Delfix sollte Combofix auch restlos entfernen. Las mal TFC laufen, wenn sich Mozilla nicht bessert deinstallieren, keine Daten behalten, neu installieren.

Mache ich.Du kannst den Thread dann aus deinen Abos löschen.

Zitat:

Zitat von schrauber

Delfix sollte Combofix auch restlos entfernen. Las mal TFC laufen, wenn sich Mozilla nicht bessert deinstallieren, keine Daten behalten, neu installieren.

Ich habe TFC laufen lassen und als ich Mozilla geöffnet habe hatte ich mysearchdeal.com drauf.Ein Problem löst also das andere ab.

Hast Du firefox komplett deinstalliert und neu installiert wie beschrieben? Zur Not nochmal adwCleaner laden und laufen lassen

Zitat:

Zitat von schrauber

Hast Du firefox komplett deinstalliert und neu installiert wie beschrieben? Zur Not nochmal adwCleaner laden und laufen lassen

Firefox habe ich deinstalliert und dann neu installiert.Dann AdwCleaner laufen lassen aber Firefox bleibt langsam.

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.304 - Datei am 05/07/2013 um 18:39:28 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Rene - RENE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Rene\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\c85uxq6e.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Mick\AppData\Roaming\Mozilla\Firefox\Profiles\l0hptffk.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.22] : icon_url = "hxxp://start.mysearchdial.com/favicon.ico",
Gelöscht [l.25] : keyword = "mysearchdial.com",
Gelöscht [l.29] : search_url = "hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2Xzu[...]

Datei : C:\Users\Mick\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.3] : urls_to_restore_on_startup = [ "hxxp://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1[...]
Gelöscht [l.29] : search_url = "hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2Xzu[...]
Gelöscht [l.576] : homepage = "hxxp://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AtAtAyD[...]

*************************

AdwCleaner[S1].txt - [7421 octets] - [05/07/2013 18:16:13]
AdwCleaner[S2].txt - [1836 octets] - [05/07/2013 18:33:37]
AdwCleaner[S3].txt - [1767 octets] - [05/07/2013 18:39:28]

########## EOF - C:\AdwCleaner[S3].txt - [1827 octets] ##########
         

poste mal bitte ein frisches FRST Log

Zitat:

Zitat von schrauber

poste mal bitte ein frisches FRST Log

Ich habe jetzt Firefox zurück gesetzt und er läuft wieder normal.Soll ich trotzdem noch ein FRST Log machen ?Kannst du daran sehen ob mysearchdeal wirklich gelöscht wurde?

ja einfach schnell ein frisches FRST log, ich schau kurz drüber

Zitat:

Zitat von schrauber

ja einfach schnell ein frisches FRST log, ich schau kurz drüber

Zur Zeit läuft alles normal.Ich habe die Programme die du empfohlen hast installiert.


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Rene (administrator) on 06-07-2013 10:09:36
Running from C:\Users\Rene\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Entriq, Inc.) C:\Program Files (x86)\maxdome\DCBin\DCService.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(ashampoo GmbH & Co. KG) C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe
() C:\Users\Rene\AppData\Local\Viber\Viber.exe
() C:\Program Files (x86)\maxdome\DCBin\DCTrayApp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\RunOnce: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey [443688 2011-05-26] (CyberLink)
HKCU\...\Run: [AshSnap] C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe [1721344 2011-04-14] (ashampoo GmbH & Co. KG)
HKCU\...\Run: [Viber] "C:\Users\Rene\AppData\Local\Viber\Viber.exe" StartMinimized [906240 2013-05-08] ()
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKLM-x32\...\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [HKCU] C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\maxdome Download Manager.lnk
ShortcutTarget: maxdome Download Manager.lnk -> C:\Program Files (x86)\maxdome\DCBin\DCTrayApp.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {7F083AC7-9F6F-0BD2-6D53-37902E95250C} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AtAtAyDyDtBtA0C0CtDtN0D0Tzu0CyDyDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1314905676&ir=
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {118E3EA8-DABB-42BF-DCC5-29C776E632D8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AtAtAyDyDtBtA0C0CtDtN0D0Tzu0CyDyDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1314905676&ir=
SearchScopes: HKCU - {7F083AC7-9F6F-0BD2-6D53-37902E95250C} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AtAtAyDyDtBtA0C0CtDtN0D0Tzu0CyDyDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1314905676&ir=
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 2012\SPMIEToolbar.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\9b5jgj3h.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] C:\Program Files (x86)\Steganos Password Manager 2012\spmplugin3
FF HKCU\...\Firefox\Extensions: [addlyrics@addlyrics.net] C:\Program Files (x86)\AddLyrics\FF\

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Prosieben; C:\Program Files (x86)\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] ()
S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [x]
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-31] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-06 10:09 - 2013-07-06 10:09 - 01934636 ____A (Farbar) C:\Users\Rene\Downloads\FRST64.exe
2013-07-06 10:09 - 2013-07-06 10:09 - 00000000 ____D C:\FRST
2013-07-06 09:06 - 2013-07-06 09:06 - 00376576 ____A C:\Users\Rene\Downloads\wot_safe_surfing-20130515-fx.zip
2013-07-06 08:57 - 2013-07-06 09:02 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-07-06 08:57 - 2013-07-06 08:57 - 04095448 ____A (BrightFort LLC                                              ) C:\Users\Rene\Downloads\spywareblastersetup50.exe
2013-07-06 08:57 - 2013-07-06 08:57 - 00001083 ____A C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-07-06 08:57 - 2013-07-06 08:57 - 00000000 ____D C:\ProgramData\Licenses
2013-07-06 08:57 - 2009-03-24 12:52 - 00129872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2013-07-06 08:49 - 2013-07-06 08:49 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-06 08:49 - 2013-07-06 08:49 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Malwarebytes
2013-07-06 08:49 - 2013-07-06 08:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-06 08:49 - 2013-07-06 08:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-06 08:49 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-06 08:48 - 2013-07-06 08:48 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Rene\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-06 08:44 - 2013-07-06 08:44 - 00001073 ____A C:\Users\Rene\Desktop\Secunia PSI.lnk
2013-07-06 08:44 - 2013-07-06 08:44 - 00001073 ____A C:\Users\Rene\Desktop\Secunia PSI (2).lnk
2013-07-06 08:41 - 2013-07-06 08:42 - 00262440 ____A C:\Windows\msxml4-KB2758694-enu.LOG
2013-07-06 08:33 - 2013-07-06 08:33 - 02434048 ____A C:\Users\Rene\Downloads\msxml(2).msi
2013-07-06 08:32 - 2013-07-06 08:32 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-06 08:32 - 2013-07-06 08:32 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-06 08:32 - 2013-07-06 08:32 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-06 08:32 - 2013-07-06 08:32 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-06 08:32 - 2013-07-06 08:32 - 00001145 ____A C:\Users\Rene\Desktop\Secunia - Verknüpfung.lnk
2013-07-06 08:32 - 2013-07-06 08:32 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-06 08:31 - 2013-07-06 08:31 - 00312232 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-07-06 08:31 - 2013-07-06 08:31 - 00189352 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-07-06 08:31 - 2013-07-06 08:31 - 00188840 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-07-06 08:31 - 2013-07-06 08:31 - 00108968 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-07-06 08:31 - 2013-07-06 08:31 - 00000000 ____D C:\Program Files\Java
2013-07-06 08:29 - 2013-07-06 08:29 - 02434048 ____A C:\Users\Rene\Downloads\msxml(1).msi
2013-07-06 08:28 - 2013-07-06 08:28 - 02434048 ____A C:\Users\Rene\Downloads\msxml.msi
2013-07-06 08:26 - 2013-07-06 08:26 - 00000000 ____D C:\Users\Rene\AppData\Local\Secunia PSI
2013-07-06 08:25 - 2013-07-06 08:25 - 03270960 ____A (Secunia) C:\Users\Rene\Downloads\PSISetup7009(1).exe
2013-07-06 08:25 - 2013-07-06 08:25 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-07-06 08:23 - 2013-07-06 08:23 - 03270960 ____A (Secunia) C:\Users\Rene\Downloads\PSISetup7009.exe
2013-07-06 07:54 - 2013-07-06 07:54 - 00000000 ____D C:\Users\Rene\AppData\Local\{400DD2F4-FF49-46DC-98C4-835FB09916EE}
2013-07-05 18:51 - 2013-07-05 18:52 - 00001956 ____A C:\AdwCleaner[S4].txt
2013-07-05 18:39 - 2013-07-05 18:40 - 00001896 ____A C:\AdwCleaner[S3].txt
2013-07-05 18:33 - 2013-07-05 18:34 - 00001836 ____A C:\AdwCleaner[S2].txt
2013-07-05 18:28 - 2013-07-05 18:28 - 00001151 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-05 18:28 - 2013-07-05 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-05 18:27 - 2013-07-05 18:27 - 21703480 ____A (Mozilla) C:\Users\Rene\Downloads\Firefox Setup 22.0.exe
2013-07-05 18:27 - 2013-07-05 18:27 - 21703480 ____A (Mozilla) C:\Users\Rene\Downloads\Firefox Setup 22.0 (1).exe
2013-07-05 18:16 - 2013-07-05 18:16 - 00007421 ____A C:\AdwCleaner[S1].txt
2013-07-05 18:15 - 2013-07-05 18:15 - 00650027 ____A C:\Users\Rene\Desktop\adwcleaner.exe
2013-07-05 18:11 - 2013-07-06 10:03 - 00000616 ____A C:\Windows\setupact.log
2013-07-05 18:11 - 2013-07-05 18:52 - 00002444 ____A C:\Windows\PFRO.log
2013-07-05 18:11 - 2013-07-05 18:11 - 00000000 ____A C:\Windows\setuperr.log
2013-07-05 13:15 - 2013-07-05 13:15 - 00423709 ____A C:\Users\Rene\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-07-05 13:15 - 2013-07-05 13:15 - 00000844 ____A C:\Users\Rene\Desktop\Temp File Cleaner.lnk
2013-07-05 13:15 - 2013-07-05 13:15 - 00000000 ____D C:\Users\Rene\AppData\Roaming\addpcs
2013-07-05 13:15 - 2013-07-05 13:15 - 00000000 ____D C:\Program Files\Temp File Cleaner
2013-07-05 09:46 - 2013-07-05 09:46 - 00001010 ____A C:\DelFix.txt
2013-07-05 07:49 - 2013-07-05 07:50 - 00000000 ____D C:\Users\Rene\AppData\Local\{9B1DB4DD-8A55-43AE-8040-FEE958852706}
2013-07-04 13:01 - 2013-07-05 09:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-04 09:19 - 2013-07-04 09:19 - 00000098 ____A C:\Windows\DeleteOnReboot.bat
2013-07-04 09:15 - 2013-07-04 09:15 - 00001120 ____A C:\Users\Rene\Desktop\Continue Zip Opener Installation.lnk
2013-07-04 09:14 - 2013-07-04 09:14 - 00793536 ____A C:\Users\Rene\Desktop\ZipOpenerSetup.exe
2013-07-03 18:26 - 2013-07-05 09:43 - 00000000 ____D C:\Windows\erdnt
2013-06-26 10:48 - 2013-07-06 10:05 - 00000000 ____D C:\Users\Rene\AppData\Roaming\ViberPC
2013-06-26 10:48 - 2013-07-06 10:05 - 00000000 ____D C:\Users\Rene\AppData\Local\Viber
2013-06-26 10:48 - 2013-06-26 10:48 - 00001056 ____A C:\Users\Rene\Desktop\Viber.lnk
2013-06-17 15:12 - 2013-06-17 15:12 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-17 15:12 - 2013-06-17 15:12 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-15 05:25 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 05:25 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 05:25 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 05:25 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 05:25 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 05:25 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 05:25 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 05:25 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 05:25 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 05:25 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 05:25 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 05:25 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 10:54 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 10:54 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 10:54 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 10:54 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 10:54 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 10:54 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 10:54 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 10:54 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 10:54 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 10:54 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 10:54 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 10:54 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 10:54 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 10:54 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 10:54 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 10:54 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 10:54 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 10:54 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 10:54 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 09:00 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 09:00 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 09:00 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 09:00 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 09:00 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 09:00 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 09:00 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 09:00 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 09:00 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 09:00 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 09:00 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 09:00 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 09:00 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 09:00 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 09:00 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 09:00 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 09:00 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 09:00 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 09:00 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll

==================== One Month Modified Files and Folders =======

2013-07-06 10:09 - 2013-07-06 10:09 - 01934636 ____A (Farbar) C:\Users\Rene\Downloads\FRST64.exe
2013-07-06 10:09 - 2013-07-06 10:09 - 00000000 ____D C:\FRST
2013-07-06 10:07 - 2009-07-14 06:45 - 00017152 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-06 10:07 - 2009-07-14 06:45 - 00017152 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-06 10:05 - 2013-06-26 10:48 - 00000000 ____D C:\Users\Rene\AppData\Roaming\ViberPC
2013-07-06 10:05 - 2013-06-26 10:48 - 00000000 ____D C:\Users\Rene\AppData\Local\Viber
2013-07-06 10:03 - 2013-07-05 18:11 - 00000616 ____A C:\Windows\setupact.log
2013-07-06 10:03 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-06 09:16 - 2012-03-29 12:52 - 01205628 ____A C:\Windows\WindowsUpdate.log
2013-07-06 09:06 - 2013-07-06 09:06 - 00376576 ____A C:\Users\Rene\Downloads\wot_safe_surfing-20130515-fx.zip
2013-07-06 09:02 - 2013-07-06 08:57 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-07-06 08:57 - 2013-07-06 08:57 - 04095448 ____A (BrightFort LLC                                              ) C:\Users\Rene\Downloads\spywareblastersetup50.exe
2013-07-06 08:57 - 2013-07-06 08:57 - 00001083 ____A C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-07-06 08:57 - 2013-07-06 08:57 - 00000000 ____D C:\ProgramData\Licenses
2013-07-06 08:49 - 2013-07-06 08:49 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-06 08:49 - 2013-07-06 08:49 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Malwarebytes
2013-07-06 08:49 - 2013-07-06 08:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-06 08:49 - 2013-07-06 08:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-06 08:48 - 2013-07-06 08:48 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Rene\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-06 08:44 - 2013-07-06 08:44 - 00001073 ____A C:\Users\Rene\Desktop\Secunia PSI.lnk
2013-07-06 08:44 - 2013-07-06 08:44 - 00001073 ____A C:\Users\Rene\Desktop\Secunia PSI (2).lnk
2013-07-06 08:43 - 2012-03-30 20:17 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-06 08:42 - 2013-07-06 08:41 - 00262440 ____A C:\Windows\msxml4-KB2758694-enu.LOG
2013-07-06 08:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-07-06 08:38 - 2011-05-16 16:04 - 00654602 ____A C:\Windows\System32\perfh007.dat
2013-07-06 08:38 - 2011-05-16 16:04 - 00130216 ____A C:\Windows\System32\perfc007.dat
2013-07-06 08:38 - 2009-07-14 07:13 - 01521350 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-06 08:33 - 2013-07-06 08:33 - 02434048 ____A C:\Users\Rene\Downloads\msxml(2).msi
2013-07-06 08:33 - 2012-01-24 00:33 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-07-06 08:32 - 2013-07-06 08:32 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-06 08:32 - 2013-07-06 08:32 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-06 08:32 - 2013-07-06 08:32 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-06 08:32 - 2013-07-06 08:32 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-06 08:32 - 2013-07-06 08:32 - 00001145 ____A C:\Users\Rene\Desktop\Secunia - Verknüpfung.lnk
2013-07-06 08:32 - 2013-07-06 08:32 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-06 08:32 - 2012-01-24 01:44 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-07-06 08:32 - 2011-07-18 23:13 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-06 08:31 - 2013-07-06 08:31 - 00312232 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-07-06 08:31 - 2013-07-06 08:31 - 00189352 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-07-06 08:31 - 2013-07-06 08:31 - 00188840 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-07-06 08:31 - 2013-07-06 08:31 - 00108968 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-07-06 08:31 - 2013-07-06 08:31 - 00000000 ____D C:\Program Files\Java
2013-07-06 08:31 - 2012-01-24 01:44 - 01093032 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
2013-07-06 08:31 - 2011-07-18 23:14 - 00972712 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-07-06 08:30 - 2012-01-24 01:42 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-06 08:29 - 2013-07-06 08:29 - 02434048 ____A C:\Users\Rene\Downloads\msxml(1).msi
2013-07-06 08:28 - 2013-07-06 08:28 - 02434048 ____A C:\Users\Rene\Downloads\msxml.msi
2013-07-06 08:26 - 2013-07-06 08:26 - 00000000 ____D C:\Users\Rene\AppData\Local\Secunia PSI
2013-07-06 08:25 - 2013-07-06 08:25 - 03270960 ____A (Secunia) C:\Users\Rene\Downloads\PSISetup7009(1).exe
2013-07-06 08:25 - 2013-07-06 08:25 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-07-06 08:23 - 2013-07-06 08:23 - 03270960 ____A (Secunia) C:\Users\Rene\Downloads\PSISetup7009.exe
2013-07-06 07:54 - 2013-07-06 07:54 - 00000000 ____D C:\Users\Rene\AppData\Local\{400DD2F4-FF49-46DC-98C4-835FB09916EE}
2013-07-06 07:52 - 2012-03-29 12:51 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-05 18:52 - 2013-07-05 18:51 - 00001956 ____A C:\AdwCleaner[S4].txt
2013-07-05 18:52 - 2013-07-05 18:11 - 00002444 ____A C:\Windows\PFRO.log
2013-07-05 18:40 - 2013-07-05 18:39 - 00001896 ____A C:\AdwCleaner[S3].txt
2013-07-05 18:34 - 2013-07-05 18:33 - 00001836 ____A C:\AdwCleaner[S2].txt
2013-07-05 18:28 - 2013-07-05 18:28 - 00001151 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-05 18:28 - 2013-07-05 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-05 18:28 - 2013-05-17 21:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-05 18:27 - 2013-07-05 18:27 - 21703480 ____A (Mozilla) C:\Users\Rene\Downloads\Firefox Setup 22.0.exe
2013-07-05 18:27 - 2013-07-05 18:27 - 21703480 ____A (Mozilla) C:\Users\Rene\Downloads\Firefox Setup 22.0 (1).exe
2013-07-05 18:16 - 2013-07-05 18:16 - 00007421 ____A C:\AdwCleaner[S1].txt
2013-07-05 18:15 - 2013-07-05 18:15 - 00650027 ____A C:\Users\Rene\Desktop\adwcleaner.exe
2013-07-05 18:11 - 2013-07-05 18:11 - 00000000 ____A C:\Windows\setuperr.log
2013-07-05 13:15 - 2013-07-05 13:15 - 00423709 ____A C:\Users\Rene\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-07-05 13:15 - 2013-07-05 13:15 - 00000844 ____A C:\Users\Rene\Desktop\Temp File Cleaner.lnk
2013-07-05 13:15 - 2013-07-05 13:15 - 00000000 ____D C:\Users\Rene\AppData\Roaming\addpcs
2013-07-05 13:15 - 2013-07-05 13:15 - 00000000 ____D C:\Program Files\Temp File Cleaner
2013-07-05 12:23 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-05 09:46 - 2013-07-05 09:46 - 00001010 ____A C:\DelFix.txt
2013-07-05 09:46 - 2013-07-04 13:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 09:43 - 2013-07-03 18:26 - 00000000 ____D C:\Windows\erdnt
2013-07-05 08:13 - 2012-03-29 12:56 - 00000000 ____D C:\users\Rene
2013-07-05 07:50 - 2013-07-05 07:49 - 00000000 ____D C:\Users\Rene\AppData\Local\{9B1DB4DD-8A55-43AE-8040-FEE958852706}
2013-07-04 16:29 - 2013-02-06 15:56 - 00002070 ____A C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-04 16:29 - 2013-02-06 15:56 - 00000000 ____D C:\ProgramData\Avira
2013-07-04 09:19 - 2013-07-04 09:19 - 00000098 ____A C:\Windows\DeleteOnReboot.bat
2013-07-04 09:15 - 2013-07-04 09:15 - 00001120 ____A C:\Users\Rene\Desktop\Continue Zip Opener Installation.lnk
2013-07-04 09:14 - 2013-07-04 09:14 - 00793536 ____A C:\Users\Rene\Desktop\ZipOpenerSetup.exe
2013-07-03 18:55 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-07-03 18:50 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-07-03 15:02 - 2013-03-24 19:54 - 00000000 ____D C:\Users\Rene\AppData\Local\DoNotTrackPlus
2013-07-03 10:11 - 2012-04-01 19:32 - 00000000 ____D C:\Users\Mick\AppData\Roaming\SoftGrid Client
2013-07-02 17:37 - 2012-03-30 14:57 - 00000000 ____D C:\Users\Rene\AppData\Roaming\SoftGrid Client
2013-06-27 14:24 - 2013-05-07 11:54 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-26 10:48 - 2013-06-26 10:48 - 00001056 ____A C:\Users\Rene\Desktop\Viber.lnk
2013-06-17 15:12 - 2013-06-17 15:12 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-17 15:12 - 2013-06-17 15:12 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-15 12:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-15 05:21 - 2013-02-20 21:01 - 00701952 ____A C:\Users\Mick\Desktop\Arbeitsplan.xls
2013-06-12 20:43 - 2012-03-30 20:17 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 20:43 - 2011-12-01 23:26 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 10:54 - 2011-07-18 22:31 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-08 16:08 - 2013-06-15 05:25 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 05:25 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 05:25 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 05:25 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 05:25 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 05:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 05:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 05:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 05:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 05:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 05:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 05:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 15:53

==================== End Of Log ============================
         

--- --- ---

Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {7F083AC7-9F6F-0BD2-6D53-37902E95250C} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AtAtAyDyDtBtA0C0CtDtN0D0Tzu0CyDyDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1314905676&ir=
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {118E3EA8-DABB-42BF-DCC5-29C776E632D8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AtAtAyDyDtBtA0C0CtDtN0D0Tzu0CyDyDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1314905676&ir=
SearchScopes: HKCU - {7F083AC7-9F6F-0BD2-6D53-37902E95250C} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AtAtAyDyDtBtA0C0CtDtN0D0Tzu0CyDyDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1314905676&ir=
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [addlyrics@addlyrics.net] C:\Program Files (x86)\AddLyrics\FF\
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Fix Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Nach mehreren Versuchen hab ich es endlich.

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-07-2013
Ran by Rene at 2013-07-06 15:18:33 Run:1
Running from C:\Users\Rene\Downloads\1
Boot Mode: Normal
==============================================

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F083AC7-9F6F-0BD2-6D53-37902E95250C} => Key deleted successfully.
HKCR\CLSID\{7F083AC7-9F6F-0BD2-6D53-37902E95250C} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{118E3EA8-DABB-42BF-DCC5-29C776E632D8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{118E3EA8-DABB-42BF-DCC5-29C776E632D8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F083AC7-9F6F-0BD2-6D53-37902E95250C} => Key deleted successfully.
HKCR\CLSID\{7F083AC7-9F6F-0BD2-6D53-37902E95250C} => Key not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} => Moved successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\addlyrics@addlyrics.net => Value deleted successfully.

==== End of Fixlog ====
         

Noch Probleme?

Zitat:

Zitat von schrauber

Noch Probleme?

Guten Morgen Schrauber,
keine Probleme mehr.Meinst du wir sind fertig?

Jap, enfach nochmal DelFix laden und laufen lassen