Hallo,

ich bekomme seit gestern permanent diese Meldung angezeigt:

C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehen oder enthält einen Fehler. Installieren Sie das Programm mit den Originalinstallationsmedium erneut, oder wenden Sie sich an den Systemadministrator oder Softwarelieferanten, um Unterstützung zu erhalten.

Habe über Avira die Meldung eines Virus bekommen und diesen in Quarantäne verschoben. Nach einem Neustart poppt bei jedem öffnen eines Programms diese Meldung auf...
Kann mir jemand weiterhelfen, wie bekomme ich das wieder los???

Bin leider ehr ein PC Anwender von daher habe ich nicht wirklich den Durchblick, wie ich das wieder in den Griff bekomme!
Danke schon mal
Tanja

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Code: Alles auswählenAufklappen

ATTFilter

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Tanja (administrator) on TANJA-PC on 26-03-2015 13:23:13
Running from C:\Users\Tanja\Downloads
Loaded Profiles: Tanja (Available profiles: Tanja)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
() C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
() C:\Users\Tanja\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(APN LLC.) C:\Users\Tanja\AppData\Local\VNT\vntldr.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Client Connect LTD) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7711264 2009-08-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1934744 2015-01-27] (APN)
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [VNT] => C:\Program Files\VNT\vntldr.exe [196504 2014-08-22] (APN LLC.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [QuickTime Plugin Install] => C:\Program Files\QuickTime\Plugins\DeleteMe1.exe [86016 2014-11-10] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-22] (Google Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [Amazon Cloud Player] => C:\Users\Tanja\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [PriceMeterW] => "C:\Users\Tanja\AppData\Local\PriceMeter\pricemeterw.exe"
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [GoogleChromeAutoLaunch_FB2E67EEF5904AC634A7B3DA98460BC7] => C:\Program Files\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\MountPoints2: {2a4370bc-54a5-11df-994c-00245421e0ba} - F:\AutoRun.exe
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\MountPoints2: {30d898c6-669d-11df-9664-00245421e0ba} - G:\AutoRun.exe
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\MountPoints2: {4defa563-5345-11df-8305-00245421e0ba} - F:\AutoRun.exe
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\MountPoints2: {4defa57d-5345-11df-8305-00245421e0ba} - F:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files\SearchProtect\SearchProtect\bin\VC32Loader.dll [223504 2015-03-16] ()
Startup: C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = Microsoft Security Essentials
HKU\S-1-5-21-771618654-3341757510-301361698-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000
HKU\S-1-5-21-771618654-3341757510-301361698-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Suche
HKU\S-1-5-21-771618654-3341757510-301361698-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000
URLSearchHook: HKLM - Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn0.dll No File
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=113&itype=n&ver=13986&tm=557&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE80FDB81-A2F1-4213-9629-95B7B32DB764&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE80FDB81-A2F1-4213-9629-95B7B32DB764&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=113&itype=n&ver=13986&tm=557&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll [2015-01-27] (APN LLC.)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO: Zynga Toolbar -> {7b13ec3e-999a-4b70-b9cb-2617b8323822} -> C:\Program Files\Zynga\tbZyn0.dll No File
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-22] (DVDVideoSoft Ltd.)
Toolbar: HKLM - Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn0.dll No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll [2015-01-27] (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> Zynga Toolbar - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\tbZyn0.dll No File
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> No Name - {38542454-DFB6-44F5-B052-D4E071A3D073} -  No File
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20100826144410
DPF: {D27CDB6E-AE6D-11CF-96B8-444555540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 -> C:\Program Files\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 -> C:\Program Files\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-771618654-3341757510-301361698-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-07-21] (Apple Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-23]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-10]
FF HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2014-07-19]

Chrome: 
=======
CHR HomePage: Default -> chrome://apps/
CHR StartupUrls: Default -> "chrome://apps/"
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\41.0.2272.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\41.0.2272.101\pdf.dll ()
CHR Plugin: (registryAccess) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.10.0_0\background/registryAccess.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\windows\system32\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Mein Ebay) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\amppmommjclmlfdjmfiblififijpigmd [2013-07-08]
CHR Extension: (Wetter von wetter.com) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgapkfcninhaogfjjoohaleiclbhjmnp [2013-06-25]
CHR Extension: (YouTube) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-16]
CHR Extension: (Facebook) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-06-25]
CHR Extension: (Google Search) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-16]
CHR Extension: (Color Tunnel) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\epkoakmabaognokfndhfaebaknjgnpgg [2013-06-25]
CHR Extension: (YoWindow Weather) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2013-06-29]
CHR Extension: (HopToShop Offers for Amazon.de) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgaibgbcnfjfjmnaclddkdkadlplcknb [2014-12-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Tanja\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.10.0.crx [2012-11-03]
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [pcoohmdcpejoeggdnihdfhohjgdbllgm] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\ToolbarCR.crx [2015-02-05]
CHR HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-07-19]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-01-27] (APN LLC.)
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [3251472 2015-03-16] (Client Connect LTD)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-04] (Avira Operations GmbH & Co. KG)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R1 MpKsle5f9440b; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA1DF7F6-50BF-4316-9E42-E508974EE57B}\MpKsle5f9440b.sys [39464 2015-03-26] (Microsoft Corporation)
R0 PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
S3 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-26 16:00 - 2009-06-18 02:15 - 00214024 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfehidk.sys
2015-03-26 16:00 - 2009-06-18 02:15 - 00079816 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfeavfk.sys
2015-03-26 16:00 - 2009-06-18 02:15 - 00040552 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfesmfk.sys
2015-03-26 16:00 - 2009-06-18 02:15 - 00035272 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfebopk.sys
2015-03-26 16:00 - 2009-06-18 02:14 - 00034248 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mferkdk.sys
2015-03-26 16:00 - 2009-06-10 22:27 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2015-03-26 16:00 - 2009-04-09 06:23 - 00130424 _____ (McAfee, Inc.) C:\windows\system32\Drivers\Mpfp.sys
2015-03-26 15:59 - 2009-07-14 02:15 - 00606208 _____ (Microsoft Corporation) C:\windows\system32\mstime.dll
2015-03-26 15:59 - 2009-07-14 02:15 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\ieaksie.dll
2015-03-26 15:59 - 2009-07-14 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\system32\ieakeng.dll
2015-03-26 15:59 - 2009-07-14 02:15 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\corpol.dll
2015-03-26 15:59 - 2009-07-14 02:14 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\admparse.dll
2015-03-26 15:59 - 2009-07-14 02:05 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\ieakui.dll
2015-03-26 13:23 - 2015-03-26 13:25 - 00026934 _____ () C:\Users\Tanja\Downloads\FRST.txt
2015-03-26 13:22 - 2015-03-26 13:23 - 00000000 ____D () C:\FRST
2015-03-26 13:22 - 2015-03-26 13:22 - 01135104 _____ (Farbar) C:\Users\Tanja\Downloads\FRST.exe
2015-03-26 07:39 - 2015-03-26 07:39 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Tanja\Downloads\SpyHunter-Installer.exe
2015-03-25 08:06 - 2015-03-25 08:06 - 05813872 _____ (ParetoLogic Inc.) C:\Users\Tanja\Downloads\ParetoLogic PC Health Advisor_de (1).exe
2015-03-25 08:01 - 2015-03-26 13:12 - 00000470 _____ () C:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-03-25 08:01 - 2015-03-25 19:36 - 00000444 _____ () C:\windows\Tasks\ParetoLogic Registration3.job
2015-03-25 08:01 - 2015-03-25 19:36 - 00000418 _____ () C:\windows\Tasks\ParetoLogic Update Version3.job
2015-03-25 08:01 - 2015-03-25 08:01 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\ParetoLogic
2015-03-25 08:01 - 2015-03-25 08:01 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\DriverCure
2015-03-25 08:00 - 2015-03-25 19:39 - 00000000 ____D () C:\ProgramData\ParetoLogic
2015-03-25 08:00 - 2015-03-25 08:00 - 00000000 ____D () C:\Program Files\Common Files\ParetoLogic
2015-03-25 07:59 - 2015-03-25 07:59 - 05813872 _____ (ParetoLogic Inc.) C:\Users\Tanja\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-03-25 07:25 - 2015-03-11 04:30 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-25 07:25 - 2015-03-11 04:30 - 00534528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-25 07:25 - 2015-03-11 04:29 - 00818176 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-25 07:25 - 2015-03-11 04:29 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-25 07:25 - 2015-03-11 04:29 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-25 07:25 - 2015-03-11 04:29 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-25 07:25 - 2015-03-11 04:29 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-03-25 07:25 - 2015-03-11 04:26 - 00892928 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-24 19:27 - 2015-03-25 00:49 - 00000000 ____D () C:\Users\Tanja\AppData\Local\avaavxvyex
2015-03-14 22:07 - 2015-03-14 22:07 - 00131072 ____N () C:\windows\Minidump\031415-24273-01.dmp
2015-03-11 07:05 - 2015-02-26 04:11 - 02381312 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-11 07:05 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-11 07:05 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-11 07:05 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-11 07:05 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-11 07:05 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-11 07:05 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-11 07:05 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-11 07:05 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-11 07:05 - 2015-02-20 02:56 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-11 07:05 - 2015-02-20 02:50 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-11 07:05 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 07:05 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-11 07:05 - 2015-02-20 02:24 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-11 07:05 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-11 07:05 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-11 07:05 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-11 07:05 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-11 07:05 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-11 07:04 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-11 07:04 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-11 07:04 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-11 07:04 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-11 07:04 - 2015-02-20 03:22 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-11 07:04 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-11 07:04 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-11 07:04 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-11 07:04 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-11 07:04 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-11 07:04 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-11 07:04 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-11 07:04 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-11 07:04 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-11 07:04 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-11 07:04 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-11 07:03 - 2015-03-06 06:15 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-11 07:03 - 2015-03-06 06:15 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-11 07:03 - 2015-03-06 06:10 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-11 07:03 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-11 07:03 - 2015-03-06 06:09 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-11 07:03 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-11 07:03 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-11 07:03 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-11 07:03 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-11 07:03 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-11 07:03 - 2015-02-20 05:13 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-11 07:03 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-11 07:03 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-11 07:03 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-11 07:03 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-11 07:03 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-11 07:03 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-11 07:03 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-11 07:03 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-11 07:02 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-03-11 07:02 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-11 07:02 - 2015-02-03 04:16 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-11 07:02 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-11 07:02 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-11 07:02 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-11 07:02 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-11 07:02 - 2015-02-03 04:11 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-11 07:02 - 2015-02-03 04:10 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-11 07:02 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-11 07:02 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-11 07:02 - 2015-02-03 04:00 - 00593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-11 07:02 - 2015-02-03 03:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-11 07:02 - 2015-01-31 00:56 - 00370488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-11 07:02 - 2014-10-31 23:22 - 00521384 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-11 07:02 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-11 07:02 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-02-25 19:50 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 19:14 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-02-25 19:14 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-02-25 19:14 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-26 13:22 - 2009-07-14 05:34 - 00023328 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-26 13:22 - 2009-07-14 05:34 - 00023328 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-26 13:17 - 2009-09-22 06:23 - 01961269 _____ () C:\windows\WindowsUpdate.log
2015-03-26 13:12 - 2015-02-22 21:35 - 00000000 ___RD () C:\Users\Tanja\iCloudDrive
2015-03-26 13:12 - 2014-12-10 23:07 - 00000952 _____ () C:\windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
2015-03-26 13:12 - 2010-01-30 09:57 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-26 13:11 - 2014-12-10 23:07 - 00000948 _____ () C:\windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
2015-03-26 13:11 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-26 13:11 - 2009-07-14 05:39 - 00298711 _____ () C:\windows\setupact.log
2015-03-26 13:10 - 2009-07-14 05:33 - 00508192 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-26 08:27 - 2010-01-30 09:57 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-26 08:05 - 2012-03-31 06:34 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-25 13:27 - 2009-07-26 21:06 - 01768124 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-25 08:12 - 2013-05-27 12:20 - 00000000 ____D () C:\ProgramData\tmp
2015-03-25 08:02 - 2010-08-16 14:00 - 00000792 _____ () C:\Users\Tanja\Desktop\Tanja Bilder.lnk
2015-03-25 08:02 - 2009-12-14 17:35 - 00000830 _____ () C:\Users\Tanja\Desktop\Tanja Mukke.lnk
2015-03-25 07:32 - 2014-12-10 19:31 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-25 07:32 - 2014-05-06 06:42 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-24 19:34 - 2009-09-22 06:48 - 01451724 _____ () C:\windows\PFRO.log
2015-03-24 19:27 - 2014-02-16 23:52 - 00000000 ____D () C:\Program Files\SearchProtect
2015-03-21 03:29 - 2013-06-04 19:24 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-17 19:31 - 2009-07-14 05:53 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-03-14 22:07 - 2010-05-30 07:42 - 00000000 ____D () C:\windows\Minidump
2015-03-11 19:19 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\de-DE
2015-03-11 14:14 - 2009-12-07 17:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 14:13 - 2013-08-14 06:24 - 00000000 ____D () C:\windows\system32\MRT
2015-03-11 14:03 - 2009-12-13 12:01 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-04 12:51 - 2014-02-06 13:36 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-03-04 12:51 - 2014-02-06 13:36 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-03-04 12:51 - 2014-02-06 13:36 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-03 14:16 - 2009-12-10 20:17 - 00246920 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-02-26 06:48 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\tracing

==================== Files in the root of some directories =======

2014-02-10 22:53 - 2014-02-10 22:53 - 49940480 _____ () C:\Program Files\GUTE0B6.tmp
2009-12-10 23:38 - 2009-12-10 23:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-12-07 17:09 - 2009-08-17 06:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2011-01-14 23:16 - 2011-01-14 23:16 - 0001302 _____ () C:\ProgramData\ss.ini
2011-01-14 23:40 - 2011-01-14 23:40 - 0000033 _____ () C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini

Some content of TEMP:
====================
C:\Users\Tanja\AppData\Local\Temp\ApnStub.exe
C:\Users\Tanja\AppData\Local\Temp\avgnt.exe
C:\Users\Tanja\AppData\Local\Temp\CDBurnerXPUpdateSetup.exe
C:\Users\Tanja\AppData\Local\Temp\ConduitEngine.dll
C:\Users\Tanja\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Tanja\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Tanja\AppData\Local\Temp\FirefoxUpdateSetup.exe
C:\Users\Tanja\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Tanja\AppData\Local\Temp\GLF9C58.tmp.ConduitEngineSetup.exe
C:\Users\Tanja\AppData\Local\Temp\IPx86_1031.exe
C:\Users\Tanja\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Tanja\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Tanja\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Tanja\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Tanja\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Tanja\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Tanja\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Tanja\AppData\Local\Temp\NEW4911.tmp.exe
C:\Users\Tanja\AppData\Local\Temp\NEWA573.tmp.exe
C:\Users\Tanja\AppData\Local\Temp\nsa135F.exe
C:\Users\Tanja\AppData\Local\Temp\nsa3314.exe
C:\Users\Tanja\AppData\Local\Temp\nsg4704.exe
C:\Users\Tanja\AppData\Local\Temp\nsj82DD.exe
C:\Users\Tanja\AppData\Local\Temp\nsj8686.exe
C:\Users\Tanja\AppData\Local\Temp\nsl1C27.exe
C:\Users\Tanja\AppData\Local\Temp\nslBFF.exe
C:\Users\Tanja\AppData\Local\Temp\nsq3CE5.exe
C:\Users\Tanja\AppData\Local\Temp\nst8A6D.exe
C:\Users\Tanja\AppData\Local\Temp\nstCAB8.exe
C:\Users\Tanja\AppData\Local\Temp\nstCF99.exe
C:\Users\Tanja\AppData\Local\Temp\nszD4E8.exe
C:\Users\Tanja\AppData\Local\Temp\Offercast_AVIRAV7_.exe
C:\Users\Tanja\AppData\Local\Temp\photographerbook.exe
C:\Users\Tanja\AppData\Local\Temp\prxGLF9C58.tmp.tbElf_.dll
C:\Users\Tanja\AppData\Local\Temp\readSTILog.dll
C:\Users\Tanja\AppData\Local\Temp\ResetDevice.exe
C:\Users\Tanja\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Tanja\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tanja\AppData\Local\Temp\SPSetup.exe
C:\Users\Tanja\AppData\Local\Temp\tbElf_.dll
C:\Users\Tanja\AppData\Local\Temp\tmd_34013086.exe
C:\Users\Tanja\AppData\Local\Temp\tmd_34015195.exe
C:\Users\Tanja\AppData\Local\Temp\tmd_34015376.exe
C:\Users\Tanja\AppData\Local\Temp\tmd_34017324.exe
C:\Users\Tanja\AppData\Local\Temp\tmd_34019126.exe
C:\Users\Tanja\AppData\Local\Temp\tmd_34019432.exe
C:\Users\Tanja\AppData\Local\Temp\tmd_34019560.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-04 20:34

==================== End Of Log ============================
         

--- --- ---

--- --- ---


FRST Additions Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Tanja at 2015-03-26 13:26:27
Running from C:\Users\Tanja\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.4 (HKLM\...\{FA6F726E-AA8D-492A-B18A-A5945C337FCE}) (Version: 4.4.1 - Adobe)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazon Cloud Player (HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.9 (HKLM\...\Amazon MP3-Downloader) (Version:  - )
AnyPC Client (HKLM\...\{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}) (Version: 1.0.0.12 - Doctorsoft)
Apple Application Support (32-Bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Cover Studio 1.01 (HKLM\...\Ashampoo Cover Studio_is1) (Version: 1.0.1 - ashampoo GmbH & Co. KG)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.1.0805 - Atheros)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Avira SearchFree Toolbar (HKLM\...\{41564952-412D-5637-00A7-A758B70C0A00}) (Version: 12.10.0.2949 - APN, LLC)
Avira SearchFree Toolbar (HKLM\...\{41564952-412D-5637-4300-A758B70C1801}) (Version: 12.24.1.233 - APN, LLC)
BatteryLifeExtender (HKLM\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Business Contact Manager für Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
calibre (HKLM\...\{8C31E86B-2A66-40E8-BF47-32A25D65DB12}) (Version: 1.15.0 - Kovid Goyal)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
CDex extraction audio (HKLM\...\CDex) (Version:  - )
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2907 - CyberLink Corp.)
Dairy Dash (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{A7581D39-EA20-4883-A480-80C21047052B}) (Version: 4.0.2 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.4 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.2 - Samsung)
Elf Bowling Hawaiian Vacation (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115246907}) (Version:  - Oberon Media)
Farm Frenzy 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
FLV-Media-Player (HKLM\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2532 - HYBRIDWEB.de)
Free Audio CD Burner version 1.4 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free Easy Burner V 5.1 (HKLM\...\Free Easy Burner_is1) (Version: 5.1.0.0 - Koyote soft)
Free M4a to MP3 Converter 6.0 (HKLM\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Studio version 6.4.3.128 (HKLM\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Free WMA to MP3 Converter 1.16 (HKLM\...\Free WMA to MP3 Converter_is1) (Version:  - Jodix Technologies Ltd.)
Free YouTube Download 2.3 (HKLM\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Game Pack (HKLM\...\{63eafc52-b963-4297-a7eb-d412944e7065}_is1) (Version: 5.3.0.10 - Oberon Media, Inc.)
Go-Go Gourmet (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}) (Version:  - Oberon Media)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Digital Image Suite 10 (HKLM\...\PictureItSuite_v10) (Version: 10.0.0612 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FDE96E86-7780-431C-92F7-679C6A7CEC51}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.302.09.02.511 - Huawei Technologies Co.,Ltd)
myphotobook.de (HKLM\...\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.2.3-770 - myphotobook GmbH)
myphotobook.de (Version: 1.2.3 - myphotobook GmbH) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
Photographerbook 2.1 (HKLM\...\Photographerbook_is1) (Version: Photographerbook 2.1 - )
Pixum Fotobuch (HKLM\...\Pixum Fotobuch) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller  Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}) (Version: 1.0.1 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Search Protect (HKLM\...\SearchProtect) (Version: 2.22.0.160 - Client Connect LTD) <==== ATTENTION
Sid Meier's Civilization 4 (HKLM\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.00.0000 - Firaxis Games)
Sid Meier's Civilization 4 (Version: 1.00.0000 - Firaxis Games) Hidden
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
Tinypic 3.14 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.14 - E. Fiedler)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
XMedia Recode 3.0.5.6 (HKLM\...\XMedia Recode) (Version: 3.0.5.6 - Sebastian Dörfler)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{4D72E5BC-BC7C-11E0-83CA-10424824019B}\InprocServer32 -> C:\Users\Tanja\AppData\Local\ASKTOO~1\DOWNLO~1\AviraIDW.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{595EF3BD-A186-454A-810C-02015139ACDC}\InprocServer32 -> C:\Users\Tanja\AppData\Local\ASKTOO~1\DOWNLO~1\Avira.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{5CAA6074-C368-4FAD-A0D6-2F348355C324}\InprocServer32 -> C:\Users\Tanja\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~2.DLL No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{7F902AD4-FC6A-4B2F-8B8D-B6DD4E329B76}\InprocServer32 -> C:\Users\Tanja\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{DF846759-BE0F-4451-B9D3-4BEFF765A1FD}\InprocServer32 -> C:\Users\Tanja\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAT~1.DLL No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{EB959CA4-408B-4465-9CF5-7EBA7B885153}\InprocServer32 -> C:\Users\Tanja\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAS~1.DLL No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1000_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\Tanja\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~1.DLL No File

==================== Restore Points  =========================

19-03-2015 19:49:31 Windows Update
22-03-2015 22:31:59 Windows-Sicherung
23-03-2015 19:51:51 Windows Update
25-03-2015 07:25:14 Windows Update
25-03-2015 08:15:38 Windows-Sicherung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {070691D7-9F54-4437-85C6-DD8B44A204A3} - System32\Tasks\{13CBF396-0066-40D5-A9BE-9CAB97726CCF} => pcalua.exe -a "C:\Users\Tanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ERV06BA\zyngaIE_toolbar[2].exe" -d C:\Users\Tanja\Desktop
Task: {0A3244B7-DB80-4947-AFA5-3E092CE434DB} - System32\Tasks\pricemeterdownloader => C:\Users\Tanja\AppData\Local\PriceMeter\pricemeterd.exe <==== ATTENTION
Task: {0AD185A7-4C46-46F1-95D4-9BA3C201AA8A} - System32\Tasks\{A044063C-738D-46FA-9740-F3476AD9EBD3} => C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe [2005-10-18] (Firaxis Games)
Task: {0B520F24-7E61-4E14-8875-B93B0EB8A7D8} - System32\Tasks\{51B4D19D-3F49-4BB7-B38F-F85A423FB2B3} => C:\Program Files\Mobile Partner\Mobile Partner.exe [2009-05-25] ()
Task: {19F959F6-1B42-4002-95B1-DC2550426656} - System32\Tasks\{B4A1DEC8-9BE1-4822-A03B-4181774A51C6} => pcalua.exe -a "F:\Mobile Partner\Setup.exe" -d "F:\Mobile Partner"
Task: {1CCDF7FB-ACBA-4D0A-87CC-1EFE7E679086} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-08-01] (SAMSUNG Electronics co., LTD.)
Task: {2953B18D-ABF8-496C-8657-30059A4D4B17} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {2F8964C4-028B-43F4-B071-1BA3D478A0AD} - System32\Tasks\avaavxvyex => C:\Users\Tanja\AppData\Local\avaavxvyex\avaavxvyex.exe [2015-03-16] () <==== ATTENTION
Task: {3104C9B2-D7C4-423D-BE3B-5A204B07782F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {31C68D58-AC39-4AF3-8080-45603F50948A} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-09-21] (Samsung Electronics. Co. Ltd.)
Task: {38C9A512-BE60-45CB-894C-525A5D544C63} - System32\Tasks\{2241D430-B71F-4BE3-90B2-C0B71F6D1856} => C:\Program Files\Windows Live\Mail\wlmail.exe [2009-07-26] (Microsoft Corporation)
Task: {3E791085-6985-4EA4-89CA-EAC877BF47FA} - System32\Tasks\{163E583B-730F-49D8-8B5D-C57C8BA1AA14} => pcalua.exe -a "C:\Users\Tanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ERV06BA\MFInstall7[1].exe" -d C:\Users\Tanja\Desktop
Task: {416A0C6C-054B-4D7B-90C3-DA1682D59C80} - System32\Tasks\{651AF37D-D8C5-4EA7-A056-1D47F35EC62D} => C:\Program Files\Skype\Phone\Skype.exe [2014-07-02] (Skype Technologies S.A.)
Task: {43E819CA-1627-40B2-A0F3-4361D6FB6314} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {468118E1-8AB4-4C72-A15E-5BFC4EBFB10F} - System32\Tasks\{29FBC8C7-ED02-4BB2-B2FD-116F700F1791} => C:\Program Files\Windows Live\Mail\wlmail.exe [2009-07-26] (Microsoft Corporation)
Task: {4891CA0C-BFA4-475D-8D8A-10E139AFFF42} - System32\Tasks\{794ED75A-84C8-45C8-AC13-2FEE752EF519} => C:\Program Files\CDDBMP3Tool\CDDBMP3Tool.exe
Task: {546574BC-AB02-4141-B5BD-54397C19356C} - System32\Tasks\{0911A821-2F25-473B-B8E2-12CCB93D7C29} => C:\Program Files\Windows Live\Mail\wlmail.exe [2009-07-26] (Microsoft Corporation)
Task: {60182DE5-5A16-4164-BEDB-A8D3B6E78430} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {66C32559-3BF4-4CDE-8292-CF653355C3C2} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-09-07] (SAMSUNG Electronics)
Task: {7EB50476-928E-4A9B-BFA0-6CED30149B59} - System32\Tasks\{555B18A2-0A55-4D57-8E42-E96686ADA1A6} => C:\Program Files\CDDBMP3Tool\CDDBMP3Tool.exe
Task: {88D1D541-EE1D-427C-8AE0-D6C963979D29} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {8B955AD0-176F-41F9-876D-923551F8C327} - System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: {8F6E6AC3-68BE-49C4-AC64-F471BB6CED95} - System32\Tasks\{D01F5EE5-ABCB-41C8-B8EE-259C718B964C} => C:\Program Files\CDDBMP3Tool\CDDBMP3Tool.exe
Task: {93EA6840-2865-4D9C-8770-4862117A2B82} - System32\Tasks\{BC5413C8-55B7-46D1-BCFE-2AD0AE32C3E1} => pcalua.exe -a "C:\Users\Tanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YRRNS5RH\AmazonMP3DownloaderInstall.exe" -d C:\Users\Tanja\Desktop
Task: {9F5CDA7C-A5AD-4F0E-890D-EDAFF269D7E6} - System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: {A3F1C33D-5A4E-4700-B569-C3179E33EBCA} - System32\Tasks\{2F1382F5-6465-4341-AA78-9772F365C6CF} => C:\Program Files\Windows Live\Mail\wlmail.exe [2009-07-26] (Microsoft Corporation)
Task: {B99B48BA-D347-4DB3-B3DE-AEE97C3C939B} - System32\Tasks\{E652CFD4-FC0D-47CE-B880-68D1FAF275FA} => C:\Program Files\CDDBMP3Tool\CDDBMP3Tool.exe
Task: {BB9FDB3D-2E99-4BCE-B031-873E2BD9920B} - System32\Tasks\{71E6C79D-64B9-4DE4-9B94-75191F08F698} => pcalua.exe -a "C:\Users\Tanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TWYEAKF\DigitalPrintLabNetInstall[1].exe" -d C:\Users\Tanja\Desktop
Task: {C6A2B669-3D7B-431D-AB5C-62C78D776A56} - System32\Tasks\{82D390FB-F5D4-46CE-B9F2-DDDA7AE41B65} => C:\Program Files\CDDBMP3Tool\CDDBMP3Tool.exe
Task: {C7AD6C6B-CB53-402E-BDED-3E55E922E51C} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {D2A5477A-B809-4BC6-8376-A7BFE0AD8411} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {D473CC63-3898-4828-969B-90114E24B4C0} - System32\Tasks\{1B44143F-FA16-4CBE-BD9C-E0D3FEAD9F3E} => C:\Program Files\CDDBMP3Tool\CDDBMP3Tool.exe
Task: {D5CD70F0-566B-4F18-8E60-BE1266DCD430} - System32\Tasks\{082683FC-17E1-400C-8282-B637C1EF3A98} => C:\Program Files\Windows Live\Mail\wlmail.exe [2009-07-26] (Microsoft Corporation)
Task: {DB888340-1AF2-4156-B6F5-5C24491A06C8} - System32\Tasks\{B8A39138-F149-4B02-A397-07C362B87934} => C:\Program Files\CDDBMP3Tool\CDDBMP3Tool.exe
Task: {DD99F176-A53F-454B-9CAD-CF29E1084804} - System32\Tasks\{977EC314-A1ED-4C5B-9924-623E72F300B9} => pcalua.exe -a "C:\Users\Tanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ERV06BA\JavaSetup6u17-rv[1].exe" -d C:\Users\Tanja\Desktop
Task: {E668EF75-618F-4F73-B7E3-0C6F83F3EBE3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EC828DE2-4C84-4F8B-8D20-EDC7BF2B3F53} - System32\Tasks\{F4D99E59-8B9F-4092-94C0-8A6F21B6ABA1} => C:\Program Files\CDBurnerXP\cdbxpp.exe [2013-12-14] (Canneverbe Limited)
Task: {EDFA09E3-1307-4987-8AAA-E89826AEE67D} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {EEB45ECD-A140-421A-9DB4-78F9F63E75E6} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {F61BAB77-BC2F-4D19-B5AF-0BE3C00AAF12} - System32\Tasks\{DAC5E1B9-FCC7-4A9F-976D-1D2832A9956C} => pcalua.exe -a "C:\Users\Tanja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TWYEAKF\PsychicMP3_v2.0[1].exe" -d C:\Users\Tanja\Desktop
Task: {FCC85F9D-CE13-4427-ABDC-98A596891E6A} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-08-23] (Samsung Electronics Co., Ltd.)
Task: {FD2D6011-5BE3-4631-99F5-893B5CD09924} - System32\Tasks\{C8FCE511-51A2-4169-9D53-FD971F445894} => C:\Program Files\CDDBMP3Tool\CDDBMP3Tool.exe
Task: {FF520546-9FBB-40D0-B9B4-CEE701894095} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-09-08] (Samsung Electronics Co., Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ParetoLogic Registration3.job => C:\windows\system32\rundll32.exeAC:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-07 17:11 - 2009-08-13 21:58 - 00044312 _____ () C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
2009-09-22 06:26 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2009-09-22 06:24 - 2010-04-20 13:26 - 00300912 _____ () C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
2009-09-22 06:24 - 2010-04-16 13:11 - 00155648 _____ () C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2013-12-27 18:39 - 2014-01-14 20:46 - 03140608 _____ () C:\Users\Tanja\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2015-03-21 03:28 - 2015-03-14 11:12 - 01174856 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-21 03:28 - 2015-03-14 11:12 - 00080200 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-21 03:28 - 2015-03-14 11:12 - 09278792 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-21 03:28 - 2015-03-14 11:12 - 14974280 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:A42A9F39
AlternateDataStreams: C:\ProgramData\Temp:A5B56640
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-771618654-3341757510-301361698-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

==================== Accounts: =============================

Administrator (S-1-5-21-771618654-3341757510-301361698-500 - Administrator - Disabled)
Gast (S-1-5-21-771618654-3341757510-301361698-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-771618654-3341757510-301361698-1009 - Limited - Enabled)
Tanja (S-1-5-21-771618654-3341757510-301361698-1000 - Administrator - Enabled) => C:\Users\Tanja

==================== Faulty Device Manager Devices =============

Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/24/2015 08:22:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 15.0.8.652 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1050

Startzeit: 01d066652c83d85b

Endzeit: 60000

Anwendungspfad: C:\Program Files\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: f72720a0-d25a-11e4-866e-ce5d209e110b

Error: (03/23/2015 04:49:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4649

Error: (03/23/2015 04:49:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4649

Error: (03/23/2015 04:49:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/23/2015 04:49:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3635

Error: (03/23/2015 04:49:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3635

Error: (03/23/2015 04:49:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/23/2015 04:49:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2247

Error: (03/23/2015 04:49:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2247

Error: (03/23/2015 04:49:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/26/2015 01:21:29 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/26/2015 01:21:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/26/2015 07:14:51 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/26/2015 07:14:29 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/26/2015 06:50:24 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/26/2015 06:48:00 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/26/2015 06:39:09 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/26/2015 06:39:10 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt

	Feature: %%886

	Fehlercode: 0x80070005

	Fehlerbeschreibung: Zugriff verweigert 

	Grund: %%892

Error: (03/25/2015 07:37:54 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt

	Feature: %%886

	Fehlercode: 0x80070005

	Fehlerbeschreibung: Zugriff verweigert 

	Grund: %%892

Error: (03/25/2015 07:37:39 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 47%
Total physical RAM: 3036.61 MB
Available physical RAM: 1587.44 MB
Total Pagefile: 6069.46 MB
Available Pagefile: 4165.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:99.05 GB) (Free:13.32 GB) NTFS
Drive d: () (Fixed) (Total:183.95 GB) (Free:164.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 031AA195)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=99 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=183.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

--- --- ---

Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

• Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
• Klicke auf Optionen und wähle als Sprache Deutsch.
• Suche im Uninstallerfeld nach den Programmen:
  
  Search Protect
  
  
  
• Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
• Wähle anschließend den Modus "Moderat" aus.
  
• Reste löschen:
  Klicke auf dann auf und dann auf .

 

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 15-03-25.01 - Tanja 26.03.2015  20:38:52.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3037.1504 [GMT 1:00]
ausgeführt von:: c:\users\Tanja\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\SearchProtect
c:\program files\SearchProtect\EULA.txt
c:\program files\SearchProtect\Main\bin\CltMngSvc.exe
c:\program files\SearchProtect\Main\bin\CltMngSvc.exe_1416205403509
c:\program files\SearchProtect\Main\bin\SPtool.dll
c:\program files\SearchProtect\Main\bin\sptool.dll_1417547267958
c:\program files\SearchProtect\Main\bin\sptool.dll_1418754618147
c:\program files\SearchProtect\Main\bin\sptool.dll_1420723850449
c:\program files\SearchProtect\Main\bin\sptool.dll_1422990812144
c:\program files\SearchProtect\Main\bin\sptool.dll_1423592762025
c:\program files\SearchProtect\Main\bin\sptool.dll_1426703228382
c:\program files\SearchProtect\Main\bin\sptool.dll_1427221604731
c:\program files\SearchProtect\Main\bin\uninstall.exe
c:\program files\SearchProtect\Main\bin\uninstall.pun
c:\program files\SearchProtect\Main\rep\cfi.bin
c:\program files\SearchProtect\Main\rep\edk.bin
c:\program files\SearchProtect\Main\rep\pni.bin
c:\program files\SearchProtect\Main\rep\SystemRepository.dat
c:\program files\SearchProtect\Main\rep\trn.bin
c:\program files\SearchProtect\SearchProtect\bin\cltmng.exe
c:\program files\SearchProtect\SearchProtect\bin\RN32.dll
c:\program files\SearchProtect\SearchProtect\bin\SPtool64.exe
c:\program files\SearchProtect\SearchProtect\bin\VC32.dll
c:\program files\SearchProtect\SearchProtect\bin\VC32Loader.dll
c:\program files\SearchProtect\SearchProtect\bin\VC64.dll
c:\program files\SearchProtect\SearchProtect\bin\VC64Loader.dll
c:\program files\SearchProtect\UI\bin\cltmngui.exe
c:\program files\SearchProtect\UI\dialogs\Consent\consent.css
c:\program files\SearchProtect\UI\dialogs\Consent\consent.html
c:\program files\SearchProtect\UI\dialogs\Consent\consent.js
c:\program files\SearchProtect\UI\dialogs\Consent\defaults.js
c:\program files\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files\SearchProtect\UI\dialogs\Images\bg-dia.png
c:\program files\SearchProtect\UI\dialogs\Images\bg-uninstall.png
c:\program files\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files\SearchProtect\UI\dialogs\Images\bg.png
c:\program files\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files\SearchProtect\UI\dialogs\Images\bgSettingsDS.png
c:\program files\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files\SearchProtect\UI\dialogs\Images\button-bg.png
c:\program files\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files\SearchProtect\UI\dialogs\Images\hez-def-grey.png
c:\program files\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files\SearchProtect\UI\dialogs\Images\hez.png
c:\program files\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files\SearchProtect\UI\dialogs\Images\SP_DialogBG.png
c:\program files\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files\SearchProtect\UI\dialogs\Images\v.png
c:\program files\SearchProtect\UI\dialogs\Images\x.png
c:\program files\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files\SearchProtect\UI\dialogs\libs\DialogAPI.js
c:\program files\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files\SearchProtect\UI\dialogs\libs\main.js
c:\program files\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files\SearchProtect\UI\dialogs\protection\protection.css
c:\program files\SearchProtect\UI\dialogs\protection\protection.html
c:\program files\SearchProtect\UI\dialogs\protection\protection.js
c:\program files\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
c:\program files\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
c:\program files\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
c:\program files\SearchProtect\UI\dialogs\settings.html
c:\program files\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files\SearchProtect\UI\dialogs\settings\settings.css
c:\program files\SearchProtect\UI\dialogs\settings\settings.html
c:\program files\SearchProtect\UI\dialogs\settings\settings.js
c:\program files\SearchProtect\UI\dialogs\style.css
c:\program files\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\program files\SearchProtect\UI\dialogs\uninstall\uninstall.js
c:\programdata\NVIDIA
c:\programdata\NVIDIA\NvApps.xml
c:\programdata\NVIDIA\NvStarted
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_CltMngSvc
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-02-26 bis 2015-03-26  ))))))))))))))))))))))))))))))
.
.
2015-03-26 20:06 . 2015-03-26 20:06	--------	d-----w-	c:\programdata\NVIDIA
2015-03-26 19:54 . 2015-03-26 19:54	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-03-26 19:08 . 2015-03-26 19:08	--------	d-----w-	c:\program files\VS Revo Group
2015-03-26 15:00 . 2009-06-18 01:15	79816	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2015-03-26 15:00 . 2009-06-18 01:15	40552	----a-w-	c:\windows\system32\drivers\mfesmfk.sys
2015-03-26 15:00 . 2009-06-18 01:15	35272	----a-w-	c:\windows\system32\drivers\mfebopk.sys
2015-03-26 15:00 . 2009-06-18 01:15	214024	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2015-03-26 15:00 . 2009-06-18 01:14	34248	----a-w-	c:\windows\system32\drivers\mferkdk.sys
2015-03-26 15:00 . 2009-04-09 05:23	130424	----a-w-	c:\windows\system32\drivers\Mpfp.sys
2015-03-26 14:59 . 2009-07-14 01:15	18432	----a-w-	c:\windows\system32\corpol.dll
2015-03-26 14:59 . 2009-07-14 01:14	73216	----a-w-	c:\windows\system32\admparse.dll
2015-03-26 12:22 . 2015-03-26 12:28	--------	d-----w-	C:\FRST
2015-03-26 12:11 . 2015-03-26 12:11	39464	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA1DF7F6-50BF-4316-9E42-E508974EE57B}\MpKsle5f9440b.sys
2015-03-26 05:55 . 2015-03-26 05:54	908832	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BF129543-9A35-4FF3-B736-964E105DAC74}\gapaengine.dll
2015-03-26 05:54 . 2015-03-14 10:06	9119072	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA1DF7F6-50BF-4316-9E42-E508974EE57B}\mpengine.dll
2015-03-25 07:01 . 2015-03-25 07:01	--------	d-----w-	c:\users\Tanja\AppData\Roaming\ParetoLogic
2015-03-25 07:01 . 2015-03-25 07:01	--------	d-----w-	c:\users\Tanja\AppData\Roaming\DriverCure
2015-03-25 07:00 . 2015-03-25 07:00	--------	d-----w-	c:\program files\Common Files\ParetoLogic
2015-03-25 07:00 . 2015-03-25 18:39	--------	d-----w-	c:\programdata\ParetoLogic
2015-03-25 06:25 . 2015-03-11 03:30	534528	----a-w-	c:\windows\system32\generaltel.dll
2015-03-25 06:25 . 2015-03-11 03:29	818176	----a-w-	c:\windows\system32\appraiser.dll
2015-03-25 06:25 . 2015-03-11 03:29	26112	----a-w-	c:\windows\system32\acmigration.dll
2015-03-25 06:25 . 2015-03-11 03:26	892928	----a-w-	c:\windows\system32\aeinv.dll
2015-03-25 06:25 . 2015-03-11 03:30	623616	----a-w-	c:\windows\system32\invagent.dll
2015-03-25 06:25 . 2015-03-11 03:29	327168	----a-w-	c:\windows\system32\devinv.dll
2015-03-25 06:25 . 2015-03-11 03:29	202752	----a-w-	c:\windows\system32\aepdu.dll
2015-03-25 06:25 . 2015-03-11 03:29	159744	----a-w-	c:\windows\system32\aepic.dll
2015-03-24 19:46 . 2015-03-14 10:06	9119072	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-03-24 18:27 . 2015-03-24 23:49	--------	d-----w-	c:\users\Tanja\AppData\Local\avaavxvyex
2015-03-11 06:04 . 2015-02-20 01:35	469504	----a-w-	c:\program files\Internet Explorer\ieinstal.exe
2015-03-11 06:03 . 2015-03-06 05:15	137656	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2015-03-11 06:02 . 2015-02-03 03:12	406016	----a-w-	c:\windows\system32\drmmgrtn.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-16 18:55 . 2015-03-24 18:27	223504	----a-w-	c:\windows\apppatch\nbin\VC32Loader.dll
2015-03-06 05:10 . 2015-03-11 06:03	172032	----a-w-	c:\windows\system32\wdigest.dll
2015-03-06 05:10 . 2015-03-11 06:03	65536	----a-w-	c:\windows\system32\TSpkg.dll
2015-03-06 05:10 . 2015-03-11 06:03	15872	----a-w-	c:\windows\system32\sspisrv.dll
2015-03-06 05:10 . 2015-03-11 06:03	100352	----a-w-	c:\windows\system32\sspicli.dll
2015-03-06 05:10 . 2015-03-11 06:03	248832	----a-w-	c:\windows\system32\schannel.dll
2015-03-06 05:10 . 2015-03-11 06:03	22016	----a-w-	c:\windows\system32\secur32.dll
2015-03-06 05:10 . 2015-03-11 06:03	259584	----a-w-	c:\windows\system32\msv1_0.dll
2015-03-06 05:10 . 2015-03-11 06:03	221184	----a-w-	c:\windows\system32\ncrypt.dll
2015-03-06 05:07 . 2015-03-11 06:03	60416	----a-w-	c:\windows\system32\msobjs.dll
2015-03-04 11:51 . 2014-02-06 12:36	37896	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2015-03-04 11:51 . 2014-02-06 12:36	136216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-03-04 11:51 . 2014-02-06 12:36	105864	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-03-03 13:16 . 2009-12-10 19:17	246920	------w-	c:\windows\system32\MpSigStub.exe
2015-02-26 03:11 . 2015-03-11 06:05	2381312	----a-w-	c:\windows\system32\win32k.sys
2015-02-20 02:09 . 2015-03-11 06:04	503296	----a-w-	c:\windows\system32\vbscript.dll
2015-02-20 01:50 . 2015-03-11 06:05	667648	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2015-02-20 01:01 . 2015-03-11 06:04	1888256	----a-w-	c:\windows\system32\wininet.dll
2015-02-17 15:04 . 2015-02-17 15:04	1202848	----a-w-	c:\windows\system32\FM20.DLL
2015-02-05 22:05 . 2012-03-31 05:34	701616	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-02-05 22:05 . 2011-05-13 16:56	71344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-04 02:54 . 2015-03-11 06:03	417792	----a-w-	c:\windows\system32\WMPhoto.dll
2015-02-03 03:16 . 2015-03-11 06:02	3973048	----a-w-	c:\windows\system32\ntkrnlpa.exe
2015-02-03 03:16 . 2015-03-11 06:02	3917760	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-02-03 03:12 . 2015-03-11 06:03	617984	----a-w-	c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:12 . 2015-03-11 06:02	179200	----a-w-	c:\windows\system32\wintrust.dll
2015-02-03 03:12 . 2015-03-11 06:05	1230848	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:12 . 2015-03-11 06:04	171520	----a-w-	c:\windows\system32\ubpm.dll
2015-02-03 03:12 . 2015-03-11 06:02	400896	----a-w-	c:\windows\system32\srcore.dll
2015-02-03 03:12 . 2015-03-11 06:02	43008	----a-w-	c:\windows\system32\srclient.dll
2015-02-03 03:12 . 2015-03-11 06:02	50176	----a-w-	c:\windows\system32\setbcdlocale.dll
2015-02-03 03:12 . 2015-03-11 06:02	1329664	----a-w-	c:\windows\system32\quartz.dll
2015-02-03 03:12 . 2015-03-11 06:02	519680	----a-w-	c:\windows\system32\qdvd.dll
2015-02-03 03:12 . 2015-03-11 06:02	157184	----a-w-	c:\windows\system32\pcasvc.dll
2015-02-03 03:12 . 2015-03-11 06:02	28160	----a-w-	c:\windows\system32\pcadm.dll
2015-02-03 03:12 . 2015-03-11 06:02	8192	----a-w-	c:\windows\system32\spwmp.dll
2015-02-03 03:12 . 2015-03-11 06:02	504320	----a-w-	c:\windows\system32\msscp.dll
2015-02-03 03:12 . 2015-03-11 06:02	265216	----a-w-	c:\windows\system32\msnetobj.dll
2015-02-03 03:12 . 2015-03-11 06:02	10752	----a-w-	c:\windows\system32\msmmsp.dll
2015-02-03 03:12 . 2015-03-11 06:02	69632	----a-w-	c:\windows\system32\smss.exe
2015-02-03 03:11 . 2015-03-11 06:02	262656	----a-w-	c:\windows\system32\rstrui.exe
2015-02-03 03:11 . 2015-03-11 06:02	50176	----a-w-	c:\windows\system32\rrinstaller.exe
2015-02-03 03:11 . 2015-03-11 06:02	9728	----a-w-	c:\windows\system32\pcawrk.exe
2015-02-03 03:11 . 2015-03-11 06:02	8192	----a-w-	c:\windows\system32\pcalua.exe
2015-02-03 03:11 . 2015-03-11 06:02	12625408	----a-w-	c:\windows\system32\wmploc.DLL
2015-02-03 03:10 . 2015-03-11 06:02	8704	----a-w-	c:\windows\system32\pcaevts.dll
2015-01-27 23:36 . 2015-02-11 06:04	1167520	----a-w-	c:\windows\system32\aitstatic.exe
2015-01-25 16:57 . 2014-08-08 03:42	96680	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2015-01-09 02:48 . 2015-02-25 18:14	76800	----a-w-	c:\windows\system32\wdi.dll
2015-01-09 02:48 . 2015-02-25 18:14	635904	----a-w-	c:\windows\system32\perftrack.dll
2015-01-09 02:48 . 2015-02-25 18:14	27136	----a-w-	c:\windows\system32\powertracker.dll
2014-02-10 21:53 . 2014-02-10 21:53	49940480	----a-w-	c:\program files\GUTE0B6.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
2015-01-27 22:49	12184	----a-w-	c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-11-22 12:54	323752	----a-w-	c:\program files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-4300-7A786E7484D7}"= "c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" [2015-01-27 12184]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-4300-7a786e7484d7}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-22 39408]
"AmazonMP3DownloaderHelper"="c:\users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-05-22 400704]
"Amazon Cloud Player"="c:\users\Tanja\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2014-01-14 3140608]
"GoogleChromeAutoLaunch_FB2E67EEF5904AC634A7B3DA98460BC7"="c:\program files\Google\Chrome\Application\chrome.exe" [2015-03-14 809288]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-10-17 43816]
"ApplePhotoStreams"="c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816]
"iCloudDrive"="c:\program files\Common Files\Apple\Internet Services\iCloudDrive.exe" [2014-10-20 43816]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-31 13797992]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-19 7711264]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-02-13 60712]
"ApnTBMon"="c:\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2015-01-27 1934744]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2015-03-19 704512]
"VNT"="c:\program files\VNT\vntldr.exe" [2014-08-22 196504]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 978520]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-10-02 421888]
"QuickTime Plugin Install"="c:\program files\QuickTime\Plugins\DeleteMe1.exe" [2014-11-10 86016]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 157480]
.
c:\users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44	3883840	----a-w-	c:\program files\Windows Live\Messenger\msnmsgr.exe
.
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-06-22 100736]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-02-20 102912]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2015-01-30 284472]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-31 187392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-12-09 37352]
S1 MpKsle5f9440b;MpKsle5f9440b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA1DF7F6-50BF-4316-9E42-E508974EE57B}\MpKsle5f9440b.sys [2015-03-26 39464]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2015-03-19 432888]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files\Avira\AntiVir Desktop\avwebg7.exe [2015-03-19 992560]
S2 APNMCP;Ask Aktualisierungsdienst;c:\program files\AskPartnerNetwork\Toolbar\apnmcp.exe [2015-01-27 177560]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys [2015-03-04 37896]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 95408]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [2009-08-13 44312]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-21 02:28	1061704	----a-w-	c:\program files\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 22:05]
.
2015-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 09:33]
.
2015-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 09:33]
.
2015-03-26 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2014-12-08 18:55]
.
2015-03-26 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08 18:55]
.
2015-03-25 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08 18:55]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPE80FDB81-A2F1-4213-9629-95B7B32DB764&SSPV=
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000
IE: Free YouTube to MP3 Converter - c:\program files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20100826144410
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{41564952-412D-5637-00A7-7A786E7484D7} - c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
BHO-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\Zynga\tbZyn0.dll
Toolbar-Locked - (no file)
Toolbar-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\Zynga\tbZyn0.dll
Toolbar-10 - (no file)
Toolbar-{41564952-412D-5637-00A7-7A786E7484D7} - c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - c:\program files\Zynga\tbZyn0.dll
WebBrowser-{38542454-DFB6-44F5-B052-D4E071A3D073} - (no file)
WebBrowser-{41564952-412D-5637-00A7-7A786E7484D7} - c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
HKCU-Run-PriceMeterW - c:\users\Tanja\AppData\Local\PriceMeter\pricemeterw.exe
HKLM-Run-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-SearchProtect - c:\progra~1\SearchProtect\Main\bin\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\taskhost.exe
c:\program files\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
c:\program files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\users\Tanja\AppData\Local\VNT\vntldr.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Microsoft Office\Office12\ONENOTEM.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-03-26  21:15:31 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-03-26 20:15
.
Vor Suchlauf: 7 Verzeichnis(se), 17.676.427.264 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 21.393.694.720 Bytes frei
.
- - End Of File - - DE61ECB38A644A7A3C480D905C4FD4CB
2E5DEBB2116B3417023E0D6562D7ED07
         

Hallo Schrauber,

habe nun all Deine Schritte durchgeführt und nun sieht es wirklich so aus, als hättest Du genau die richtigen Tipps für mich gehabt :-)
Selbst für mich als absoluter Laie war es relativ problemlos durchzuführen und ich habe es wie es scheint, dank Deiner Hilfe hinbekommen*freu*
Ganz, ganz herzlichen Dank schon mal!!!!
Kann Euch/Dich wirklich nur weiterempfehlen!!!

Gruß und Danke
Tanja

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 27.03.2015
Suchlauf-Zeit: 18:14:31
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.03.27.07
Rootkit Datenbank: v2015.03.26.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Tanja

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 362913
Verstrichene Zeit: 31 Min, 35 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 42
PUP.Optional.Snapdo.T, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [f88ba1a98604f93d28aa3532b35001ff], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [671c9ab0ccbe0432f21d86a54eb50ef2], 
PUP.Optional.SearchResults.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{377e5d4d-77e5-476a-8716-7e70a9272da0}, In Quarantäne, [9ce798b2dcae3afca46658d74cb710f0], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\SmdmF, In Quarantäne, [354e6cdea9e14fe7975ee8f3c53e06fa], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.OneClickCtrl.9, In Quarantäne, [6e15dc6ed7b342f4c941b547020149b7], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.OneClickProcessLauncherMachine, In Quarantäne, [21620f3bcebcb97d5caed626fa097b85], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.OneClickProcessLauncherMachine.1.0, In Quarantäne, [97eca3a7d1b994a209010eee9e65dd23], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.Update3WebControl.3, In Quarantäne, [acd799b1642655e16e9be418d52ec937], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoCreateAsync, In Quarantäne, [641faaa06a2089adb654ab51f90aae52], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoCreateAsync.1.0, In Quarantäne, [ef943e0cbcce25117595ee0e679cb749], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass, In Quarantäne, [7d06b7934644bb7bf218f7059172b24e], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass.1, In Quarantäne, [1271cc7ea3e7c0769b6fe21a1ce7ba46], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreMachineClass, In Quarantäne, [d6adf456cbbf79bd8486a95330d33ac6], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreMachineClass.1, In Quarantäne, [12719eacf496b4828c7eea123cc7b34d], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CredentialDialogMachine, In Quarantäne, [21627eccb1d92d0940cacb3112f123dd], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CredentialDialogMachine.1.0, In Quarantäne, [fb8850fa74161323bc4e22da9073a45c], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine, In Quarantäne, [186b87c33e4c1e1827e38f6df80b6d93], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [b4cfdf6b7d0d3501f01af20aa95a738d], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [bdc63e0cff8baa8c4ac0906cfe05f907], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [206377d3dab00e287595ab5158ab04fc], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc, In Quarantäne, [384be8625c2e62d467a348b45ba8ab55], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [0d762c1e1e6c9f97a7634ab28d76c739], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.ProcessLauncher, In Quarantäne, [196ad9711b6f4aecab5f857706fdca36], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.ProcessLauncher.1.0, In Quarantäne, [81020149305a6cca709ac83423e05aa6], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3COMClassService, In Quarantäne, [23601d2d9eec71c57298f6069172b14f], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3COMClassService.1.0, In Quarantäne, [f88b68e2414958de9d6d00fc798a837d], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachine, In Quarantäne, [325153f71377181eb852817bb1528080], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachine.1.0, In Quarantäne, [196a33178dfd60d6ab5f09f34eb57c84], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback, In Quarantäne, [671c8ebc33578fa7709ac339c43fe61a], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [463ddf6b73178da94ebcda22ee159769], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebSvc, In Quarantäne, [f390d773fe8c80b68a80b04c7390f907], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebSvc.1.0, In Quarantäne, [3c47a4a6810992a445c5768648bbd729], 
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}, In Quarantäne, [0380ca809eecfb3b7c4ed66d5fa6837d], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=3, In Quarantäne, [4f34f9517b0f8da9412ebf0712f19d63], 
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=9, In Quarantäne, [295ad674563453e3a8c7992d57acb749], 
PUP.Optional.PriceMeter.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\PriceMeterLiveUpdate, In Quarantäne, [b7ccf852d6b49e98b2bee9dd748f02fe], 
PUP.Optional.Squeaky.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Squeaky, In Quarantäne, [aad96cde1b6f280efa6a625ae61dfd03], 
PUP.Optional.PriceGong.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, In Quarantäne, [dca7f65457330d29e2027755748f14ec], 
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nikpibnbobmbdbheedjfogjlikpgpnhp, In Quarantäne, [a2e1c684c5c538fe2cc351842ad9a55b], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [afd425252664b1859418c54362a29b65], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\INSTALLCORE, In Quarantäne, [ee95d3779ded142297ee29f58b7af60a], 
PUP.Optional.DefaultSearch, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}, In Quarantäne, [d6ada2a895f540f65774a0a3a263d22e], 

Registrierungswerte: 6
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|DisplayName, default-search.net, In Quarantäne, [0380ca809eecfb3b7c4ed66d5fa6837d]
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [9ce78ac0f2983105fe1b86530ff4817f]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\INSTALLCORE|tb, 0H1L1J1L1S1R1N, In Quarantäne, [ee95d3779ded142297ee29f58b7af60a]
PUP.Optional.DefaultSearch, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|DisplayName, default-search.net, In Quarantäne, [d6ada2a895f540f65774a0a3a263d22e]
PUP.Optional.Conduit.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE80FDB81-A2F1-4213-9629-95B7B32DB764&q={searchTerms}&SSPV=, In Quarantäne, [7d062d1d701aef472f915c58b64d7987]
PUP.Optional.Trovi.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Trovi search, In Quarantäne, [e1a2ea60dbafb383b00781cccb3a8f71]

Registrierungsdaten: 5
PUP.Optional.HelperBar.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000),Ersetzt,[0c77ef5b0e7cc2741c1c66898c790af6]
PUP.Optional.Conduit.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPE80FDB81-A2F1-4213-9629-95B7B32DB764&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPE80FDB81-A2F1-4213-9629-95B7B32DB764&SSPV=),Ersetzt,[d5aed674e5a5de58acca4ca3a95ccb35]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000),Ersetzt,[7a09dd6db7d32214a09cfdf2c73e56aa]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000),Ersetzt,[e69df05a3a50ac8a57e5b33c16ef6b95]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=1ae3c580-95a1-9e4e-b745-8e0295f88f4b&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/02/2014&type=hp1000),Ersetzt,[493a29218703e05657e2826df21310f0]

Ordner: 18
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\48DFFFEEAA9B47588E7F09C239D41B62, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\5F83585EA07749CCAE659376F9F481AB, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\67D7F802E53F45C49DE239CC4E698DB2, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\921321EEC1AF4D2D9739EDF9E0E77E90, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\954C30C7D6EC42E4BE02E292CE789D08, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\96D61B66C5BA432EA6003A9104CEA45A, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\AE0FDCBB438E4C9FAF201DF94EB82B2B, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\DA8501F22FF14E62B8C7C88D89A7FF37, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.Datamngr.A, C:\Users\Tanja\AppData\LocalLow\DataMngr, In Quarantäne, [463dad9d3654e551d5dcb9c5000332ce], 
PUP.Optional.SearchProtect.A, C:\Windows\System32\config\systemprofile\AppData\Local\SearchProtect, In Quarantäne, [aed5004a0c7e84b290babad315ee9967], 
PUP.Optional.SearchProtect.A, C:\Windows\System32\config\systemprofile\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [aed5004a0c7e84b290babad315ee9967], 
PUP.Optional.SearchProtect.A, C:\Windows\System32\config\systemprofile\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [aed5004a0c7e84b290babad315ee9967], 
PUP.Optional.PriceMeter.A, C:\Users\Tanja\AppData\Local\PriceMeterLiveUpdate, In Quarantäne, [265dc08a8dfd6bcb60baeac16b988b75], 
PUP.Optional.PriceMeter.A, C:\Users\Tanja\AppData\Local\PriceMeterLiveUpdate\CrashReports, In Quarantäne, [265dc08a8dfd6bcb60baeac16b988b75], 
PUP.Optional.SearchProtect.A, C:\Users\Tanja\AppData\Local\avaxvyyvyf, In Quarantäne, [add6351523674cea02b39b153cc7bb45], 

Dateien: 48
PUP.Optional.Conduit.A, C:\Users\Tanja\AppData\Roaming\OpenCandy\67D7F802E53F45C49DE239CC4E698DB2\SSStub_SearchProtect_p1v0.exe, In Quarantäne, [9be8a0aaa1e938fe0c4e99b016eb3fc1], 
PUP.Optional.OpenCandy.A, C:\Users\Tanja\AppData\Roaming\OpenCandy\954C30C7D6EC42E4BE02E292CE789D08\LatestDLMgr.exe, In Quarantäne, [30534802cbbfc27417245fda9d6423dd], 
PUP.Optional.SearchProtect.A, C:\Users\Tanja\AppData\Roaming\OpenCandy\96D61B66C5BA432EA6003A9104CEA45A\sp-downloader.exe, In Quarantäne, [fd86c08ab1d97fb7561fc5e948b9ea16], 
PUP.Optional.Linkury.A, C:\Users\Tanja\AppData\Roaming\OpenCandy\DA8501F22FF14E62B8C7C88D89A7FF37\Installer.exe, In Quarantäne, [602359f1226848ee916c3665a5607d83], 
PUP.Optional.PriceMeter.A, C:\Users\Tanja\AppData\Roaming\RHEng\0980BCC9F6404631A581F9397D399287\pm.exe, In Quarantäne, [81023d0d7e0c1c1abd38a8edac559d63], 
PUP.Optional.OpenCandy, C:\Users\Tanja\Downloads\cdbxp_setup_4.5.2.4214_minimal.exe, In Quarantäne, [5e253d0d98f2fa3c50acee31aa5650b0], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Local\OpenCandy\OpenCandy_{22565755-FEC4-4F2F-98E6-354974D6CB93}.dll, In Quarantäne, [443f58f2503af83e083d0d1216f0a759], 
PUP.Optional.PriceMeter.A, C:\Windows\System32\Tasks\pricemeterdownloader, In Quarantäne, [562dbf8b1476b77f62492fb338cb916f], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\48DFFFEEAA9B47588E7F09C239D41B62\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\5F83585EA07749CCAE659376F9F481AB\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\921321EEC1AF4D2D9739EDF9E0E77E90\TuneUp2014GER15day-de-DE-p4v1.exe, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\954C30C7D6EC42E4BE02E292CE789D08\3135.ico, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\954C30C7D6EC42E4BE02E292CE789D08\TuneUpUtilities2013-2200218_de-DE.exe, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.OpenCandy, C:\Users\Tanja\AppData\Roaming\OpenCandy\AE0FDCBB438E4C9FAF201DF94EB82B2B\SkypeSetupFull(590)trackable-6.18.0.105.exe, In Quarantäne, [7c07a6a4a9e1f145bdcdd99fc2410bf5], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\1.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\a.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\b.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\c.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\d.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\e.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\f.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\g.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\h.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\i.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\J.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\k.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\l.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\m.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\mru.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\n.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\o.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\p.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\q.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\r.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\s.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\t.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\u.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\v.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\w.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\x.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\y.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.PriceGong.A, C:\Users\Tanja\AppData\LocalLow\PriceGong\Data\z.xml, In Quarantäne, [c8bba3a701891b1bf7f6e7942bd80cf4], 
PUP.Optional.Datamngr.A, C:\Users\Tanja\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}64, In Quarantäne, [463dad9d3654e551d5dcb9c5000332ce], 
PUP.Optional.SearchProtect.A, C:\Windows\System32\config\systemprofile\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [aed5004a0c7e84b290babad315ee9967], 
PUP.Optional.SearchProtect.A, C:\Users\Tanja\AppData\Local\avaxvyyvyf\pvpqbjobmlpfqlovvawq, In Quarantäne, [add6351523674cea02b39b153cc7bb45], 
PUP.Optional.SearchProtect.A, C:\Users\Tanja\AppData\Local\avaxvyyvyf\rfobmlpfqlovvawq, In Quarantäne, [add6351523674cea02b39b153cc7bb45], 
PUP.Optional.SearchProtect.A, C:\Users\Tanja\AppData\Local\avaxvyyvyf\rpboobmlpfqlovvawq, In Quarantäne, [add6351523674cea02b39b153cc7bb45], 
PUP.Optional.SearchProtect.A, C:\Users\Tanja\AppData\Local\avaxvyyvyf\stb.dat, In Quarantäne, [add6351523674cea02b39b153cc7bb45], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v4.113 - Bericht erstellt 27/03/2015 um 19:15:27
# Aktualisiert 22/03/2015 von Xplode
# Datenbank : 2015-03-27.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Tanja - TANJA-PC
# Gestarted von : C:\Users\Tanja\Downloads\AdwCleaner_4.113.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : APNMCP

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files\VNT
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files\Common Files\ParetoLogic
Ordner Gelöscht : C:\Users\Tanja\AppData\Local\Temp\apn
Ordner Gelöscht : C:\Users\Tanja\AppData\Local\apn
Ordner Gelöscht : C:\Users\Tanja\AppData\Local\AskPartnerNetwork
Ordner Gelöscht : C:\Users\Tanja\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Tanja\AppData\Local\FileTypeAssistant
Ordner Gelöscht : C:\Users\Tanja\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Tanja\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Tanja\AppData\Local\VNT
Ordner Gelöscht : C:\Users\Tanja\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\Tanja\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Tanja\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\Tanja\AppData\Roaming\RHEng
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
Datei Gelöscht : C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
Datei Gelöscht : C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage
Datei Gelöscht : C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage-journal

***** [ Geplante Tasks ] *****

Task Gelöscht : paretologic registration3
Task Gelöscht : paretologic update version3
Task Gelöscht : pricemeterdownloader

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm
Schlüssel Gelöscht : HKCU\Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2857572
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{45F8961E-1314-421E-9F00-BDDE18CF8EA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4825ACAD-F495-4CDD-9603-9C91BABB2B88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5B60D1C0-453A-485D-AE91-61FAC9203719}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D1C6444C-CC06-4060-A486-736DEAFD9C16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8746A3A-A372-4C8B-96E5-B58F6474EB19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30D1E30D-B7F5-4C7A-8EDA-9F02966538A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89449F37-4AB2-46ED-A566-BB3A7797701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\Bitberry Software
Schlüssel Gelöscht : HKCU\Software\Bitberry
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\MGShareware
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\iLividSRTB
Schlüssel Gelöscht : HKLM\SOFTWARE\MGShareware
Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{657187F0-8B08-41D3-8468-813BB85AE09E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v


-\\ Google Chrome v41.0.2272.101


*************************

AdwCleaner[R0].txt - [7865 Bytes] - [27/03/2015 19:12:44]
AdwCleaner[S0].txt - [7787 Bytes] - [27/03/2015 19:15:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7846  Bytes] ##########
         

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 7 Home Premium x86
Ran by Tanja on 27.03.2015 at 19:26:49,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\freerip"
Successfully deleted: [Folder] "C:\Program Files\freerip3"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Tanja\appdata\local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.03.2015 at 19:31:48,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Tanja (administrator) on TANJA-PC on 27-03-2015 19:36:06
Running from C:\Users\Tanja\Downloads
Loaded Profiles: Tanja (Available profiles: Tanja)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
() C:\Users\Tanja\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7711264 2009-08-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [QuickTime Plugin Install] => C:\Program Files\QuickTime\Plugins\DeleteMe1.exe [86016 2014-11-10] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-22] (Google Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [Amazon Cloud Player] => C:\Users\Tanja\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [GoogleChromeAutoLaunch_FB2E67EEF5904AC634A7B3DA98460BC7] => C:\Program Files\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
Startup: C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=0003295F&OHP=about%3Ablank&OSP=
HKU\S-1-5-21-771618654-3341757510-301361698-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20100826144410
DPF: {D27CDB6E-AE6D-11CF-96B8-444555540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-771618654-3341757510-301361698-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-07-21] (Apple Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-23]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-10]
FF HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2014-07-19]

Chrome: 
=======
CHR HomePage: Default -> chrome://apps/
CHR StartupUrls: Default -> "chrome://apps/"
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\41.0.2272.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\41.0.2272.101\pdf.dll ()
CHR Plugin: (registryAccess) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.10.0_0\background/registryAccess.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\windows\system32\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Mein Ebay) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\amppmommjclmlfdjmfiblififijpigmd [2013-07-08]
CHR Extension: (Wetter von wetter.com) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgapkfcninhaogfjjoohaleiclbhjmnp [2013-06-25]
CHR Extension: (YouTube) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-16]
CHR Extension: (Facebook) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-06-25]
CHR Extension: (Google Search) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-16]
CHR Extension: (Color Tunnel) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\epkoakmabaognokfndhfaebaknjgnpgg [2013-06-25]
CHR Extension: (HopToShop Offers for Amazon.de) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgaibgbcnfjfjmnaclddkdkadlplcknb [2014-12-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R1 MpKslb05b225f; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98D33103-AD53-4BEB-B891-2D4E7123F73F}\MpKslb05b225f.sys [39464 2015-03-27] (Microsoft Corporation)
R0 PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Tanja\AppData\Local\Temp\catchme.sys [X]
S3 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 19:31 - 2015-03-27 19:31 - 00001192 _____ () C:\Users\Tanja\Desktop\JRT.txt
2015-03-27 19:25 - 2015-03-27 19:26 - 01388782 _____ (Thisisu) C:\Users\Tanja\Downloads\JRT (1).exe
2015-03-27 19:24 - 2015-03-27 19:25 - 01388782 _____ (Thisisu) C:\Users\Tanja\Downloads\JRT.exe
2015-03-27 19:12 - 2015-03-27 19:16 - 00000000 ____D () C:\AdwCleaner
2015-03-27 19:11 - 2015-03-27 19:11 - 02168320 _____ () C:\Users\Tanja\Downloads\AdwCleaner_4.113.exe
2015-03-27 19:06 - 2015-03-27 19:06 - 00021570 _____ () C:\Users\Tanja\Desktop\mbam.txt
2015-03-27 18:14 - 2015-03-27 19:21 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-27 18:13 - 2015-03-27 18:13 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-27 18:13 - 2015-03-27 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-27 18:12 - 2015-03-27 18:13 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-03-27 18:12 - 2015-03-27 18:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-27 18:12 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-03-27 18:12 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-03-27 18:12 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-03-27 18:10 - 2015-03-27 18:10 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Tanja\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-27 06:57 - 2015-03-27 06:57 - 00013817 _____ () C:\ComboFix.txt
2015-03-26 21:06 - 2015-03-26 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-26 20:35 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-03-26 20:35 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-03-26 20:35 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-03-26 20:35 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-03-26 20:35 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-03-26 20:35 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-03-26 20:35 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-03-26 20:35 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-03-26 20:31 - 2015-03-27 06:57 - 00000000 ____D () C:\Qoobox
2015-03-26 20:30 - 2015-03-26 21:14 - 00000000 ____D () C:\windows\erdnt
2015-03-26 20:26 - 2015-03-27 06:26 - 05615749 ____R (Swearware) C:\Users\Tanja\Downloads\ComboFix.exe
2015-03-26 20:08 - 2015-03-26 20:08 - 00001222 _____ () C:\Users\Tanja\Desktop\Revo Uninstaller.lnk
2015-03-26 20:08 - 2015-03-26 20:08 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-03-26 20:07 - 2015-03-26 20:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tanja\Downloads\revosetup95.exe
2015-03-26 16:00 - 2009-06-18 02:15 - 00214024 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfehidk.sys
2015-03-26 16:00 - 2009-06-18 02:15 - 00079816 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfeavfk.sys
2015-03-26 16:00 - 2009-06-18 02:15 - 00040552 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfesmfk.sys
2015-03-26 16:00 - 2009-06-18 02:15 - 00035272 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfebopk.sys
2015-03-26 16:00 - 2009-06-18 02:14 - 00034248 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mferkdk.sys
2015-03-26 16:00 - 2009-06-10 22:27 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2015-03-26 16:00 - 2009-04-09 06:23 - 00130424 _____ (McAfee, Inc.) C:\windows\system32\Drivers\Mpfp.sys
2015-03-26 15:59 - 2009-07-14 02:15 - 00606208 _____ (Microsoft Corporation) C:\windows\system32\mstime.dll
2015-03-26 15:59 - 2009-07-14 02:15 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\ieaksie.dll
2015-03-26 15:59 - 2009-07-14 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\system32\ieakeng.dll
2015-03-26 15:59 - 2009-07-14 02:15 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\corpol.dll
2015-03-26 15:59 - 2009-07-14 02:14 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\admparse.dll
2015-03-26 15:59 - 2009-07-14 02:05 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\ieakui.dll
2015-03-26 13:26 - 2015-03-26 13:28 - 00036091 _____ () C:\Users\Tanja\Downloads\Addition.txt
2015-03-26 13:23 - 2015-03-27 19:36 - 00020984 _____ () C:\Users\Tanja\Downloads\FRST.txt
2015-03-26 13:22 - 2015-03-27 19:36 - 00000000 ____D () C:\FRST
2015-03-26 13:22 - 2015-03-26 13:22 - 01135104 _____ (Farbar) C:\Users\Tanja\Downloads\FRST.exe
2015-03-26 07:39 - 2015-03-26 07:39 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Tanja\Downloads\SpyHunter-Installer.exe
2015-03-25 08:06 - 2015-03-25 08:06 - 05813872 _____ (ParetoLogic Inc.) C:\Users\Tanja\Downloads\ParetoLogic PC Health Advisor_de (1).exe
2015-03-25 08:01 - 2015-03-27 19:21 - 00000470 _____ () C:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-03-25 07:59 - 2015-03-25 07:59 - 05813872 _____ (ParetoLogic Inc.) C:\Users\Tanja\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-03-25 07:25 - 2015-03-11 04:30 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-25 07:25 - 2015-03-11 04:30 - 00534528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-25 07:25 - 2015-03-11 04:29 - 00818176 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-25 07:25 - 2015-03-11 04:29 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-25 07:25 - 2015-03-11 04:29 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-25 07:25 - 2015-03-11 04:29 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-25 07:25 - 2015-03-11 04:29 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-03-25 07:25 - 2015-03-11 04:26 - 00892928 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-14 22:07 - 2015-03-14 22:07 - 00131072 ____N () C:\windows\Minidump\031415-24273-01.dmp
2015-03-11 07:05 - 2015-02-26 04:11 - 02381312 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-11 07:05 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-11 07:05 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-11 07:05 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-11 07:05 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-11 07:05 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-11 07:05 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-11 07:05 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-11 07:05 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-11 07:05 - 2015-02-20 02:56 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-11 07:05 - 2015-02-20 02:50 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-11 07:05 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 07:05 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-11 07:05 - 2015-02-20 02:24 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-11 07:05 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-11 07:05 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-11 07:05 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-11 07:05 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-11 07:05 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-11 07:04 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-11 07:04 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-11 07:04 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-11 07:04 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-11 07:04 - 2015-02-20 03:22 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-11 07:04 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-11 07:04 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-11 07:04 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-11 07:04 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-11 07:04 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-11 07:04 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-11 07:04 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-11 07:04 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-11 07:04 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-11 07:04 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-11 07:04 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-11 07:03 - 2015-03-06 06:15 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-11 07:03 - 2015-03-06 06:15 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-11 07:03 - 2015-03-06 06:10 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-11 07:03 - 2015-03-06 06:10 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-11 07:03 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-11 07:03 - 2015-03-06 06:09 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-11 07:03 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-11 07:03 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-11 07:03 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-11 07:03 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-11 07:03 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-11 07:03 - 2015-02-20 05:13 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-11 07:03 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-11 07:03 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-11 07:03 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-11 07:03 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-11 07:03 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-11 07:03 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-11 07:03 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-11 07:03 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-11 07:02 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-03-11 07:02 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-11 07:02 - 2015-02-03 04:16 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-11 07:02 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-11 07:02 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-11 07:02 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-11 07:02 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-11 07:02 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-11 07:02 - 2015-02-03 04:11 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-11 07:02 - 2015-02-03 04:11 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-11 07:02 - 2015-02-03 04:10 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-11 07:02 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-11 07:02 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-11 07:02 - 2015-02-03 04:00 - 00593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-11 07:02 - 2015-02-03 03:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-11 07:02 - 2015-01-31 00:56 - 00370488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-11 07:02 - 2014-10-31 23:22 - 00521384 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-11 07:02 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-11 07:02 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-02-25 19:50 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 19:14 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-02-25 19:14 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-02-25 19:14 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 19:28 - 2009-07-14 05:34 - 00023328 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-27 19:28 - 2009-07-14 05:34 - 00023328 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-27 19:27 - 2010-01-30 09:57 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 19:21 - 2015-02-22 21:35 - 00000000 ___RD () C:\Users\Tanja\iCloudDrive
2015-03-27 19:21 - 2010-01-30 09:57 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 19:18 - 2009-09-22 06:48 - 01475832 _____ () C:\windows\PFRO.log
2015-03-27 19:18 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-27 19:18 - 2009-07-14 05:39 - 00299103 _____ () C:\windows\setupact.log
2015-03-27 19:17 - 2009-09-22 06:23 - 01074971 _____ () C:\windows\WindowsUpdate.log
2015-03-27 19:16 - 2009-12-08 00:59 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-03-27 19:05 - 2012-03-31 06:34 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-27 06:55 - 2009-07-14 03:04 - 00000215 _____ () C:\windows\system.ini
2015-03-26 21:15 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2015-03-26 21:15 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2015-03-26 13:10 - 2009-07-14 05:33 - 00508192 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-25 13:27 - 2009-07-26 21:06 - 01768124 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-25 08:12 - 2013-05-27 12:20 - 00000000 ____D () C:\ProgramData\tmp
2015-03-25 08:02 - 2010-08-16 14:00 - 00000792 _____ () C:\Users\Tanja\Desktop\Tanja Bilder.lnk
2015-03-25 08:02 - 2009-12-14 17:35 - 00000830 _____ () C:\Users\Tanja\Desktop\Tanja Mukke.lnk
2015-03-25 07:32 - 2014-12-10 19:31 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-25 07:32 - 2014-05-06 06:42 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-21 03:29 - 2013-06-04 19:24 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-17 19:31 - 2009-07-14 05:53 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-03-14 22:07 - 2010-05-30 07:42 - 00000000 ____D () C:\windows\Minidump
2015-03-11 19:19 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\de-DE
2015-03-11 14:14 - 2009-12-07 17:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 14:13 - 2013-08-14 06:24 - 00000000 ____D () C:\windows\system32\MRT
2015-03-11 14:03 - 2009-12-13 12:01 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-04 12:51 - 2014-02-06 13:36 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-03-04 12:51 - 2014-02-06 13:36 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-03-04 12:51 - 2014-02-06 13:36 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-03 14:16 - 2009-12-10 20:17 - 00246920 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-02-26 06:48 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\tracing

==================== Files in the root of some directories =======

2014-02-10 22:53 - 2014-02-10 22:53 - 49940480 _____ () C:\Program Files\GUTE0B6.tmp
2009-12-10 23:38 - 2009-12-10 23:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-12-07 17:09 - 2009-08-17 06:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2011-01-14 23:16 - 2011-01-14 23:16 - 0001302 _____ () C:\ProgramData\ss.ini
2011-01-14 23:40 - 2011-01-14 23:40 - 0000033 _____ () C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini

Some content of TEMP:
====================
C:\Users\Tanja\AppData\Local\Temp\avgnt.exe
C:\Users\Tanja\AppData\Local\Temp\Quarantine.exe
C:\Users\Tanja\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-04 20:34

==================== End Of Log ============================
         

--- --- ---

--- --- ---

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=68096e3c5fd96742829c886a0dc3089c
# engine=23127
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-28 03:23:56
# local_time=2015-03-28 04:23:56 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 3895356 50536630 0 0
# scanned=313627
# found=26
# cleaned=0
# scan_time=21204
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=AB31762F3BCC3D8537559AD59EB26AE815AE0E22 ft=1 fh=149d43decce434dd vn="Variante von Win32/KoyoteLab.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Free Easy CD DVD Burner\Uninstall.exe"
sh=99430247821AF6A8B385E288F791F4C26A39436E ft=1 fh=d5ff3706ae6a09b8 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVESVC\0000000B-E0117666"
sh=6A6CA09722A86C33E2031B98060E57E88AE6C9C5 ft=1 fh=7bae33dce34c97fa vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\CltMngSvc.exe.vir"
sh=43BD899383C16FF427302905B59E5E5DFA837B81 ft=1 fh=e0114720b91227bd vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\CltMngSvc.exe_1416205403509.vir"
sh=1BC2BA11E8D9DFFF477707C793ABD89BF4B68FEE ft=1 fh=3e593d00866d36a6 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll.vir"
sh=BABAA9D2D0D64FBF3C88668F26B22A93D4223E16 ft=1 fh=36eefebfc07d73f2 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1417547267958.vir"
sh=5DF10841473271A690CDDF6305AE3A2F7607C342 ft=1 fh=70e5f3401d95849e vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1418754618147.vir"
sh=AD800D0EBF9B7169810538490B9AF3A6553B59E8 ft=1 fh=8056c44a101b25c4 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1420723850449.vir"
sh=6E60B8A3B784B1202D129EDC1C8B9C965DFF89C4 ft=1 fh=d510ac3e9d038def vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1422990812144.vir"
sh=D0D7C464F9B094452AEE4273F4B295EDDA02D19C ft=1 fh=55ec89fd9650db0f vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1423592762025.vir"
sh=DC173E4CA9E558B877ACEC454690F98611407198 ft=1 fh=c9eec9b299fdb2ca vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1426703228382.vir"
sh=C639C256ECC7974148B700393A9FACF7A9D053C8 ft=1 fh=076a354365aa5755 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1427221604731.vir"
sh=CA76B7B37AD368EC2094AA63276A5F5129020F6B ft=1 fh=1e5337dd1d4f80a4 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\uninstall.exe.vir"
sh=DF7D1E1D143988D96F7071F72C5981A31139414D ft=1 fh=11fa7746d136e493 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\uninstall.pun.vir"
sh=900BA5D7AE47B15EFC21C9D9B2893C5568676EB5 ft=1 fh=af2ba701a78e6d55 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=D1A9FA01C9D2B1D5D1DC4301F3F5F45BF19528DB ft=1 fh=3d29f08c65b4cd2a vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\RN32.dll.vir"
sh=169D84336428DE18F65704D9D1FDDBC8221709B1 ft=1 fh=291a6a19ee79429d vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPtool64.exe.vir"
sh=23C98323FF057CC792FFFF0BFB97CCD500D03FFC ft=1 fh=b0a949916bb5d935 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\VC32.dll.vir"
sh=D43A721B6576248DACEEEC78B539D68E45F03793 ft=1 fh=d3ea5a2930d4593e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\VC64.dll.vir"
sh=F119DF0DA40D0817A6F14A1E2AC21727A7186930 ft=1 fh=73eba970b06f05d8 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir"
sh=5778DC496E9CE6E9A286BDEDAD2A833944550146 ft=1 fh=2f34cdc66f58cb36 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=99430247821AF6A8B385E288F791F4C26A39436E ft=1 fh=d5ff3706ae6a09b8 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Avira\AntiVir Desktop\TEMP\AVESVC\0000000B-E0117666"
sh=566095531FD328C3054D52C571431D0305103E40 ft=1 fh=0e5c76553bbccf7f vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tanja\Downloads\supereasy_driver_updater_1.1.1_7870 (1).exe"
sh=99494F1A58D941E623698D5ED4E3D3CB73D6FD88 ft=1 fh=f97cef5fd46b6798 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=68096e3c5fd96742829c886a0dc3089c
# engine=23130
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-29 12:29:00
# local_time=2015-03-29 01:29:00 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 3931660 50569334 0 0
# scanned=341463
# found=31
# cleaned=30
# scan_time=32601
sh=99430247821AF6A8B385E288F791F4C26A39436E ft=1 fh=d5ff3706ae6a09b8 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Avira\AntiVir Desktop\TEMP\AVESVC\0000000B-E0117666"
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=AB31762F3BCC3D8537559AD59EB26AE815AE0E22 ft=1 fh=149d43decce434dd vn="Variante von Win32/KoyoteLab.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files\Free Easy CD DVD Burner\Uninstall.exe"
sh=99430247821AF6A8B385E288F791F4C26A39436E ft=1 fh=d5ff3706ae6a09b8 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVESVC\0000000B-E0117666"
sh=6A6CA09722A86C33E2031B98060E57E88AE6C9C5 ft=1 fh=7bae33dce34c97fa vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\CltMngSvc.exe.vir"
sh=43BD899383C16FF427302905B59E5E5DFA837B81 ft=1 fh=e0114720b91227bd vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\CltMngSvc.exe_1416205403509.vir"
sh=1BC2BA11E8D9DFFF477707C793ABD89BF4B68FEE ft=1 fh=3e593d00866d36a6 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll.vir"
sh=BABAA9D2D0D64FBF3C88668F26B22A93D4223E16 ft=1 fh=36eefebfc07d73f2 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1417547267958.vir"
sh=5DF10841473271A690CDDF6305AE3A2F7607C342 ft=1 fh=70e5f3401d95849e vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1418754618147.vir"
sh=AD800D0EBF9B7169810538490B9AF3A6553B59E8 ft=1 fh=8056c44a101b25c4 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1420723850449.vir"
sh=6E60B8A3B784B1202D129EDC1C8B9C965DFF89C4 ft=1 fh=d510ac3e9d038def vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1422990812144.vir"
sh=D0D7C464F9B094452AEE4273F4B295EDDA02D19C ft=1 fh=55ec89fd9650db0f vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1423592762025.vir"
sh=DC173E4CA9E558B877ACEC454690F98611407198 ft=1 fh=c9eec9b299fdb2ca vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1426703228382.vir"
sh=C639C256ECC7974148B700393A9FACF7A9D053C8 ft=1 fh=076a354365aa5755 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\sptool.dll_1427221604731.vir"
sh=CA76B7B37AD368EC2094AA63276A5F5129020F6B ft=1 fh=1e5337dd1d4f80a4 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\uninstall.exe.vir"
sh=DF7D1E1D143988D96F7071F72C5981A31139414D ft=1 fh=11fa7746d136e493 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\uninstall.pun.vir"
sh=900BA5D7AE47B15EFC21C9D9B2893C5568676EB5 ft=1 fh=af2ba701a78e6d55 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=D1A9FA01C9D2B1D5D1DC4301F3F5F45BF19528DB ft=1 fh=3d29f08c65b4cd2a vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\RN32.dll.vir"
sh=169D84336428DE18F65704D9D1FDDBC8221709B1 ft=1 fh=291a6a19ee79429d vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPtool64.exe.vir"
sh=23C98323FF057CC792FFFF0BFB97CCD500D03FFC ft=1 fh=b0a949916bb5d935 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\VC32.dll.vir"
sh=D43A721B6576248DACEEEC78B539D68E45F03793 ft=1 fh=d3ea5a2930d4593e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\VC64.dll.vir"
sh=F119DF0DA40D0817A6F14A1E2AC21727A7186930 ft=1 fh=73eba970b06f05d8 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir"
sh=5778DC496E9CE6E9A286BDEDAD2A833944550146 ft=1 fh=2f34cdc66f58cb36 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=566095531FD328C3054D52C571431D0305103E40 ft=1 fh=0e5c76553bbccf7f vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Tanja\Downloads\supereasy_driver_updater_1.1.1_7870 (1).exe"
sh=99494F1A58D941E623698D5ED4E3D3CB73D6FD88 ft=1 fh=f97cef5fd46b6798 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=A27BFBB4988E87828C8448A2EE5A6D1CC925BA2E ft=1 fh=ec9b5e18e14751a4 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Tanja Mukke\Musik Volker Kuwait\Ice Age 3 Dawn Of The Dinosaurs {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe"
sh=3B7EE7BDEA0D16B59E4E3D802ED67ED41950DDCB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 40.zip"
sh=E6E59885AE24FF89AA4E4DE638003AE7294D233C ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 41.zip"
sh=C3B72244A22DA8E120B09330B2384A4BFAE30631 ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 42.zip"
sh=5C9FA52603D1F003AB1E956DF6A2C378BAFC15C0 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 53.zip"
         

Code: Alles auswählenAufklappen

ATTFilter

Results of screen317's Security Check version 0.99.97  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
  (On Access scanning disabled!) 
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 31  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 	16.0.0.305  
 Adobe Reader XI  
 Google Chrome (41.0.2272.101) 
 Google Chrome (41.0.2272.89) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Tanja (administrator) on TANJA-PC on 29-03-2015 09:53:39
Running from C:\Users\Tanja\Downloads
Loaded Profiles: Tanja &  (Available profiles: Tanja)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
() C:\Users\Tanja\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7711264 2009-08-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [QuickTime Plugin Install] => C:\Program Files\QuickTime\Plugins\DeleteMe1.exe [86016 2014-11-10] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-22] (Google Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [Amazon Cloud Player] => C:\Users\Tanja\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [GoogleChromeAutoLaunch_FB2E67EEF5904AC634A7B3DA98460BC7] => C:\Program Files\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-22] (Google Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Cloud Player] => C:\Users\Tanja\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_FB2E67EEF5904AC634A7B3DA98460BC7] => C:\Program Files\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
Startup: C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=0003295F&OHP=about%3Ablank&OSP=
HKU\S-1-5-21-771618654-3341757510-301361698-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-4300-7A786E7484D7} -> "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20100826144410
DPF: {D27CDB6E-AE6D-11CF-96B8-444555540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-771618654-3341757510-301361698-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Tanja\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-07-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-07-21] (Apple Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-23]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-11]
FF HKU\S-1-5-21-771618654-3341757510-301361698-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2014-07-20]
FF HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff

Chrome: 
=======
CHR HomePage: Default -> chrome://apps/
CHR StartupUrls: Default -> "chrome://apps/"
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\41.0.2272.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\41.0.2272.101\pdf.dll ()
CHR Plugin: (registryAccess) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.10.0_0\background/registryAccess.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\windows\system32\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Mein Ebay) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\amppmommjclmlfdjmfiblififijpigmd [2013-07-08]
CHR Extension: (Wetter von wetter.com) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgapkfcninhaogfjjoohaleiclbhjmnp [2013-06-25]
CHR Extension: (YouTube) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-16]
CHR Extension: (Facebook) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-06-25]
CHR Extension: (Google Search) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-16]
CHR Extension: (Color Tunnel) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\epkoakmabaognokfndhfaebaknjgnpgg [2013-06-25]
CHR Extension: (HopToShop Offers for Amazon.de) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgaibgbcnfjfjmnaclddkdkadlplcknb [2014-12-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R0 PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Tanja\AppData\Local\Temp\catchme.sys [X]
S3 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 09:47 - 2015-03-29 09:47 - 00852604 _____ () C:\Users\Tanja\Downloads\SecurityCheck.exe
2015-03-28 17:24 - 2015-03-28 17:24 - 02347384 _____ (ESET) C:\Users\Tanja\Downloads\esetsmartinstaller_deu (1).exe
2015-03-28 11:25 - 2015-03-28 11:25 - 02347384 _____ (ESET) C:\Users\Tanja\Downloads\esetsmartinstaller_deu.exe
2015-03-28 10:35 - 2015-03-28 10:35 - 00050905 _____ () C:\Users\Tanja\Downloads\cine_passbook.pkpass
2015-03-27 20:31 - 2015-03-27 20:31 - 00001192 _____ () C:\Users\Tanja\Desktop\JRT.txt
2015-03-27 20:25 - 2015-03-27 20:26 - 01388782 _____ (Thisisu) C:\Users\Tanja\Downloads\JRT (1).exe
2015-03-27 20:24 - 2015-03-27 20:25 - 01388782 _____ (Thisisu) C:\Users\Tanja\Downloads\JRT.exe
2015-03-27 20:12 - 2015-03-27 20:16 - 00000000 ____D () C:\AdwCleaner
2015-03-27 20:11 - 2015-03-27 20:11 - 02168320 _____ () C:\Users\Tanja\Downloads\AdwCleaner_4.113.exe
2015-03-27 20:06 - 2015-03-27 20:06 - 00021570 _____ () C:\Users\Tanja\Desktop\mbam.txt
2015-03-27 19:14 - 2015-03-29 08:40 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-27 19:13 - 2015-03-27 19:13 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-27 19:13 - 2015-03-27 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-27 19:12 - 2015-03-27 19:13 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-03-27 19:12 - 2015-03-27 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-27 19:12 - 2015-03-17 07:15 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-03-27 19:12 - 2015-03-17 07:15 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-03-27 19:12 - 2015-03-17 07:15 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-03-27 19:10 - 2015-03-27 19:10 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Tanja\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-27 07:57 - 2015-03-27 07:57 - 00013817 _____ () C:\ComboFix.txt
2015-03-26 22:06 - 2015-03-26 22:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-26 21:35 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2015-03-26 21:35 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2015-03-26 21:35 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-03-26 21:35 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-03-26 21:35 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-03-26 21:35 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2015-03-26 21:35 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2015-03-26 21:35 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2015-03-26 21:31 - 2015-03-27 07:57 - 00000000 ____D () C:\Qoobox
2015-03-26 21:30 - 2015-03-26 22:14 - 00000000 ____D () C:\windows\erdnt
2015-03-26 21:26 - 2015-03-27 07:26 - 05615749 ____R (Swearware) C:\Users\Tanja\Downloads\ComboFix.exe
2015-03-26 21:08 - 2015-03-26 21:08 - 00001222 _____ () C:\Users\Tanja\Desktop\Revo Uninstaller.lnk
2015-03-26 21:08 - 2015-03-26 21:08 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-03-26 21:07 - 2015-03-26 21:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tanja\Downloads\revosetup95.exe
2015-03-26 17:00 - 2009-06-18 03:15 - 00214024 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfehidk.sys
2015-03-26 17:00 - 2009-06-18 03:15 - 00079816 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfeavfk.sys
2015-03-26 17:00 - 2009-06-18 03:15 - 00040552 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfesmfk.sys
2015-03-26 17:00 - 2009-06-18 03:15 - 00035272 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfebopk.sys
2015-03-26 17:00 - 2009-06-18 03:14 - 00034248 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mferkdk.sys
2015-03-26 17:00 - 2009-06-10 23:27 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2015-03-26 17:00 - 2009-04-09 07:23 - 00130424 _____ (McAfee, Inc.) C:\windows\system32\Drivers\Mpfp.sys
2015-03-26 16:59 - 2009-07-14 03:15 - 00606208 _____ (Microsoft Corporation) C:\windows\system32\mstime.dll
2015-03-26 16:59 - 2009-07-14 03:15 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\ieaksie.dll
2015-03-26 16:59 - 2009-07-14 03:15 - 00126976 _____ (Microsoft Corporation) C:\windows\system32\ieakeng.dll
2015-03-26 16:59 - 2009-07-14 03:15 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\corpol.dll
2015-03-26 16:59 - 2009-07-14 03:14 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\admparse.dll
2015-03-26 16:59 - 2009-07-14 03:05 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\ieakui.dll
2015-03-26 14:26 - 2015-03-26 14:28 - 00036091 _____ () C:\Users\Tanja\Downloads\Addition.txt
2015-03-26 14:23 - 2015-03-29 09:53 - 00024262 _____ () C:\Users\Tanja\Downloads\FRST.txt
2015-03-26 14:22 - 2015-03-29 09:53 - 00000000 ____D () C:\FRST
2015-03-26 14:22 - 2015-03-26 14:22 - 01135104 _____ (Farbar) C:\Users\Tanja\Downloads\FRST.exe
2015-03-26 08:39 - 2015-03-26 08:39 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Tanja\Downloads\SpyHunter-Installer.exe
2015-03-25 09:06 - 2015-03-25 09:06 - 05813872 _____ (ParetoLogic Inc.) C:\Users\Tanja\Downloads\ParetoLogic PC Health Advisor_de (1).exe
2015-03-25 09:01 - 2015-03-28 10:14 - 00000470 _____ () C:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-03-25 08:59 - 2015-03-25 08:59 - 05813872 _____ (ParetoLogic Inc.) C:\Users\Tanja\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-03-25 08:25 - 2015-03-11 05:30 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-25 08:25 - 2015-03-11 05:30 - 00534528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-25 08:25 - 2015-03-11 05:29 - 00818176 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-25 08:25 - 2015-03-11 05:29 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-25 08:25 - 2015-03-11 05:29 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-25 08:25 - 2015-03-11 05:29 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-25 08:25 - 2015-03-11 05:29 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-03-25 08:25 - 2015-03-11 05:26 - 00892928 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-14 23:07 - 2015-03-14 23:07 - 00131072 ____N () C:\windows\Minidump\031415-24273-01.dmp
2015-03-11 08:05 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-11 08:05 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-11 08:05 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-11 08:05 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-11 08:05 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-11 08:05 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-11 08:05 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-11 08:05 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-11 08:05 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-11 08:05 - 2015-02-20 03:56 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-11 08:05 - 2015-02-20 03:50 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-11 08:05 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 08:05 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-11 08:05 - 2015-02-20 03:24 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-11 08:05 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-11 08:05 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-11 08:05 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-11 08:05 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-11 08:05 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-11 08:04 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-11 08:04 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-11 08:04 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-11 08:04 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-11 08:04 - 2015-02-20 04:22 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-11 08:04 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-11 08:04 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-11 08:04 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-11 08:04 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-11 08:04 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-11 08:04 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-11 08:04 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-11 08:04 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-11 08:04 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-11 08:04 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-11 08:04 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-11 08:03 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-11 08:03 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-11 08:03 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-11 08:03 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-11 08:03 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-11 08:03 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-11 08:03 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-11 08:03 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-11 08:03 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-11 08:03 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-11 08:03 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-11 08:03 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-11 08:03 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-11 08:03 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-11 08:03 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-11 08:03 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-11 08:03 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-11 08:03 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-11 08:03 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-11 08:03 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-11 08:03 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-11 08:03 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-11 08:03 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-11 08:03 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-11 08:03 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-11 08:03 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-11 08:03 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-11 08:03 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-11 08:03 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-11 08:02 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-03-11 08:02 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-11 08:02 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-11 08:02 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-11 08:02 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-11 08:02 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-11 08:02 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-11 08:02 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-11 08:02 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-11 08:02 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-11 08:02 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-11 08:02 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-11 08:02 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-11 08:02 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-11 08:02 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-11 08:02 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-11 08:02 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-11 08:02 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-11 08:02 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-11 08:02 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-11 08:02 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-11 08:02 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-11 08:02 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-11 08:02 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-11 08:02 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\windows\system32\ci.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 09:27 - 2010-01-30 10:57 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-29 09:08 - 2009-09-22 07:23 - 01196360 _____ () C:\windows\WindowsUpdate.log
2015-03-29 09:05 - 2012-03-31 07:34 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-29 06:27 - 2010-01-30 10:57 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-29 02:17 - 2013-08-14 21:56 - 00000000 ____D () C:\Program Files\Free Easy CD DVD Burner
2015-03-28 11:29 - 2009-07-26 22:06 - 01768124 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-28 10:22 - 2009-07-14 06:34 - 00023328 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-28 10:22 - 2009-07-14 06:34 - 00023328 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-28 10:16 - 2015-02-22 22:35 - 00000000 ___RD () C:\Users\Tanja\iCloudDrive
2015-03-28 10:13 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-28 10:13 - 2009-07-14 06:39 - 00299159 _____ () C:\windows\setupact.log
2015-03-27 21:46 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache
2015-03-27 20:18 - 2009-09-22 07:48 - 01475832 _____ () C:\windows\PFRO.log
2015-03-27 20:16 - 2009-12-08 01:59 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-03-27 07:55 - 2009-07-14 04:04 - 00000215 _____ () C:\windows\system.ini
2015-03-26 22:15 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2015-03-26 22:15 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2015-03-26 14:10 - 2009-07-14 06:33 - 00508192 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-25 09:12 - 2013-05-27 13:20 - 00000000 ____D () C:\ProgramData\tmp
2015-03-25 09:02 - 2010-08-16 15:00 - 00000792 _____ () C:\Users\Tanja\Desktop\Tanja Bilder.lnk
2015-03-25 09:02 - 2009-12-14 18:35 - 00000830 _____ () C:\Users\Tanja\Desktop\Tanja Mukke.lnk
2015-03-25 08:32 - 2014-12-10 20:31 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-25 08:32 - 2014-05-06 07:42 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-21 04:29 - 2013-06-04 20:24 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-17 20:31 - 2009-07-14 06:53 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-03-14 23:07 - 2010-05-30 08:42 - 00000000 ____D () C:\windows\Minidump
2015-03-11 20:19 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2015-03-11 15:14 - 2009-12-07 18:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 15:13 - 2013-08-14 07:24 - 00000000 ____D () C:\windows\system32\MRT
2015-03-11 15:03 - 2009-12-13 13:01 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-04 13:51 - 2014-02-06 14:36 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-03-04 13:51 - 2014-02-06 14:36 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-03-04 13:51 - 2014-02-06 14:36 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-03 15:16 - 2009-12-10 21:17 - 00246920 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-02-10 23:53 - 2014-02-10 23:53 - 49940480 _____ () C:\Program Files\GUTE0B6.tmp
2009-12-11 00:38 - 2009-12-11 00:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-12-07 18:09 - 2009-08-17 07:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2011-01-15 00:16 - 2011-01-15 00:16 - 0001302 _____ () C:\ProgramData\ss.ini
2011-01-15 00:40 - 2011-01-15 00:40 - 0000033 _____ () C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini

Some content of TEMP:
====================
C:\Users\Tanja\AppData\Local\Temp\avgnt.exe
C:\Users\Tanja\AppData\Local\Temp\Quarantine.exe
C:\Users\Tanja\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-27 21:38

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

Hallo Schrauber,

Problem, weswegen ich diese Seite von Euch kontaktet habe ist schon lange behoben -zum Glück... :-)
Dachte nicht, dass da aber soviel andere Sachen im Hintergrund sind, die stören oder gar Schaden anrichten. Wie gesagt ich bin der volle Laie!
Umso mehr begeistert es mich, dass es Menschen wie Euch gibt!!!!!
Gefühlt läuft mein PC nun wieder mit der Geschwindigkeit eines Neuen.... ;-)
Herzlichen Dank dafür!!!!!

Gruß
Tanja

Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

C:\Users\Tanja\Downloads\supereasy_driver_updater_1.1.1_7870 (1).exe

C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll

F:\Tanja Mukke\Musik Volker Kuwait\Ice Age 3 Dawn Of The Dinosaurs {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe

F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 40.zip

F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 41.zip

F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 42.zip

F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 53.zip
HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .

• Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  
• Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
• Klicke auf OK.
  Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
• Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.

• Schließe alle offenen Programme.
• Starte die delfix.exe mit einem Doppelklick.
• Setze vor jede Funktion ein Häkchen.
• Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Code: Alles auswählenAufklappen

ATTFilter

Running from C:\Users\Tanja\Downloads
Loaded Profiles: Tanja &  (Available profiles: Tanja)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Users\Tanja\Downloads\supereasy_driver_updater_1.1.1_7870 (1).exe

C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll

F:\Tanja Mukke\Musik Volker Kuwait\Ice Age 3 Dawn Of The Dinosaurs {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe

F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 40.zip

F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 41.zip

F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 42.zip

F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 53.zip
HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Emptytemp:
*****************

"C:\Users\Tanja\Downloads\supereasy_driver_updater_1.1.1_7870 (1).exe" => File/Directory not found.
"C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll" => File/Directory not found.
"F:\Tanja Mukke\Musik Volker Kuwait\Ice Age 3 Dawn Of The Dinosaurs {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe" => File/Directory not found.
"F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 40.zip" => File/Directory not found.
"F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 41.zip" => File/Directory not found.
"F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 42.zip" => File/Directory not found.
"F:\TANJA-PC\Backup Set 2015-03-26 215225\Backup Files 2015-03-26 215225\Backup files 53.zip" => File/Directory not found.
"HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-771618654-3341757510-301361698-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
EmptyTemp: => Removed 1.5 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 10:19:11 ====
         

fertig

Ich danke Dir wirklich von ganzem Herzen!!!! Ohne Dich hätte ich echt ein riesiges Problem gehabt, wie es scheint....

Danke, danke, danke!!!!
Gruß Tanja

Gern Geschehen