08-27 16:27 - 2009-03-08 23:09 - 00391536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-27 16:27 - 2009-03-08 13:41 - 05937152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-27 16:27 - 2009-03-08 13:39 - 11063808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-27 16:27 - 2009-03-08 13:35 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-08-27 16:27 - 2009-03-08 13:34 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-27 16:27 - 2009-03-08 13:34 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe

2014-08-27 16:27 - 2009-03-08 13:34 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\PDMSetup.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-08-27 16:27 - 2009-03-08 13:32 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-08-27 16:27 - 2009-03-08 13:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-08-27 16:27 - 2009-03-08 13:32 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-27 16:27 - 2009-03-08 13:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-08-27 16:27 - 2009-03-08 13:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-08-27 16:27 - 2009-03-08 13:30 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-08-27 16:27 - 2009-03-08 13:22 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-27 16:27 - 2009-03-08 13:22 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-08-27 16:27 - 2009-03-08 13:11 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-08-27 16:27 - 2009-02-07 06:07 - 03698584 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-08-27 16:26 - 2014-08-27 16:42 - 00058468 _____ () C:\Windows\ie8_main.log

2014-08-27 16:23 - 2014-08-27 18:57 - 00000000 ____D () C:\Program Files\CyberGhost 5

2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini

2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll

2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll

2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo

2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice

2014-08-23 03:21 - 2014-08-23 03:25 - 164858324 _____ () C:\Users\Ich\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe

2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe

2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA

2014-08-08 00:44 - 2014-08-08 00:50 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv

2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software

2014-08-06 19:05 - 2014-08-06 19:07 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014

2014-08-06 19:01 - 2014-08-06 19:02 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe

2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU

2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia

2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\AVS4YOU

2014-08-06 18:57 - 2014-08-06 18:58 - 00000000 ____D () C:\ProgramData\AVS4YOU

2014-08-06 18:57 - 2012-03-23 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-08-31 19:31 - 2014-08-31 19:31 - 00017903 _____ () C:\Users\Ich\Desktop\FRST.txt

2014-08-31 19:31 - 2014-08-31 19:31 - 00000000 ____D () C:\FRST

2014-08-31 19:19 - 2012-10-06 00:25 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-31 19:13 - 2006-11-02 12:33 - 00810610 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-31 19:11 - 2006-11-02 14:52 - 01688187 _____ () C:\Windows\WindowsUpdate.log

2014-08-31 19:08 - 2012-10-06 00:25 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-31 19:07 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-31 19:07 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-31 19:07 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-31 02:07 - 2006-11-02 15:01 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-08-31 01:43 - 2014-01-24 20:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-30 18:17 - 2012-10-28 17:56 - 00000000 ____D () C:\Users\Ich\Desktop\Controller - Gamepad

2014-08-30 03:22 - 2014-08-30 03:22 - 01095680 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe

2014-08-29 18:13 - 2012-10-05 21:13 - 00100432 _____ () C:\Users\Ich\AppData\Local\GDIPFONTCACHEV1.DAT

2014-08-29 18:12 - 2006-11-02 14:47 - 00374776 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-29 18:11 - 2012-10-06 04:20 - 00080010 _____ () C:\Windows\PFRO.log

2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-08-29 17:47 - 2014-08-29 17:39 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works

2014-08-29 17:45 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-08-29 17:44 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew

2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\MSBuild

2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH

2014-08-29 17:43 - 2012-10-27 17:28 - 00000000 ____D () C:\Program Files\Microsoft.NET

2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8

2014-08-29 17:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System

2014-08-29 17:40 - 2006-11-02 12:23 - 00000219 _____ () C:\Windows\win.ini

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 __RHD () C:\MSOCache

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help

2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml

2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\TOP 20 Deutsche Single Charts April 2013 - YouTube.URL

2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\Top 20 Deutsche Charts Mai 2013 - YouTube.URL

2014-08-28 15:42 - 2014-08-28 04:06 - 00001810 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

2014-08-28 15:42 - 2012-10-05 23:12 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-08-28 15:42 - 2012-10-05 21:13 - 00000949 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini

2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-28 05:50 - 2014-08-28 04:29 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard

2014-08-28 04:20 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb

2014-08-28 04:18 - 2014-08-28 04:07 - 00000000 ____D () C:\Program Files\Bench

2014-08-28 04:16 - 2014-08-28 04:07 - 00000003 _____ () C:\Users\Ich\AppData\Local\proxy.log

2014-08-28 04:13 - 2014-08-28 03:57 - 00000000 ____D () C:\Program Files\FLVM Player

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\SmootherWeb

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Program Files\LPT

2014-08-28 04:06 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar

2014-08-28 04:06 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\LPT

2014-08-27 18:57 - 2014-08-27 16:23 - 00000000 ____D () C:\Program Files\CyberGhost 5

2014-08-27 18:07 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE

2014-08-27 16:42 - 2014-08-27 16:26 - 00058468 _____ () C:\Windows\ie8_main.log

2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini

2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll

2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll

2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo

2014-08-24 17:57 - 2012-10-06 00:14 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Winamp

2014-08-24 03:19 - 2012-10-06 03:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\vlc

2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice

2014-08-23 03:25 - 2014-08-23 03:21 - 164858324 _____ () C:\Users\Ich\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe

2014-08-23 03:25 - 2012-09-04 15:31 - 00000000 ____D () C:\Users\Ich\Desktop\Dwb projekte

2014-08-23 03:24 - 2012-10-06 03:59 - 00037888 _____ () C:\Users\Ich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe

2014-08-17 15:29 - 2014-06-20 12:51 - 00000000 ____D () C:\Users\Ich\Desktop\Handyvertrag

2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA

2014-08-12 20:58 - 2013-07-13 04:27 - 00000000 ____D () C:\Windows\system32\MRT

2014-08-12 20:56 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-08-08 00:50 - 2014-08-08 00:44 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv

2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software

2014-08-06 19:07 - 2014-08-06 19:05 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014

2014-08-06 19:04 - 2013-09-27 18:25 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2014-08-06 19:04 - 2012-11-01 18:22 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\DVDVideoSoft

2014-08-06 19:03 - 2014-07-23 19:08 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenCandy

2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\DVDVideoSoft

2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft

2014-08-06 19:03 - 2012-11-01 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft

2014-08-06 19:02 - 2014-08-06 19:01 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe

2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia

2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\AVS4YOU

2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU

2014-08-06 18:58 - 2014-08-06 18:57 - 00000000 ____D () C:\ProgramData\AVS4YOU

2014-08-04 12:45 - 2012-09-04 21:50 - 00000000 ____D () C:\temp
 

Some content of TEMP:

====================

C:\Users\Ich\AppData\Local\Temp\APNStub.exe

C:\Users\Ich\AppData\Local\Temp\avgnt.exe

C:\Users\Ich\AppData\Local\Temp\insAD60.tmp.exe

C:\Users\Ich\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\Ich\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Ich\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe

C:\Users\Ich\AppData\Local\Temp\ose00000.exe

C:\Users\Ich\AppData\Local\Temp\post1.exe

C:\Users\Ich\AppData\Local\Temp\post2.dll

C:\Users\Ich\AppData\Local\Temp\post2.exe

C:\Users\Ich\AppData\Local\Temp\setup.exe

C:\Users\Ich\AppData\Local\Temp\SHSetup.exe

C:\Users\Ich\AppData\Local\Temp\VistaInfo32.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-08-31 19:14
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Adware & Co. deinstallieren

Lade Dir bitte von hier http://deeprybka.trojaner-board.de/b...ninstaller.pngRevo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:
http://deeprybka.trojaner-board.de/b.../revo/add1.png
diesen Zusatz haben:
http://deeprybka.trojaner-board.de/b...e/revo/att.PNG
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
http://deeprybka.trojaner-board.de/b.../uninstall.PNG http://deeprybka.trojaner-board.de/b...o/moderat2.PNG
Reste löschen:
Klicke auf http://deeprybka.trojaner-board.de/b.../selectall.PNG dann auf http://deeprybka.trojaner-board.de/b...evo/delete.PNG und dann auf http://deeprybka.trojaner-board.de/b...evo/weiter.PNG.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Habe jetzt die schritte unter " Adware & Co. deinstallieren " durchgeführt. In der Systemsteuerung/Programme deinstalliern ist die " Yahoo Community Smartbar" jetzt nicht mehr vorhanden. Beim Systemstart taucht jedoch das Yahoo Smartbar Zeichen immer noch rechts unten auf. Über diesem Zeichen steht aber "search protect". Soweit aufjedenfall schon einmal danke... Hab hier mal ein Screenshot hinzugefügt. Vielleicht erkennen Sie da noch etwas, was gefährlich oder unötig ist. http://www11.pic-upload.de/02.09.14/1fpwk5gg7ekv.jpg

Combofix Logfile:

Code:

ComboFix 14-08-31.01 - Ich 02.09.2014  20:01:45.2.2 - x86

Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.49.1031.18.3066.2136 [GMT 2:00]

ausgeführt von:: c:\users\Ich\Downloads\ComboFix.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2014-08-02 bis 2014-09-02  ))))))))))))))))))))))))))))))

.

.

2014-09-02 18:08 . 2014-09-02 18:08        --------        d-----w-        c:\users\Ich\AppData\Local\temp

2014-09-02 18:08 . 2014-09-02 18:08        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2014-09-02 18:08 . 2014-09-02 18:08        --------        d-----w-        c:\users\Default\AppData\Local\temp

2014-09-02 13:33 . 2014-09-02 13:33        --------        d-----w-        c:\program files\VS Revo Group

2014-09-01 16:36 . 2014-09-01 16:37        --------        d-----w-        c:\program files\FreeHideIP

2014-08-31 17:31 . 2014-08-31 17:33        --------        d-----w-        C:\FRST

2014-08-29 15:47 . 2006-10-26 17:56        33104        ----a-w-        c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll

2014-08-29 15:47 . 2006-10-26 17:56        32592        ----a-w-        c:\windows\system32\msonpmon.dll

2014-08-29 15:45 . 2014-08-29 15:45        --------        d-----w-        c:\program files\Microsoft Works

2014-08-29 15:43 . 2014-08-29 15:43        --------        d-----w-        c:\windows\PCHEALTH

2014-08-29 15:41 . 2014-08-29 15:41        --------        d-----w-        c:\program files\Microsoft Visual Studio 8

2014-08-29 15:39 . 2014-08-29 15:39        --------        d-----w-        c:\users\Ich\AppData\Local\Microsoft Help

2014-08-29 15:39 . 2014-08-29 15:47        --------        d-----w-        c:\programdata\Microsoft Help

2014-08-29 15:39 . 2014-08-29 15:39        --------        d-----r-        C:\MSOCache

2014-08-28 03:51 . 2014-08-28 03:51        --------        d-----w-        c:\programdata\Malwarebytes

2014-08-28 02:29 . 2014-08-28 02:29        --------        d-----w-        c:\program files\Enigma Software Group

2014-08-28 02:29 . 2014-08-28 03:50        --------        d-----w-        c:\windows\455F074C814E4520B69B5584BD90400C.TMP

2014-08-28 02:29 . 2014-08-28 02:29        --------        d-----w-        c:\program files\Common Files\Wise Installation Wizard

2014-08-28 02:14 . 2014-08-29 15:45        --------        d-----w-        c:\windows\system32\wbem\AutoRecover

2014-08-28 02:07 . 2014-08-28 02:07        --------        d-----w-        c:\programdata\WindowsMangerProtect

2014-08-28 02:07 . 2014-08-28 02:18        --------        d-----w-        c:\program files\Bench

2014-08-28 02:07 . 2014-08-28 02:07        --------        d-----w-        c:\program files\LPT

2014-08-28 02:07 . 2014-08-28 02:07        --------        d-----w-        C:\SmootherWeb

2014-08-28 02:06 . 2014-08-28 02:20        --------        d-----w-        c:\users\Ich\AppData\Roaming\SmootherWeb

2014-08-28 02:06 . 2014-08-28 02:06        --------        d-----w-        c:\users\Ich\AppData\Local\LPT

2014-08-28 02:06 . 2014-08-28 02:06        --------        d-----w-        c:\users\Ich\AppData\Local\Smartbar

2014-08-28 01:57 . 2014-08-28 02:13        --------        d-----w-        c:\program files\FLVM Player

2014-08-27 17:00 . 2010-03-05 14:01        420352        ----a-w-        c:\windows\system32\vbscript.dll

2014-08-27 14:23 . 2014-08-27 16:57        --------        d-----w-        c:\program files\CyberGhost 5

2014-08-27 14:15 . 2014-08-27 14:15        8704        ----a-w-        c:\windows\system32\SpOrder.dll

2014-08-27 14:15 . 2014-08-27 14:15        73728        ----a-w-        c:\windows\system32\VistaInfo32.dll

2014-08-27 13:59 . 2014-08-27 13:59        --------        d-----w-        c:\users\Ich\AppData\Roaming\JonDo

2014-08-23 01:40 . 2014-08-23 01:40        --------        d-----w-        c:\users\Ich\AppData\Roaming\OpenOffice

2014-08-21 15:41 . 2014-08-21 15:41        --------        d-----w-        c:\users\Ich\AppData\Local\Adobe

2014-08-16 14:33 . 2014-08-16 14:33        --------        d-----w-        c:\users\Ich\AppData\Roaming\NVIDIA

2014-08-06 17:07 . 2014-08-06 17:07        --------        d-----w-        c:\users\Ich\AppData\Local\TuneUp Software

2014-08-06 17:05 . 2014-08-06 17:07        --------        d-----w-        c:\program files\TuneUp Utilities 2014

2014-08-06 16:58 . 2014-08-06 16:58        --------        d-----w-        c:\users\Ich\AppData\Roaming\AVS4YOU

2014-08-06 16:57 . 2014-08-06 17:01        --------        d-----w-        c:\program files\Common Files\AVSMedia

2014-08-06 16:57 . 2014-08-06 17:01        --------        d-----w-        c:\program files\AVS4YOU

2014-08-06 16:57 . 2014-08-06 16:58        --------        d-----w-        c:\programdata\AVS4YOU

2014-08-06 16:57 . 2012-03-23 17:59        24576        ----a-w-        c:\windows\system32\msxml3a.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-07-09 01:45 . 2013-08-22 17:03        71344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2014-07-09 01:45 . 2013-08-22 17:03        699056        ----a-w-        c:\windows\system32\FlashPlayerApp.exe

2014-06-24 11:32 . 2013-09-21 03:08        97648        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]

"Browser Infrastructure Helper"="c:\users\Ich\AppData\Local\Smartbar\Application\Smartbar.exe" [2014-07-21 28968]

"smoother"="c:\users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe" [2014-08-12 489603]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-06-04 817672]

"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2012-10-05 3673600]

"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-12-09 74752]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]

"Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-08-14 751184]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 279456]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"DisableCAD"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]

2012-10-05 21:49        3116032        ----a-w-        c:\program files\Acer\Acer Bio Protection\WinNotify.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]

2008-03-25 13:24        567560        ----a-w-        c:\program files\Common Files\SPBA\homefus2.dll

.

Inhalt des "geplante Tasks" Ordners

.

2014-09-02 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-24 01:45]

.

2014-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-05 22:25]

.

2014-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-05 22:25]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArWlQY0RTFQ1Ekh2jbMwtZMWV-iic08Tjcctx8-qkO8ugsmP5oOyCI0ev-KOSzH3m8odt4rrYxQAcLryJTGexmCuacK1eFpKn7BmE,

mStart Page = about:blank

uInternet Settings,ProxyServer = http=;ftp=;https=;

uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEtAuuu6P9-HYXMVDmZb8,&q={searchTerms}

TCP: DhcpNameServer = 192.168.178.1

FF - ProfilePath - c:\users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/?gfe_rd=cr&ei=NPsFVOX3HqiF8QfCtYCgDQ&gws_rd=ssl

FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4LD75omQnsdTQyIVo-9ivcTPRRpclMWwe6RswyVKwIasrPa3zXpTe4LeMFBmhr9D9FqgZbMJBAj54L405RCAQvwArViCT3FgymfPkJRLIKaIQkTQV72-EGMmwspEAmVG0HvTc3_mEcEu02Fmfdp9PP1KO-QpUCHEhanfqz2kEtAuuu6P9-HYXMVDmZb8,&q=

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2014-09-02 20:08

Windows 6.0.6000  NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

.

- - - - - - - > 'Explorer.exe'(416)

c:\windows\System32\netshell.dll

c:\progra~1\MICROS~3\Office12\GR326C~1.DLL

.

Zeit der Fertigstellung: 2014-09-02  20:10:17

ComboFix-quarantined-files.txt  2014-09-02 18:10

ComboFix2.txt  2014-09-02 17:49

.

Vor Suchlauf: 19 Verzeichnis(se), 24.129.421.312 Bytes frei

Nach Suchlauf: 20 Verzeichnis(se), 23.997.681.664 Bytes frei

.

- - End Of File - - 399E72BB120B9B55FC5EF6865853E6FB

--- --- ---
5C616939100B85E558DA92B899A0FC36

Habe hier nochmal ein Screenshoot. Das angewählte Feld "search" gehört glaube ich auch dazu, ist aber in Systemsteuerung/Programme deinstallieren nicht aufgeführt. Seit heute ist auch plötzlich eine Internet Explorer Verknüpfung auf dem Desktop aufgetaucht. Es erscheint sofort die Yahoo Startseite, wenn ich den Internet Explorer öffne.
http://www11.pic-upload.de/02.09.14/su1sd9phbo4b.jpg

Die IE Verknüpfung ist normal, das war COmbofix.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Malwarebytes Anti-Malware
www.malwarebytes.org

Protection, 03.09.2014 13:56:00, SYSTEM, ICH-PC, Protection, Malware Protection, Starting,
Protection, 03.09.2014 13:56:00, SYSTEM, ICH-PC, Protection, Malware Protection, Started,
Protection, 03.09.2014 13:56:00, SYSTEM, ICH-PC, Protection, Malicious Website Protection, Starting,
Protection, 03.09.2014 13:56:03, SYSTEM, ICH-PC, Protection, Malicious Website Protection, Started,
Update, 03.09.2014 13:56:25, SYSTEM, ICH-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.8.21.1,
Update, 03.09.2014 13:56:40, SYSTEM, ICH-PC, Manual, Malware Database, 2014.3.4.9, 2014.9.3.3,

(end)

# AdwCleaner v3.309 - Bericht erstellt am 03/09/2014 um 14:28:36
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium (32 bits)
# Benutzername : Ich - ICH-PC
# Gestartet von : C:\Users\Ich\Downloads\adwcleaner_3.309.exe
# Option : Suchen

***** [ Dienste ] *****

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
Datei Gefunden : C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\foxydeal.sqlite
Datei Gefunden : C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\invalidprefs.js
Ordner Gefunden : C:\Program Files\Gemeinsame Dateien
Ordner Gefunden : C:\Users\Ich\AppData\Local\Smartbar
Ordner Gefunden : C:\Users\Ich\AppData\LocalLow\Smartbar
Ordner Gefunden : C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
Ordner Gefunden : C:\Users\Ich\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Ich\AppData\Roaming\SmootherWeb

***** [ Tasks ] *****

Task Gefunden : BitGuard
Task Gefunden : EPUpdater
Task Gefunden : LyricXeeker Update

***** [ Verknüpfungen ] *****

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Optimizer Pro
Schlüssel Gefunden : HKLM\SOFTWARE\AdvertisingSupport
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [smoother]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]

***** [ Browser ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\prefs.js ]

Zeile gefunden : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gefunden : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gefunden : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gefunden : user_pref("extensions.helperbar.Visibility", false);
Zeile gefunden : user_pref("extensions.helperbar.keepAliveLastevent", "1409331772");
Zeile gefunden : user_pref("extensions.helperbar.lastExternalJsUpdate", "1409320777974");

*************************

AdwCleaner[R0].txt - [6473 octets] - [03/09/2014 14:16:30]
AdwCleaner[R1].txt - [6088 octets] - [03/09/2014 14:28:36]
AdwCleaner[S0].txt - [726 octets] - [03/09/2014 14:26:28]

Ich habe jetzt die Punkte unter adwcleaner abgearbeitet, dann folgte der erwünschte Neustart. LEider fährt mein Pc jetzt nicht mehr hoch, nach der Passworteingabe für meinen Benutzer wird der bildschirm schwarz und bleibt auch schwarz. schreibe jetzt hier im abgesicherten Modus. Was kann ich tun das ich wieder normal auf mein Pc zugreifen kann? Alles weitere wird jetzt im abgesicherten Modus durchgeführt.JRT Logfile:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows Vista (TM) Home Premium x86

Ran by Ich on 03.09.2014 at 15:13:58,82

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 

Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\optimizer pro

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bandobjectattribute

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.dockingpanel

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbarbandobject

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbardisplaystate

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbarmenuform
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\Users\Ich\AppData\Roaming\opencandy"

Successfully deleted: [Folder] "C:\Users\Ich\AppData\Roaming\thinstall"

Successfully deleted: [Folder] "C:\Users\Ich\appdata\locallow\smartbar"
 
 
 

~~~ FireFox
 

Successfully deleted: [File] C:\Users\Ich\AppData\Roaming\mozilla\firefox\profiles\p6x5vqq2.default\invalidprefs.js

Successfully deleted the following from C:\Users\Ich\AppData\Roaming\mozilla\firefox\profiles\p6x5vqq2.default\prefs.js
 

user_pref("extensions.helperbar.SmartbarDisabled", false);

user_pref("extensions.helperbar.SmartbarStateMinimaized", false);

Emptied folder: C:\Users\Ich\AppData\Roaming\mozilla\firefox\profiles\p6x5vqq2.default\minidumps [152 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 03.09.2014 at 15:16:03,79

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014

Ran by Ich (administrator) on ICH-PC on 03-09-2014 15:25:14

Running from C:\Users\Ich\Desktop

Platform: Microsoft® Windows Vista™ Home Premium  (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 8

Boot Mode: Safe Mode (with Networking)
 
 
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe

(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [817672 2008-06-04] (Dritek System Inc.)

HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3673600 2012-10-05] (Arachnoid Biometrics Identification Group Corp.)

HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)

HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG)

HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)

HKLM\...\RunOnce: [FreeHideIPunstall] => [X]

Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)

Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [smoother] => C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] ()

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [404080 2014-06-12] (CyberGhost S.R.L.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

ProxyServer: http=;ftp=;https=;

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default

FF NewTab: www.google.de

FF Homepage: https://www.google.de/?gfe_rd=cr&ei=NPsFVOX3HqiF8QfCtYCgDQ&gws_rd=ssl

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: ProxTube - Unblock YouTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\ich@maltegoetz.de [2014-07-23]

FF Extension: YouTube Unblocker - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\youtubeunblocker@unblocker.yt [2014-07-05]

FF Extension: Smoother Web - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-28]

FF Extension: Tab Converter - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{40f3666d-0746-451b-893f-6be81e8d1e33}.xpi [2014-07-12]

FF Extension: {519dc759-96fc-494f-8786-1ada2fcc4f8f} - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{519dc759-96fc-494f-8786-1ada2fcc4f8f}.xpi [2014-07-06]

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-22]

FF Extension: Adblock Plus - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-28]

FF HKCU\...\Firefox\Extensions: [{60525b7e-56a2-4031-a4f4-35eb2c9dd4d8}] - C:\Program Files\LyriXeeker\130.xpi

FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 

Chrome: 

=======
 

========================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)

S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)

S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)

S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)

S2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [File not signed]

S2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3521024 2012-10-05] () [File not signed]

S2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]

S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2012-10-05] (Alfa Corporation)

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)

S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)

S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)

S2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]

S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48640 2007-05-09] (JMicron Technology Corp.)

R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)

R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-03] (Malwarebytes Corporation)

S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)

S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-21] (Avira GmbH)

R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)

R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)

U5 AppMgmt; C:\Windows\system32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-09-03 15:25 - 2014-09-03 15:25 - 00001307 _____ () C:\Users\Ich\Desktop\FRST.txt

2014-09-03 15:25 - 2014-09-03 15:25 - 00000000 ____D () C:\Users\Ich\Desktop\FRST-OlderVersion

2014-09-03 15:19 - 2014-09-03 15:19 - 00000632 _____ () C:\Users\Ich\Desktop\JRT.txt

2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT

2014-09-03 14:57 - 2014-09-03 14:57 - 01016261 _____ (Thisisu) C:\Users\Ich\Downloads\JRT.exe

2014-09-03 14:16 - 2014-09-03 14:29 - 00000000 ____D () C:\AdwCleaner

2014-09-03 14:15 - 2014-09-03 14:15 - 01370483 _____ () C:\Users\Ich\Downloads\adwcleaner_3.309.exe

2014-09-03 14:13 - 2014-09-03 14:13 - 00000646 _____ () C:\Users\Ich\Desktop\Malwarebytes.txt

2014-09-03 13:55 - 2014-09-03 15:12 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-03 13:55 - 2014-09-03 13:55 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-03 13:55 - 2014-09-03 13:55 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-09-03 13:55 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-09-03 13:55 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-09-03 13:55 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-09-03 13:54 - 2014-09-03 13:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ich\Downloads\mbam-setup-2.0.2.1012.exe

2014-09-03 13:50 - 2014-09-03 13:50 - 00000000 ____D () C:\Users\Ich\AppData\Local\CyberGhost

2014-09-03 13:49 - 2014-09-03 13:49 - 00001720 _____ () C:\Users\Ich\Desktop\CyberGhost 5.lnk

2014-09-03 13:49 - 2014-09-03 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5

2014-09-03 13:49 - 2014-09-03 13:49 - 00000000 ____D () C:\Program Files\TAP-Windows

2014-09-03 13:48 - 2014-09-03 13:49 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe

2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt

2014-09-02 20:00 - 2014-09-02 20:10 - 00000000 ____D () C:\ComboFix

2014-09-02 19:31 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-09-02 19:31 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-09-02 19:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-09-02 19:30 - 2014-09-02 20:10 - 00000000 ____D () C:\Qoobox

2014-09-02 19:30 - 2014-09-02 19:47 - 00000000 ____D () C:\Windows\erdnt

2014-09-02 19:29 - 2014-09-02 19:55 - 05576326 ____R (Swearware) C:\Users\Ich\Downloads\ComboFix.exe

2014-09-02 15:33 - 2014-09-02 15:33 - 00001057 _____ () C:\Users\Ich\Desktop\Revo Uninstaller.lnk

2014-09-02 15:33 - 2014-09-02 15:33 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-09-02 15:32 - 2014-09-02 15:33 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ich\Downloads\revosetup95.exe

2014-08-31 19:31 - 2014-09-03 15:25 - 00000000 ____D () C:\FRST

2014-08-30 03:22 - 2014-09-03 15:25 - 01096704 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe

2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-08-29 17:47 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll

2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH

2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8

2014-08-29 17:39 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-08-29 17:39 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help

2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml

2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini

2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-28 04:29 - 2014-08-28 05:50 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb

2014-08-28 04:06 - 2014-09-03 14:26 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar

2014-08-28 04:06 - 2014-08-28 15:42 - 00001810 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

2014-08-28 04:06 - 2014-08-28 04:20 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb

2014-08-27 19:00 - 2010-03-05 16:01 - 00420352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-27 19:00 - 2009-12-04 09:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-08-27 16:27 - 2009-03-08 23:09 - 00391536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-27 16:27 - 2009-03-08 13:41 - 05937152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-27 16:27 - 2009-03-08 13:39 - 11063808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-27 16:27 - 2009-03-08 13:35 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-08-27 16:27 - 2009-03-08 13:34 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-27 16:27 - 2009-03-08 13:34 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe

2014-08-27 16:27 - 2009-03-08 13:34 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\PDMSetup.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-08-27 16:27 - 2009-03-08 13:32 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-08-27 16:27 - 2009-03-08 13:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-08-27 16:27 - 2009-03-08 13:32 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-27 16:27 - 2009-03-08 13:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-08-27 16:27 - 2009-03-08 13:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-08-27 16:27 - 2009-03-08 13:30 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-08-27 16:27 - 2009-03-08 13:22 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-27 16:27 - 2009-03-08 13:22 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-08-27 16:27 - 2009-03-08 13:11 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-08-27 16:27 - 2009-02-07 06:07 - 03698584 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-08-27 16:26 - 2014-08-27 16:42 - 00058468 _____ () C:\Windows\ie8_main.log

2014-08-27 16:23 - 2014-09-03 13:50 - 00000000 ____D () C:\Program Files\CyberGhost 5

2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini

2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll

2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll

2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo

2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice

2014-08-23 03:21 - 2014-08-23 03:25 - 164858324 _____ () C:\Users\Ich\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe

2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe

2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA

2014-08-08 00:44 - 2014-08-08 00:50 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv

2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software

2014-08-06 19:05 - 2014-08-06 19:07 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014

2014-08-06 19:01 - 2014-08-06 19:02 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe

2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU

2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia

2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\AVS4YOU

2014-08-06 18:57 - 2014-08-06 18:58 - 00000000 ____D () C:\ProgramData\AVS4YOU

2014-08-06 18:57 - 2012-03-23 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-09-03 15:25 - 2014-09-03 15:25 - 00001307 _____ () C:\Users\Ich\Desktop\FRST.txt

2014-09-03 15:25 - 2014-09-03 15:25 - 00000000 ____D () C:\Users\Ich\Desktop\FRST-OlderVersion

2014-09-03 15:25 - 2014-08-31 19:31 - 00000000 ____D () C:\FRST

2014-09-03 15:25 - 2014-08-30 03:22 - 01096704 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe

2014-09-03 15:19 - 2014-09-03 15:19 - 00000632 _____ () C:\Users\Ich\Desktop\JRT.txt

2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT

2014-09-03 15:12 - 2014-09-03 13:55 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-03 15:11 - 2006-11-02 12:33 - 00810610 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-09-03 14:59 - 2012-10-06 00:25 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-09-03 14:59 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-09-03 14:59 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-09-03 14:59 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-09-03 14:57 - 2014-09-03 14:57 - 01016261 _____ (Thisisu) C:\Users\Ich\Downloads\JRT.exe

2014-09-03 14:53 - 2012-10-06 04:20 - 00082770 _____ () C:\Windows\PFRO.log

2014-09-03 14:48 - 2006-11-02 15:01 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-09-03 14:43 - 2014-01-24 20:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-09-03 14:43 - 2006-11-02 14:52 - 01744238 _____ () C:\Windows\WindowsUpdate.log

2014-09-03 14:29 - 2014-09-03 14:16 - 00000000 ____D () C:\AdwCleaner

2014-09-03 14:26 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar

2014-09-03 14:19 - 2012-10-06 00:25 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-09-03 14:15 - 2014-09-03 14:15 - 01370483 _____ () C:\Users\Ich\Downloads\adwcleaner_3.309.exe

2014-09-03 14:13 - 2014-09-03 14:13 - 00000646 _____ () C:\Users\Ich\Desktop\Malwarebytes.txt

2014-09-03 13:55 - 2014-09-03 13:55 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-03 13:55 - 2014-09-03 13:55 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-09-03 13:54 - 2014-09-03 13:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ich\Downloads\mbam-setup-2.0.2.1012.exe

2014-09-03 13:50 - 2014-09-03 13:50 - 00000000 ____D () C:\Users\Ich\AppData\Local\CyberGhost

2014-09-03 13:50 - 2014-08-27 16:23 - 00000000 ____D () C:\Program Files\CyberGhost 5

2014-09-03 13:49 - 2014-09-03 13:49 - 00001720 _____ () C:\Users\Ich\Desktop\CyberGhost 5.lnk

2014-09-03 13:49 - 2014-09-03 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5

2014-09-03 13:49 - 2014-09-03 13:49 - 00000000 ____D () C:\Program Files\TAP-Windows

2014-09-03 13:49 - 2014-09-03 13:48 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe

2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt

2014-09-02 20:10 - 2014-09-02 20:00 - 00000000 ____D () C:\ComboFix

2014-09-02 20:10 - 2014-09-02 19:30 - 00000000 ____D () C:\Qoobox

2014-09-02 20:08 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini

2014-09-02 19:55 - 2014-09-02 19:29 - 05576326 ____R (Swearware) C:\Users\Ich\Downloads\ComboFix.exe

2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default

2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public

2014-09-02 19:47 - 2014-09-02 19:30 - 00000000 ____D () C:\Windows\erdnt

2014-09-02 19:42 - 2006-11-02 12:22 - 38010880 _____ () C:\Windows\system32\config\SOFTWARE.bak

2014-09-02 19:42 - 2006-11-02 12:22 - 25427968 _____ () C:\Windows\system32\config\COMPON~1.bak

2014-09-02 19:42 - 2006-11-02 12:22 - 20709376 _____ () C:\Windows\system32\config\SYSTEM.bak

2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak

2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SAM.bak

2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak

2014-09-02 15:33 - 2014-09-02 15:33 - 00001057 _____ () C:\Users\Ich\Desktop\Revo Uninstaller.lnk

2014-09-02 15:33 - 2014-09-02 15:33 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-09-02 15:33 - 2014-09-02 15:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ich\Downloads\revosetup95.exe

2014-08-30 18:17 - 2012-10-28 17:56 - 00000000 ____D () C:\Users\Ich\Desktop\Controller - Gamepad

2014-08-29 18:13 - 2012-10-05 21:13 - 00100432 _____ () C:\Users\Ich\AppData\Local\GDIPFONTCACHEV1.DAT

2014-08-29 18:12 - 2006-11-02 14:47 - 00374776 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-08-29 17:47 - 2014-08-29 17:39 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works

2014-08-29 17:45 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-08-29 17:44 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew

2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\MSBuild

2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH

2014-08-29 17:43 - 2012-10-27 17:28 - 00000000 ____D () C:\Program Files\Microsoft.NET

2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8

2014-08-29 17:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System

2014-08-29 17:40 - 2006-11-02 12:23 - 00000219 _____ () C:\Windows\win.ini

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help

2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml

2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\TOP 20 Deutsche Single Charts April 2013 - YouTube.URL

2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\Top 20 Deutsche Charts Mai 2013 - YouTube.URL

2014-08-28 15:42 - 2014-08-28 04:06 - 00001810 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

2014-08-28 15:42 - 2012-10-05 23:12 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-08-28 15:42 - 2012-10-05 21:13 - 00000949 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini

2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-28 05:50 - 2014-08-28 04:29 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard

2014-08-28 04:20 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb

2014-08-27 18:07 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE

2014-08-27 16:42 - 2014-08-27 16:26 - 00058468 _____ () C:\Windows\ie8_main.log

2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini

2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll

2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll

2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo

2014-08-24 17:57 - 2012-10-06 00:14 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Winamp

2014-08-24 03:19 - 2012-10-06 03:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\vlc

2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice

2014-08-23 03:25 - 2014-08-23 03:21 - 164858324 _____ () C:\Users\Ich\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe

2014-08-23 03:25 - 2012-09-04 15:31 - 00000000 ____D () C:\Users\Ich\Desktop\Dwb projekte

2014-08-23 03:24 - 2012-10-06 03:59 - 00037888 _____ () C:\Users\Ich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe

2014-08-17 15:29 - 2014-06-20 12:51 - 00000000 ____D () C:\Users\Ich\Desktop\Handyvertrag

2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA

2014-08-12 20:58 - 2013-07-13 04:27 - 00000000 ____D () C:\Windows\system32\MRT

2014-08-12 20:56 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-08-08 00:50 - 2014-08-08 00:44 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv

2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software

2014-08-06 19:07 - 2014-08-06 19:05 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014

2014-08-06 19:04 - 2013-09-27 18:25 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2014-08-06 19:04 - 2012-11-01 18:22 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\DVDVideoSoft

2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\DVDVideoSoft

2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft

2014-08-06 19:03 - 2012-11-01 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft

2014-08-06 19:02 - 2014-08-06 19:01 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe

2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia

2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\AVS4YOU

2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU

2014-08-06 18:58 - 2014-08-06 18:57 - 00000000 ____D () C:\ProgramData\AVS4YOU

2014-08-04 12:45 - 2012-09-04 21:50 - 00000000 ____D () C:\temp
 

Some content of TEMP:

====================

C:\Users\Ich\AppData\Local\temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-09-03 15:21
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=7cdd9974f7621946bdd8c29fb8d825ae
# engine=20001
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-04 04:21:21
# local_time=2014-09-04 06:21:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6000 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 5644 30114899 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 30114760 247380409 0 0
# scanned=176924
# found=6
# cleaned=0
# scan_time=5180
sh=8068EB4D7B7FCDC91FE23D8EBC325E55A654DDE6 ft=1 fh=aca2fb68c7a53c8e vn="Variante von Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Smart File Advisor\sfa.exe"
sh=A893D4F8C879E48BCC8EF252C92FF6FE51DE5F03 ft=1 fh=7af50601de6215a5 vn="Variante von Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Smart File Advisor\sfa_inst.exe"
sh=822DEDDF890FC279C11CC5772CF5D9F2F741C916 ft=1 fh=e993d618cab0597f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\FreeVideoFlipAndRotate.exe"
sh=596D78A7F03D1DAEE86BCCE8DD7713AA60E8F9E4 ft=1 fh=8eaf1d336ac02ccc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\FreeYouTubeToMP3Converter34.exe"
sh=CD6DCE4B916C39E4FCE0BD2A97F6619A901231C2 ft=1 fh=d62f2cecbd4afc01 vn="Win32/WinloadSDA.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ich\Downloads\ProxMate-fr-Firefox-lnstall.exe"
sh=B56101CE038ACE9C0DFB8EB7E0F4CCB59C491374 ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\62e472.msi"

Habe noch ein frage bezüglich des ESET. Warum sollen die bedrohlichen Dateien nicht gelöscht werden?

Results of screen317's Security Check version 0.99.87
Windows Vista x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 8 Out of date!
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2014
TuneUp Utilities 2014 (de-DE)
TuneUp Utilities 2014
Java 7 Update 60
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 14.0.0.145
Adobe Reader 10.1.11 Adobe Reader out of Date!
Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014

Ran by Ich (administrator) on ICH-PC on 04-09-2014 18:40:29

Running from C:\Users\Ich\Desktop

Platform: Microsoft® Windows Vista™ Home Premium  (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 8

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe

(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

() C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

(hxxp://libusb-win32.sourceforge.net) C:\Windows\System32\libusbd-nt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE

(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Windows\System32\conime.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [817672 2008-06-04] (Dritek System Inc.)

HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3673600 2012-10-05] (Arachnoid Biometrics Identification Group Corp.)

HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)

HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-02-26] (Nero AG)

HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)

Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)

Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)

HKU\S-1-5-21-3325081473-2881869368-4166051970-1000\...\Run: [smoother] => C:\Users\Ich\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] ()

HKU\S-1-5-21-3325081473-2881869368-4166051970-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

ProxyServer: http=;ftp=;https=;

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default

FF NewTab: www.google.de

FF Homepage: https://www.google.de/?gfe_rd=cr&ei=NPsFVOX3HqiF8QfCtYCgDQ&gws_rd=ssl

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: ProxTube - Unblock YouTube - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\ich@maltegoetz.de [2014-07-23]

FF Extension: YouTube Unblocker - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\youtubeunblocker@unblocker.yt [2014-07-05]

FF Extension: Smoother Web - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-28]

FF Extension: Tab Converter - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{40f3666d-0746-451b-893f-6be81e8d1e33}.xpi [2014-07-12]

FF Extension: {519dc759-96fc-494f-8786-1ada2fcc4f8f} - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{519dc759-96fc-494f-8786-1ada2fcc4f8f}.xpi [2014-07-06]

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-22]

FF Extension: Adblock Plus - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\p6x5vqq2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-28]

FF HKCU\...\Firefox\Extensions: [{60525b7e-56a2-4031-a4f4-35eb2c9dd4d8}] - C:\Program Files\LyriXeeker\130.xpi

FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 

Chrome: 

=======
 

========================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)

S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)

R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [File not signed]

R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3521024 2012-10-05] () [File not signed]

R2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2012-10-05] (Alfa Corporation)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)

R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]

S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48640 2007-05-09] (JMicron Technology Corp.)

R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)

R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]

S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-21] (Avira GmbH)

S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)

R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)

U5 AppMgmt; C:\Windows\system32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-09-04 18:40 - 2014-09-04 18:40 - 00013609 _____ () C:\Users\Ich\Desktop\FRST.txt

2014-09-04 18:31 - 2014-09-04 18:31 - 00854417 _____ () C:\Users\Ich\Downloads\SecurityCheck.exe

2014-09-03 20:00 - 2014-09-03 20:00 - 00000000 ____D () C:\Users\Ich\Desktop\Microsoft office

2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT

2014-09-03 13:48 - 2014-09-03 13:49 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe

2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt

2014-09-02 20:00 - 2014-09-02 20:10 - 00000000 ____D () C:\ComboFix

2014-09-02 19:31 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-09-02 19:31 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-09-02 19:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-09-02 19:31 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-09-02 19:30 - 2014-09-02 20:10 - 00000000 ____D () C:\Qoobox

2014-09-02 19:30 - 2014-09-02 19:47 - 00000000 ____D () C:\Windows\erdnt

2014-09-02 15:33 - 2014-09-03 19:40 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-08-31 19:31 - 2014-09-04 18:40 - 00000000 ____D () C:\FRST

2014-08-30 03:22 - 2014-09-03 15:25 - 01096704 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe

2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-08-29 17:47 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll

2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH

2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8

2014-08-29 17:39 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-08-29 17:39 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help

2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml

2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini

2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-28 04:29 - 2014-08-28 05:50 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb

2014-08-28 04:06 - 2014-09-03 14:26 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar

2014-08-28 04:06 - 2014-08-28 04:20 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb

2014-08-27 19:00 - 2010-03-05 16:01 - 00420352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-27 19:00 - 2009-12-04 09:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-08-27 16:27 - 2009-03-08 23:09 - 00391536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-27 16:27 - 2009-03-08 13:41 - 05937152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-27 16:27 - 2009-03-08 13:39 - 11063808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-27 16:27 - 2009-03-08 13:35 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-08-27 16:27 - 2009-03-08 13:34 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-27 16:27 - 2009-03-08 13:34 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe

2014-08-27 16:27 - 2009-03-08 13:34 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-08-27 16:27 - 2009-03-08 13:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\PDMSetup.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-08-27 16:27 - 2009-03-08 13:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-27 16:27 - 2009-03-08 13:33 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-08-27 16:27 - 2009-03-08 13:32 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-08-27 16:27 - 2009-03-08 13:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-08-27 16:27 - 2009-03-08 13:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-08-27 16:27 - 2009-03-08 13:32 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-27 16:27 - 2009-03-08 13:31 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-08-27 16:27 - 2009-03-08 13:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-08-27 16:27 - 2009-03-08 13:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-08-27 16:27 - 2009-03-08 13:30 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-08-27 16:27 - 2009-03-08 13:22 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-27 16:27 - 2009-03-08 13:22 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-08-27 16:27 - 2009-03-08 13:11 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-08-27 16:27 - 2009-02-07 06:07 - 03698584 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-08-27 16:26 - 2014-08-27 16:42 - 00058468 _____ () C:\Windows\ie8_main.log

2014-08-27 16:23 - 2014-09-03 19:40 - 00000000 ____D () C:\Program Files\CyberGhost 5

2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini

2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll

2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll

2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo

2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice

2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe

2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA

2014-08-08 00:44 - 2014-08-08 00:50 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv

2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software

2014-08-06 19:05 - 2014-08-06 19:07 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014

2014-08-06 19:01 - 2014-08-06 19:02 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe

2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU

2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia

2014-08-06 18:57 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files\AVS4YOU

2014-08-06 18:57 - 2014-08-06 18:58 - 00000000 ____D () C:\ProgramData\AVS4YOU

2014-08-06 18:57 - 2012-03-23 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-09-04 18:41 - 2014-09-04 18:40 - 00013609 _____ () C:\Users\Ich\Desktop\FRST.txt

2014-09-04 18:40 - 2014-08-31 19:31 - 00000000 ____D () C:\FRST

2014-09-04 18:40 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-09-04 18:40 - 2006-11-02 14:47 - 00005072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-09-04 18:31 - 2014-09-04 18:31 - 00854417 _____ () C:\Users\Ich\Downloads\SecurityCheck.exe

2014-09-04 18:19 - 2012-10-06 00:25 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-09-04 17:43 - 2014-01-24 20:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-09-04 16:46 - 2006-11-02 12:33 - 00810610 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-09-04 16:43 - 2006-11-02 14:52 - 01781606 _____ () C:\Windows\WindowsUpdate.log

2014-09-04 16:41 - 2012-10-06 00:25 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-09-04 16:40 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-09-04 06:13 - 2006-11-02 15:01 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-09-04 04:25 - 2012-10-06 03:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\vlc

2014-09-04 04:11 - 2012-10-06 03:59 - 00061440 _____ () C:\Users\Ich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-09-04 02:18 - 2012-10-06 00:14 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Winamp

2014-09-03 21:03 - 2014-06-20 12:51 - 00000000 ____D () C:\Users\Ich\Desktop\Handyvertrag

2014-09-03 20:00 - 2014-09-03 20:00 - 00000000 ____D () C:\Users\Ich\Desktop\Microsoft office

2014-09-03 19:44 - 2012-10-06 04:20 - 00083330 _____ () C:\Windows\PFRO.log

2014-09-03 19:40 - 2014-09-02 15:33 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-09-03 19:40 - 2014-08-27 16:23 - 00000000 ____D () C:\Program Files\CyberGhost 5

2014-09-03 15:25 - 2014-08-30 03:22 - 01096704 _____ (Farbar) C:\Users\Ich\Desktop\FRST.exe

2014-09-03 15:13 - 2014-09-03 15:13 - 00000000 ____D () C:\Windows\ERUNT

2014-09-03 14:26 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Local\Smartbar

2014-09-03 13:49 - 2014-09-03 13:48 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Ich\Downloads\CG_5.0.13.17.exe

2014-09-02 20:10 - 2014-09-02 20:10 - 00009538 _____ () C:\ComboFix.txt

2014-09-02 20:10 - 2014-09-02 20:00 - 00000000 ____D () C:\ComboFix

2014-09-02 20:10 - 2014-09-02 19:30 - 00000000 ____D () C:\Qoobox

2014-09-02 20:08 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini

2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default

2014-09-02 19:49 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public

2014-09-02 19:47 - 2014-09-02 19:30 - 00000000 ____D () C:\Windows\erdnt

2014-09-02 19:42 - 2006-11-02 12:22 - 38010880 _____ () C:\Windows\system32\config\SOFTWARE.bak

2014-09-02 19:42 - 2006-11-02 12:22 - 25427968 _____ () C:\Windows\system32\config\COMPON~1.bak

2014-09-02 19:42 - 2006-11-02 12:22 - 20709376 _____ () C:\Windows\system32\config\SYSTEM.bak

2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak

2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\SAM.bak

2014-09-02 19:42 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak

2014-08-30 18:17 - 2012-10-28 17:56 - 00000000 ____D () C:\Users\Ich\Desktop\Controller - Gamepad

2014-08-29 18:13 - 2012-10-05 21:13 - 00100432 _____ () C:\Users\Ich\AppData\Local\GDIPFONTCACHEV1.DAT

2014-08-29 18:12 - 2006-11-02 14:47 - 00374776 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-29 17:47 - 2014-08-29 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-08-29 17:47 - 2014-08-29 17:39 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-08-29 17:45 - 2014-08-29 17:45 - 00000000 ____D () C:\Program Files\Microsoft Works

2014-08-29 17:45 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio

2014-08-29 17:44 - 2014-08-29 17:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-08-29 17:44 - 2014-08-29 17:39 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew

2014-08-29 17:44 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\MSBuild

2014-08-29 17:43 - 2014-08-29 17:43 - 00000000 ____D () C:\Windows\PCHEALTH

2014-08-29 17:43 - 2012-10-27 17:28 - 00000000 ____D () C:\Program Files\Microsoft.NET

2014-08-29 17:41 - 2014-08-29 17:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8

2014-08-29 17:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System

2014-08-29 17:40 - 2006-11-02 12:23 - 00000219 _____ () C:\Windows\win.ini

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ___RD () C:\MSOCache

2014-08-29 17:39 - 2014-08-29 17:39 - 00000000 ____D () C:\Users\Ich\AppData\Local\Microsoft Help

2014-08-29 17:12 - 2014-08-29 17:12 - 00139488 _____ () C:\Windows\system32\XMLOperations.xml

2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\TOP 20 Deutsche Single Charts April 2013 - YouTube.URL

2014-08-28 15:48 - 2013-06-20 21:02 - 00000122 _____ () C:\Users\Ich\Desktop\Top 20 Deutsche Charts Mai 2013 - YouTube.URL

2014-08-28 15:42 - 2012-10-05 23:12 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-08-28 15:42 - 2012-10-05 21:13 - 00000949 _____ () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-08-28 15:02 - 2014-08-28 15:02 - 00000049 _____ () C:\Windows\NeroDigital.ini

2014-08-28 05:51 - 2014-08-28 05:51 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-28 05:50 - 2014-08-28 04:29 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-08-28 04:29 - 2014-08-28 04:29 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard

2014-08-28 04:20 - 2014-08-28 04:06 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\SmootherWeb

2014-08-28 04:07 - 2014-08-28 04:07 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb

2014-08-27 18:07 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE

2014-08-27 16:42 - 2014-08-27 16:26 - 00058468 _____ () C:\Windows\ie8_main.log

2014-08-27 16:16 - 2014-08-27 16:16 - 00000016 _____ () C:\Windows\system32\PCProxyOff.ini

2014-08-27 16:15 - 2014-08-27 16:15 - 00073728 _____ () C:\Windows\system32\VistaInfo32.dll

2014-08-27 16:15 - 2014-08-27 16:15 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\SpOrder.dll

2014-08-27 15:59 - 2014-08-27 15:59 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\JonDo

2014-08-23 03:40 - 2014-08-23 03:40 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\OpenOffice

2014-08-23 03:25 - 2012-09-04 15:31 - 00000000 ____D () C:\Users\Ich\Desktop\Dwb projekte

2014-08-21 17:41 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Ich\AppData\Local\Adobe

2014-08-16 16:33 - 2014-08-16 16:33 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\NVIDIA

2014-08-12 20:58 - 2013-07-13 04:27 - 00000000 ____D () C:\Windows\system32\MRT

2014-08-12 20:56 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-08-08 00:50 - 2014-08-08 00:44 - 209830343 _____ () C:\Users\Ich\Downloads\[AKA] One Piece 403 [x264,720p][10E69A2B].mkv

2014-08-06 19:07 - 2014-08-06 19:07 - 00000000 ____D () C:\Users\Ich\AppData\Local\TuneUp Software

2014-08-06 19:07 - 2014-08-06 19:05 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014

2014-08-06 19:04 - 2013-09-27 18:25 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2014-08-06 19:04 - 2012-11-01 18:22 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\DVDVideoSoft

2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\DVDVideoSoft

2014-08-06 19:03 - 2013-08-19 13:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft

2014-08-06 19:03 - 2012-11-01 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft

2014-08-06 19:02 - 2014-08-06 19:01 - 26626552 _____ (DVDVideoSoft Ltd. ) C:\Users\Ich\Downloads\FreeVideoEditor.exe

2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia

2014-08-06 19:01 - 2014-08-06 18:57 - 00000000 ____D () C:\Program Files\AVS4YOU

2014-08-06 18:58 - 2014-08-06 18:58 - 00000000 ____D () C:\Users\Ich\AppData\Roaming\AVS4YOU

2014-08-06 18:58 - 2014-08-06 18:57 - 00000000 ____D () C:\ProgramData\AVS4YOU
 

Some content of TEMP:

====================

C:\Users\Ich\AppData\Local\temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-09-04 16:46
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Java, Flash und Adobe updaten.

Windows updaten, da fehlen 5 Jahre Updates und Servicepacks!

So, danke nochmal. Ja ich weiss, aber immer wenn ich java updaten will, funktioniert das nicht. Zum Windows Update, welches kommt da in Frage. Dachte das passiert immer automatisch. Weiss nicht warum. Seit gestern öffnet sich direkt nach dem Start das hier...

[IMG]http://www11.pic-upload.de/05.09.14/uj37q6llciby.jpg[/IMG]

jetzt hängt sich auch noch Firefox immer wieder auf und wenn man dann schließen will erscheint das hier...

http://www11.pic-upload.de/05.09.14/9pjwetvjluh1.jpg

Im Internet explorer kommt diese Meldung...

http://www11.pic-upload.de/05.09.14/yyvu1hzj1rm3.jpg

beide Servicepacks fehlen. Die erstmal installieren.

Ich habe jetzt bei Windows Update nachgesehen. Es gab ein Update, welches ich runtergeladen und installiert hab.