Trojaner-Board
Seite 1 von 4 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Netbook,Windows 7Starter läuft langsam oder reagiert gar nicht mehr (https://www.trojaner-board.de/153085-netbook-windows-7starter-laeuft-langsam-reagiert-gar-mehr.html)

tubaca 26.04.2014 16:53
Netbook,Windows 7Starter läuft langsam oder reagiert gar nicht mehr
 
Hallo!
Ich hoffe,mir kann in diesem Forum jemand helfen.Muss noch dazu sagen ,das ich Laie in Sachen Computer bin und daher kaum Fachausdrücke verstehe,deswegen drücke ich mich vielleicht etwas ungeschickt aus,aber ich versuche es:
Mein Netbook ist von Packard Bell und etwa 1 1/2 Jahre alt.Installiert ist Windows7 Starter.
Ich hatte vom ersten Tag an das Problem,das sich Seiten nur langsam öffneten ,das Bild einfror und ich nicht scrollen konnte und sich die Maus nicht bewegte.Auf Facebook habe ich ständig die Meldung "Google Chrom keine Rückmeldung".Wenn ich Mozilla oder Internet Explorer benutze habe ich dasselbe Problem.Wenn ich nicht im Internet bin läuft der Computer besser,aber immer noch langsam.Wenn ich zB eine PDF Datei öffnen will dauert es auch da bis zu 5 Minuten.Das kann doch nicht normal sein.
Ich habe vor 6 Wochen "Tune up Utilities" installiert,allerdings eine Version von 2012 und da funktioniert bei mir gar nichts.Ausserdem habe ich das kostenlose Antivirenprogramm von Avira aus dem Internet downgeloaded.
Weil die Probleme ja schon da waren,als das Gerät neu was,ist es vielleicht ein Hardwareproblem,bzw.habe ich nicht genug Geld (270€)investiert?
Ich habe noch ein halbes Jahr Garantie auf das Gerät.
Hat jemand einen Rat?Bin dankbar für jede Anregung.

schrauber 26.04.2014 16:55
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


tubaca 27.04.2014 06:08
Hallo,
ich habe die FRST 32-Bit Version angeklickt.Ich konnte nirgends SCAN finden,deswegen habe ich das ganze gedownloaded und eine Überprüfung durchgeführt,ich dachte ,das wäre damit gemeint.Es wurden 166 Infektionen gefunden .
Kannst Du mir bitte genauer sagen,was ich tun muss..
Danke,tubaca

schrauber 28.04.2014 07:17
Du hast auf irgend ne Werbung geklickt und irgend einen Mist geladen. FRST scannt nicht nach Malware udn zeigt auch keine Funde an.

Was auch immer Du geladen hast, lösch es und lade das richtige Programm aus dem Link.

tubaca 28.04.2014 10:14
Wenn ich den Link anklicke kommt bei mir die Seite "Farbar recovery scan tool FRST",und da steht was von FilePony.de drüber.Da gibt es eine Menge anzuklicken,aber ein SCAN Button ist nicht dabei.

schrauber 28.04.2014 19:28
Nein, du must ja erst das Tool laden. rechts auf den kleinen Download Button oben. in der Mitte kommt dann ein Schriftzug Download wird vorbereitet, dieser wechselt zu Download:FRST.exe, dann muss Du auf das Wort FRST klicken.

tubaca 29.04.2014 05:58
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-04-2014
Ran by hühne at 2014-04-29 06:48:41
Running from C:\Users\hühne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.0) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Advanced System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12594 - Systweak Software) <==== ATTENTION
Akhra: The Treasures (Version: 2.2.0.98 - WildTangent) Hidden
Alice's Magical Mahjong (Version: 2.2.0.98 - WildTangent) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bejeweled 3 (Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
Chuzzle Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Diego's Ultimate Rescue (Version: 2.2.0.95 - WildTangent) Hidden
DVDVideoSoftTB DE Toolbar (HKLM\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
eBay Worldwide (HKLM\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Elements 9 Organizer (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (Version: 1.0 - Adobe Systems Incorporated) Hidden
ETDWare PS/2-X86 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
Final Drive: Nitro (Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)
Fooz Kids (Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Green Moon (Version: 3.0.2.32 - WildTangent) Hidden
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Inbox Toolbar (HKLM\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 2.0.1.90 - Xacti, LLC)
Insaniquarium Deluxe (Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1065 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: 5.1.7 - Packard Bell)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 17.0 (x86 de) (HKLM\...\Mozilla Firefox 17.0 (x86 de)) (Version: 17.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 17.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Toolbar for Chrome (Dist. by iMesh, Inc.) (HKLM\...\imeshmusicboxtoolbar181CR) (Version: 1.8.1.0 - IAC Search and Media) <==== ATTENTION
Music Toolbar for Internet Explorer (Dist. by iMesh, Inc.) (HKLM\...\imeshmusicboxtoolbar181IE) (Version: 1.8.1.0 - IAC Search and Media) <==== ATTENTION
My Farm Life (Version: 2.2.0.97 - WildTangent) Hidden
My Kingdom for the Princess 3 (Version: 2.2.0.98 - WildTangent) Hidden
Mysearchdial (HKLM\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
Norton Online Backup (HKLM\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Packard Bell Games (HKLM\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Packard Bell)
Packard Bell ScreenSaver (HKLM\...\Packard Bell Screensaver) (Version: 1.1.0124.2011 - Packard Bell )
Packard Bell Social Networks (HKLM\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Packard Bell)
PC Speed Maximizer v3.2 (HKLM\...\PC Speed Maximizer_is1) (Version: 3.2 - SoftCity)
Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Price Metar (remove only) (HKCU\...\Price Metar) (Version: 1.0.7.5 - Price Meter) <==== ATTENTION
QuickTime (HKLM\...\{BFD96B89-B769-4CD6-B11E-E79FFD46F067}) (Version: 7.4.1.14 - Apple Inc.)
Raccolta foto di Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6374 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
RegClean Pro (HKLM\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Running Sheep (Version: 2.2.0.98 - WildTangent) Hidden
Skip-Bo - Castaway Caper (Version: 2.2.0.95 - WildTangent) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
Spielkanäle (Version: 6.2.0.5 - WildTangent, Inc.) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Super Granny 6 (Version: 2.2.0.97 - WildTangent) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TuneUp Utilities 2012 (HKLM\...\TuneUp Utilities 2012) (Version: 12.0.3010.8 - TuneUp Software)
TuneUp Utilities 2012 (Version: 12.0.3010.8 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.193 - TuneUp Software) Hidden
Update for PriceMeter (HKCU\...\Price Meter Updater) (Version:  - Update for PriceMeter) <==== ATTENTION
Update Installer for WildTangent Games App (Version:  - WildTangent) Hidden
Video Web Camera (HKLM\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.)
Video Web Camera (Version: 1.5.2108.00 - CyberLink Corp.) Hidden
Wedding Dash (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM\...\Packard Bell Welcome Center) (Version: 1.02.3504 - Packard Bell)
WildTangent Games App (Version: 4.0.10.5 - WildTangent) Hidden
WildTangent-Spiele (HKLM\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows Live Argazki Galeria (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip Malware Protector (HKLM\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
Συλλογή φωτογραφιών του Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {011612BB-CE25-4AF3-B150-56EAC707D463} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe [2014-01-21] (Systweak Inc) <==== ATTENTION
Task: {0FAECACF-632F-419F-BB63-DA9170E57870} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-15] (Google Inc.)
Task: {141CB661-0DC8-4089-9BD8-18F5094CA855} - System32\Tasks\AppSafe => C:\Program Files\AppSafe\AppSafe.exe [2014-02-18] ()
Task: {16F8777F-0EAB-4CF3-B21F-CFC1806C8BA4} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {177862CC-CD17-41DE-A8E4-67C4D7B7E3F6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {1A05C9AD-39F6-436A-BC34-142E8ADD245C} - System32\Tasks\Advanced System Protector => C:\Program Files\RegClean Pro\SystweakASP.exe [2014-01-17] (Systweak Inc                                                ) <==== ATTENTION
Task: {2023DFA5-662D-4E8D-8088-4AFF7C80CF18} - System32\Tasks\Packard Bell Registration - Reminder Recall task => C:\Program Files\Packard Bell\Registration\GREG.exe
Task: {236682D9-5118-4C34-A8A7-978874ED24F4} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {25D2C075-05DD-4079-ACDD-4614A56BE3ED} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe [2014-01-21] (Systweak Inc) <==== ATTENTION
Task: {5C445E9F-2E47-4630-A798-C26EB7F55D34} - System32\Tasks\pricemetertask => C:\Users\hühne\AppData\Local\PriceMeter\TEMP\pricemeter.exe <==== ATTENTION
Task: {5CF5D191-2A2A-4575-AF43-240DBA08B085} - System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe [2014-04-25] (PriceMeter) <==== ATTENTION
Task: {67BB2B3E-C860-438A-AB09-6782DCBC173C} - System32\Tasks\{99408AD1-F002-4A4A-AE07-C2F5EAE20F02} => C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe [2012-02-09] (TuneUp Software)
Task: {902515A4-98B4-489D-96DD-7EB312C88473} - System32\Tasks\Advanced System Protector_startup => C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe [2014-02-28] (Systweak) <==== ATTENTION
Task: {91A111BC-B357-4711-9313-F201C25BE0F6} - System32\Tasks\Price Meter Updater => C:\Users\hühne\AppData\Roaming\PriceMeterUpdater\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {A8BC8710-6C4E-4E45-9613-C879C6D95970} - System32\Tasks\MySearchDial => C:\Users\hühne\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {B68D5099-E8B3-4AB5-9D33-1FB64DF808B4} - System32\Tasks\PC Speed Maximizer Schedule => C:\Program Files\PC Speed Maximizer\SPMLauncher.exe [2014-04-22] (Smart PC Solutions)
Task: {B7C21230-A714-4516-8178-6B16F20A316A} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe [2014-01-21] (Systweak Inc) <==== ATTENTION
Task: {D16A7E7F-190A-414A-9352-AB514DF3E2A0} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06] (Adobe Systems Incorporated)
Task: {D565442C-59DF-452E-9062-C328FD609ABC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files\TuneUp Utilities 2012\OneClick.exe [2012-02-09] (TuneUp Software)
Task: {DD8B562A-E19C-43B3-B172-68F9A6033B56} - System32\Tasks\AppCloudUpdater => C:\Users\HHNE~1\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {DD8B882C-805F-47F9-9B16-256E9C1C70DA} - System32\Tasks\pricemeterdownloader => C:\Users\hühne\AppData\Local\PriceMeter\pricemeterd.exe [2014-04-13] (PriceMeter) <==== ATTENTION
Task: {E017D806-5951-4648-ACB9-29B5FA3DEE99} - System32\Tasks\pricemeterwatcher => C:\Users\hühne\AppData\Local\PriceMeter\pricemeterw.exe [2014-04-13] (PriceMeter) <==== ATTENTION
Task: {E03EB1A8-C2F7-4E18-B7C9-BDE9EEA3D6DF} - System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe [2014-04-25] (PriceMeter) <==== ATTENTION
Task: {E2451EFF-2257-4F6C-82DC-79E26220AB22} - System32\Tasks\{43BEE18A-01EE-4DCA-88A4-45ABBE261F75} => C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe [2012-02-09] (TuneUp Software)
Task: {EC13A888-0038-4ABA-A01A-1E7BC0A478EE} - System32\Tasks\AdobeAAMUpdater-1.0-hühne-PC-hühne => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {F43AEB63-60FD-4207-BF89-2662CDDF8F2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-15] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AppCloudUpdater.job => C:\Users\HHNE~1\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\AppSafe.job => C:\Program Files\AppSafe\AppSafe.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\HHNE~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Packard Bell Registration - Reminder Recall task.job => C:\Program Files\Packard Bell\Registration\GREG.exe
Task: C:\Windows\Tasks\Price Meter Updater.job => C:\Users\HHNE~1\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job => C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-08-14 12:19 - 2013-08-14 12:02 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2014-02-18 20:01 - 2014-02-18 20:01 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a8176b15f1c50897f0572d1c79e8f898\IsdiInterop.ni.dll
2011-12-16 13:26 - 2010-11-06 10:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-02-18 18:11 - 2014-02-18 18:11 - 06665216 _____ () C:\Program Files\AppSafe\AppSafe.exe
2013-12-18 11:56 - 2013-12-18 11:56 - 00479232 _____ () C:\Program Files\AppSafe\IrsoDLL.dll
2014-04-26 21:28 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files\WinZip Malware Protector\System.Data.SQLite.dll
2014-04-26 21:28 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files\WinZip Malware Protector\aspsys.dll
2014-04-26 21:28 - 2013-02-28 16:53 - 00168448 _____ () C:\Program Files\WinZip Malware Protector\UNRAR.DLL
2014-04-29 06:24 - 2014-04-29 06:24 - 00011264 _____ () C:\Users\HHNE~1\AppData\Local\Temp\nsxBFEA.tmp\System.dll
2014-04-29 06:24 - 2014-04-29 06:24 - 00013312 _____ () C:\Users\HHNE~1\AppData\Local\Temp\nsxBFEA.tmp\UAC.dll
2014-04-29 06:25 - 2014-04-29 06:25 - 00025088 _____ () C:\Users\HHNE~1\AppData\Local\Temp\nsd58FE.tmp\registry.dll
2014-04-29 06:25 - 2014-04-29 06:25 - 00011264 _____ () C:\Users\HHNE~1\AppData\Local\Temp\nsd58FE.tmp\System.dll
2014-04-29 06:25 - 2014-04-29 06:25 - 00013312 _____ () C:\Users\HHNE~1\AppData\Local\Temp\nsd58FE.tmp\UAC.dll
2014-04-29 06:25 - 2014-04-29 06:25 - 00009728 _____ () C:\Users\HHNE~1\AppData\Local\Temp\nsd58FE.tmp\nsDialogs.dll
2014-04-29 06:26 - 2014-04-29 06:26 - 00011776 _____ () C:\Users\HHNE~1\AppData\Local\Temp\nsd58FE.tmp\nsisXML.dll
2014-01-08 00:15 - 2014-01-08 00:15 - 01888624 _____ () C:\Users\HHNE~1\AppData\Local\Temp\nsd58FE.tmp\Helper.DLL
2014-04-29 06:28 - 2014-04-22 15:26 - 00490008 _____ () C:\Program Files\Music Toolbar\Datamngr\apcrtldr.dll
2014-04-29 06:29 - 2014-04-22 15:26 - 00020504 _____ () C:\Program Files\Music Toolbar\Datamngr\mgrldr.dll
2014-04-13 11:21 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-13 11:21 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-13 11:21 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-13 11:21 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-13 11:22 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-13 11:21 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-13 11:22 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/27/2014 00:37:26 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Inbox.exe, Version: 2.0.1.90, Zeitstempel: 0x5278e439
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96a4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001b243
ID des fehlerhaften Prozesses: 0xe5c
Startzeit der fehlerhaften Anwendung: 0xInbox.exe0
Pfad der fehlerhaften Anwendung: Inbox.exe1
Pfad des fehlerhaften Moduls: Inbox.exe2
Berichtskennung: Inbox.exe3

Error: (04/25/2014 04:39:44 PM) (Source: MsiInstaller) (User: hühne-PC)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\PriceMeterLiveUpdate\Update\1.3.23.0\GoogleUpdateHelper.msi

Error: (04/24/2014 08:36:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: OneClick.exe, Version: 12.0.3010.8, Zeitstempel: 0x4f33f79f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb10c6
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x1274
Startzeit der fehlerhaften Anwendung: 0xOneClick.exe0
Pfad der fehlerhaften Anwendung: OneClick.exe1
Pfad des fehlerhaften Moduls: OneClick.exe2
Berichtskennung: OneClick.exe3

Error: (04/23/2014 01:35:22 PM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 34.0.1847.116 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2c4

Startzeit: 01cf5ed053f304ce

Endzeit: 15

Anwendungspfad: C:\Program Files\Google\Chrome\Application\chrome.exe

Berichts-ID: 4fb3b60b-cadb-11e3-a9a9-047d7b257425

Error: (04/21/2014 08:31:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: EnergyOptimizer.exe, Version: 12.0.3010.8, Zeitstempel: 0x4f33f7b7
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb10c6
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x1308
Startzeit der fehlerhaften Anwendung: 0xEnergyOptimizer.exe0
Pfad der fehlerhaften Anwendung: EnergyOptimizer.exe1
Pfad des fehlerhaften Moduls: EnergyOptimizer.exe2
Berichtskennung: EnergyOptimizer.exe3

Error: (04/17/2014 08:29:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 11:38:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2014 08:24:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: GameConsole-wt.exe, Version: 4.0.34.17, Zeitstempel: 0x531fa18a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c3873
ID des fehlerhaften Prozesses: 0x15e0
Startzeit der fehlerhaften Anwendung: 0xGameConsole-wt.exe0
Pfad der fehlerhaften Anwendung: GameConsole-wt.exe1
Pfad des fehlerhaften Moduls: GameConsole-wt.exe2
Berichtskennung: GameConsole-wt.exe3

Error: (04/15/2014 04:21:02 PM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 34.0.1847.116 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1710

Startzeit: 01cf58b13126c4a7

Endzeit: 731

Anwendungspfad: C:\Program Files\Google\Chrome\Application\chrome.exe

Berichts-ID: 1a87cb4c-c4a9-11e3-a624-047d7b257425

Error: (04/13/2014 11:14:38 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: OneClick.exe, Version: 12.0.3010.8, Zeitstempel: 0x4f33f79f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb10c6
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x9bc
Startzeit der fehlerhaften Anwendung: 0xOneClick.exe0
Pfad der fehlerhaften Anwendung: OneClick.exe1
Pfad des fehlerhaften Moduls: OneClick.exe2
Berichtskennung: OneClick.exe3


System errors:
=============
Error: (04/29/2014 06:44:14 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.

Error: (04/29/2014 06:33:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Datamngr Coordinator" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/29/2014 06:18:16 AM) (Source: DCOM) (User: )
Description: {8D73A258-9787-4AE7-9232-41036673FD0E}

Error: (04/29/2014 06:17:51 AM) (Source: Service Control Manager) (User: )
Description: Dienst "PriceMeterLiveUpdate Service (pricemeterliveUpdate)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/29/2014 06:17:23 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TrustedInstaller erreicht.

Error: (04/29/2014 06:16:42 AM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{4DDD6EE6-5063-41FB-B82E-B39603367DF4} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (04/28/2014 07:09:12 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (04/28/2014 07:08:43 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Google Update-Dienst (gupdate)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/27/2014 08:49:19 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.

Error: (04/27/2014 06:50:14 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.


Microsoft Office Sessions:
=========================
Error: (04/27/2014 00:37:26 AM) (Source: Application Error)(User: )
Description: Inbox.exe2.0.1.905278e439RPCRT4.dll6.1.7601.1820551db96a4c00000050001b243e5c01cf61624e1e6752C:\Program Files\Inbox Toolbar\Inbox.exeC:\Windows\system32\RPCRT4.dll56c29e7c-cd93-11e3-a9a9-047d7b257425

Error: (04/25/2014 04:39:44 PM) (Source: MsiInstaller)(User: hühne-PC)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\PriceMeterLiveUpdate\Update\1.3.23.0\GoogleUpdateHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/24/2014 08:36:54 PM) (Source: Application Error)(User: )
Description: OneClick.exe12.0.3010.84f33f79fKERNELBASE.dll6.1.7601.1822951fb10c60eedfade0000812f127401cf5fec15e97dacC:\Program Files\TuneUp Utilities 2012\OneClick.exeC:\Windows\system32\KERNELBASE.dll68549c07-cbdf-11e3-a9a9-047d7b257425

Error: (04/23/2014 01:35:22 PM) (Source: Application Hang)(User: )
Description: chrome.exe34.0.1847.1162c401cf5ed053f304ce15C:\Program Files\Google\Chrome\Application\chrome.exe4fb3b60b-cadb-11e3-a9a9-047d7b257425

Error: (04/21/2014 08:31:07 PM) (Source: Application Error)(User: )
Description: EnergyOptimizer.exe12.0.3010.84f33f7b7KERNELBASE.dll6.1.7601.1822951fb10c60eedfade0000812f130801cf5d8fc27f015aC:\Program Files\TuneUp Utilities 2012\EnergyOptimizer.exeC:\Windows\system32\KERNELBASE.dll1a0480e7-c983-11e3-a9a9-047d7b257425

Error: (04/17/2014 08:29:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 11:38:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2014 08:24:26 PM) (Source: Application Error)(User: )
Description: GameConsole-wt.exe4.0.34.17531fa18antdll.dll6.1.7601.18247521ea91cc0000374000c387315e001cf58d7e7027e2cC:\Program Files\WildTangent Games\App\GameConsole-wt.exeC:\Windows\SYSTEM32\ntdll.dll2ca70214-c4cb-11e3-a624-047d7b257425

Error: (04/15/2014 04:21:02 PM) (Source: Application Hang)(User: )
Description: chrome.exe34.0.1847.116171001cf58b13126c4a7731C:\Program Files\Google\Chrome\Application\chrome.exe1a87cb4c-c4a9-11e3-a624-047d7b257425

Error: (04/13/2014 11:14:38 AM) (Source: Application Error)(User: )
Description: OneClick.exe12.0.3010.84f33f79fKERNELBASE.dll6.1.7601.1822951fb10c60eedfade0000812f9bc01cf56f5056c38efC:\Program Files\TuneUp Utilities 2012\OneClick.exeC:\Windows\system32\KERNELBASE.dll090b0b5b-c2ec-11e3-a624-047d7b257425


==================== Memory info ===========================

Percentage of memory in use: 92%
Total physical RAM: 1012.3 MB
Available physical RAM: 72.39 MB
Total Pagefile: 2897.54 MB
Available Pagefile: 525.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.5 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:284.99 GB) (Free:241.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 6FFDB1CB)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

schrauber 29.04.2014 20:48
Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

tubaca 30.04.2014 18:42
Also,Malwarebytes AntiMalware ging bis zum letzten Schritt gut durch,doch dann die Meldung "funktioniert nicht mehr".
Beim Adwcleaner dasselbe.


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-04-2014 03
Ran by hühne (administrator) on HÜHNE-PC on 30-04-2014 19:33:27
Running from C:\Users\hühne\Downloads
Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(iMesh Inc) C:\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe
(PriceMeter) C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(iMesh Inc) C:\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe
(iMesh Inc) C:\Program Files\Music Toolbar\Datamngr\DatamngrUI.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Spotify Ltd) C:\Users\hühne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(PriceMeter) C:\Users\hühne\AppData\Local\PriceMeter\pricemeterw.exe
(iMesh, Inc) C:\Program Files\iMesh Applications\iMesh\iMesh.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Thisisu) C:\Users\hühne\Downloads\JRT (1).exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\hühne\Downloads\FRST (1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-30] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1812264 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [715368 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [385024 2008-02-01] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [Spotify Web Helper] => C:\Users\hühne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [PriceMeterW] => C:\Users\hühne\AppData\Local\PriceMeter\pricemeterw.exe [309256 2014-04-13] (PriceMeter)
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [AppSafe] => C:\Program Files\AppSafe\AppSafe.exe
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [iMesh] => C:\Program Files\iMesh Applications\iMesh\iMesh.exe [31010816 2013-11-21] (iMesh, Inc)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Music Toolbar\Datamngr\apcrtldr.dll [490008 2014-04-22] () <===== ATTENTION
HKLM\...\AppCertDlls: [x64] -> c:\program files\music toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
URLSearchHook: HKLM - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKCU - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1482&systemid=1&v=n12441-332&apn_uid=9144602692664342&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {84778D90-081E-41B1-B9B9-AEFCCBB35EE1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=31f34222-938f-4cd6-81fb-fc569a274216&apn_sauid=3163093C-96D2-44D9-B48B-6113DC0710C6
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1482&systemid=1&v=n12441-332&apn_uid=9144602692664342&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
BHO: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM - No Name - {282b0e54-8981-49eb-9193-5910a1f6fd33} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898
FF user.js: detected! => C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 - C:\Program Files\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll (PriceMeter)
FF Plugin: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 - C:\Program Files\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll (PriceMeter)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: iMeshPlugin - C:\Program Files\iMesh Applications\iMesh\npiMeshPlugin.dll (iMesh)
FF SearchPlugin: C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898\searchplugins\iminent.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: media enhance - C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com [2014-03-24]
FF Extension: Yahoo! Toolbar - C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-10-11]
FF HKLM\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome:
=======
CHR HomePage: hxxp://www.search.ask.com/?o=APN10653A&gct=hp&d=1-1482&v=n12441-332&t=4
CHR StartupUrls: "hxxp://www.search.ask.com/?o=APN10653A&gct=hp&d=1-1482&v=n12441-332&t=4"
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=1482&systemid=1&v=n12441-332&apn_uid=9144602692664342&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Music Toolbar) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [2014-04-29]
CHR Extension: (Google Docs) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-15]
CHR Extension: (Google Drive) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-15]
CHR Extension: (YouTube) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-15]
CHR Extension: (Google-Suche) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-15]
CHR Extension: (media enhance) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-24]
CHR Extension: (Google Wallet) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR Extension: (Google Mail) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-15]
CHR HKLM\...\Chrome\Extension: [aaaaihhnfnbnpbhpagnmoplpcjbediml] - C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181\GC\toolbar.crx [2014-01-27]

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor9.0; c:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)
R2 DatamngrCoordinator; C:\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe [3544088 2014-04-22] (iMesh Inc)
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-15] (WildTangent)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S2 pricemeterliveUpdate; C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe [150504 2014-04-25] (PriceMeter)
S3 pricemeterliveUpdatem; C:\Program Files\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe [150504 2014-04-25] (PriceMeter)
S2 AntiVirWebService; "C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

==================== Drivers (Whitelisted) ====================

R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [116008 2010-11-12] (ELAN Microelectronics Corp.)
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files\Music Toolbar\Datamngr\setmgrc1.cfg [31128 2014-04-22] (iMesh Inc)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-30 19:32 - 2014-04-30 19:32 - 01050624 _____ (Farbar) C:\Users\hühne\Downloads\FRST (1).exe
2014-04-30 19:18 - 2014-04-30 19:20 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (2).exe
2014-04-30 19:18 - 2014-04-30 19:19 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (1).exe
2014-04-30 19:13 - 2014-04-30 19:13 - 00000000 ____D () C:\ProgramData\2D9F
2014-04-30 19:08 - 2014-04-30 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 19:05 - 2014-04-30 19:06 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT.exe
2014-04-30 18:55 - 2014-04-30 18:55 - 00000346 _____ () C:\Windows\Tasks\pricemeterwatcher.job
2014-04-30 18:55 - 2014-04-30 18:55 - 00000344 _____ () C:\Windows\Tasks\pricemetertask.job
2014-04-30 18:54 - 2014-04-30 19:10 - 00001606 _____ () C:\Windows\system32\debug.log
2014-04-30 18:16 - 2014-04-30 18:16 - 00001234 _____ () C:\Users\hühne\Desktop\Revo Uninstaller.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-30 18:15 - 2014-04-30 18:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\hühne\Downloads\revosetup95.exe
2014-04-30 12:17 - 2014-04-30 12:17 - 00000000 ____D () C:\AdwCleaner
2014-04-30 12:03 - 2014-04-30 12:06 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner.exe
2014-04-30 07:33 - 2014-04-30 19:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-30 07:30 - 2014-04-30 07:30 - 00001072 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-30 07:30 - 2014-04-30 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-30 07:29 - 2014-04-30 07:30 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-30 07:29 - 2014-04-30 07:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-30 07:29 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-30 07:29 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-30 07:29 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-30 07:25 - 2014-04-30 07:25 - 01101794 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-30 07:23 - 2014-04-30 07:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 17:42 - 2014-04-29 17:42 - 00000000 ____D () C:\ProgramData\24206
2014-04-29 07:13 - 2014-04-29 07:13 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\MusicNet
2014-04-29 07:12 - 2014-04-29 07:12 - 00000000 ____D () C:\Users\hühne\Documents\My Received Files
2014-04-29 07:11 - 2014-04-29 07:11 - 00001162 _____ () C:\Users\hühne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk
2014-04-29 07:11 - 2014-04-29 07:11 - 00001132 _____ () C:\Users\hühne\Desktop\iMesh.lnk
2014-04-29 06:48 - 2014-04-29 07:03 - 00036772 _____ () C:\Users\hühne\Downloads\Addition.txt
2014-04-29 06:44 - 2014-04-30 19:33 - 00019956 _____ () C:\Users\hühne\Downloads\FRST.txt
2014-04-29 06:40 - 2014-04-30 19:33 - 00000000 ____D () C:\FRST
2014-04-29 06:40 - 2014-04-29 21:00 - 00000000 ____D () C:\Users\hühne\AppData\Local\iMesh
2014-04-29 06:38 - 2014-04-29 06:38 - 00000000 ____D () C:\Program Files\iMesh Applications
2014-04-29 06:33 - 2014-04-29 06:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181
2014-04-29 06:29 - 2014-04-29 06:31 - 01049600 _____ (Farbar) C:\Users\hühne\Downloads\FRST.exe
2014-04-29 06:28 - 2014-04-29 06:28 - 00000000 ____D () C:\Program Files\Music Toolbar
2014-04-29 06:26 - 2014-04-30 19:35 - 00000000 ____D () C:\ProgramData\Datamngr
2014-04-29 06:21 - 2014-04-29 06:24 - 01431792 _____ (iMesh Inc) C:\Users\hühne\Downloads\iMeshSetup-r1482-w-bc.exe
2014-04-26 21:29 - 2014-04-30 17:51 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Nico Mak Computing
2014-04-26 21:26 - 2014-04-26 21:27 - 04892480 _____ (WinZip International LLC ) C:\Users\hühne\Downloads\wzmp_8.exe
2014-04-26 17:17 - 2014-04-26 17:18 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\AppSafe
2014-04-26 17:14 - 2014-04-26 17:14 - 00000043 _____ () C:\Users\hühne\AppData\Roaming\WB.CFG
2014-04-25 16:57 - 2014-04-28 12:25 - 00000240 _____ () C:\Windows\Tasks\AppSafe.job
2014-04-25 16:44 - 2014-04-25 16:44 - 00000000 ____D () C:\Users\hühne\Documents\PC Speed Maximizer
2014-04-25 16:41 - 2014-04-25 16:42 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer (1).exe
2014-04-25 16:40 - 2014-04-25 16:41 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer.exe
2014-04-25 16:39 - 2014-04-30 19:11 - 00000948 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
2014-04-25 16:39 - 2014-04-30 18:44 - 00000952 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\Users\hühne\AppData\Local\PriceMeterLiveUpdate
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\Program Files\PriceMeterLiveUpdate
2014-04-25 16:38 - 2014-04-30 18:38 - 00000294 _____ () C:\Windows\Tasks\Price Meter Updater.job
2014-04-25 16:38 - 2014-04-30 18:38 - 00000294 _____ () C:\Windows\Tasks\MySearchDial.job
2014-04-25 16:38 - 2014-04-30 17:45 - 00000000 ____D () C:\Users\hühne\AppData\Local\PriceMeter
2014-04-25 16:38 - 2014-04-25 20:47 - 00000294 _____ () C:\Windows\Tasks\AppCloudUpdater.job
2014-04-25 16:38 - 2014-04-25 16:38 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\PriceMeterUpdater
2014-04-25 16:38 - 2014-04-25 16:38 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
2014-04-25 16:38 - 2014-04-25 16:38 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\AppCloudUpdater
2014-04-25 16:33 - 2014-04-25 16:34 - 00806208 _____ ( ) C:\Users\hühne\Downloads\CCleanerSetup.exe
2014-04-25 16:11 - 2014-04-25 16:11 - 00000000 ____D () C:\Windows\system32\Adobe
2014-04-25 16:08 - 2014-04-25 16:10 - 04994480 _____ (Adobe Systems Inc.) C:\Users\hühne\Downloads\Shockwave_Installer_Slim.exe
2014-04-25 15:56 - 2014-04-25 15:58 - 02682880 _____ () C:\Users\hühne\Downloads\AdbeRdrSecUpd11005.msp
2014-04-24 22:12 - 2014-04-24 22:12 - 00243488 _____ (Premium Installer ) C:\Users\hühne\Downloads\Player-Chrome.exe
2014-04-24 22:09 - 2014-04-24 22:09 - 00448504 _____ () C:\Users\hühne\Downloads\Player_Setup (2).exe
2014-04-24 22:06 - 2014-04-24 22:06 - 00000000 ____D () C:\Users\hühne\AppData\Local\SearchProtect
2014-04-24 22:05 - 2014-04-24 22:05 - 00448504 _____ () C:\Users\hühne\Downloads\Player_Setup (1).exe
2014-04-24 22:04 - 2014-04-24 22:04 - 00630264 _____ () C:\Users\hühne\Downloads\Player_Setup.exe
2014-04-22 19:17 - 2014-04-22 19:18 - 02358688 _____ (Xacti, LLC ) C:\Users\hühne\Downloads\SocialNetworksSetup.exe
2014-04-17 20:04 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 20:03 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 20:03 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 20:03 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 20:03 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 20:03 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 20:03 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 20:03 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 20:03 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 20:03 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 20:02 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 20:02 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 20:02 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 20:02 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 20:02 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 20:02 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 20:02 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 20:02 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 20:02 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 20:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 20:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 20:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 20:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 20:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 20:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 20:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-15 20:22 - 2014-04-15 20:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-12 19:09 - 2014-04-12 19:09 - 00003288 ____N () C:\bootsqm.dat
2014-04-10 16:48 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 16:48 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 16:48 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 16:48 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 16:48 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 16:48 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-02 14:33 - 2014-04-16 11:17 - 00000000 ____D () C:\Users\hühne\AppData\Local\Windows Live
2014-04-02 14:13 - 2014-04-02 14:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

==================== One Month Modified Files and Folders =======

2014-04-30 19:35 - 2014-04-29 06:26 - 00000000 ____D () C:\ProgramData\Datamngr
2014-04-30 19:34 - 2014-04-29 06:44 - 00019956 _____ () C:\Users\hühne\Downloads\FRST.txt
2014-04-30 19:33 - 2014-04-29 06:40 - 00000000 ____D () C:\FRST
2014-04-30 19:32 - 2014-04-30 19:32 - 01050624 _____ (Farbar) C:\Users\hühne\Downloads\FRST (1).exe
2014-04-30 19:30 - 2012-12-04 18:12 - 00000394 _____ () C:\Windows\Tasks\Packard Bell Registration - Reminder Recall task.job
2014-04-30 19:29 - 2012-12-01 09:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-30 19:22 - 2009-07-14 06:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-30 19:22 - 2009-07-14 06:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-30 19:20 - 2014-04-30 19:18 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (2).exe
2014-04-30 19:19 - 2014-04-30 19:18 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (1).exe
2014-04-30 19:18 - 2012-09-02 17:26 - 01643335 _____ () C:\Windows\WindowsUpdate.log
2014-04-30 19:15 - 2014-04-30 07:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-30 19:13 - 2014-04-30 19:13 - 00000000 ____D () C:\ProgramData\2D9F
2014-04-30 19:12 - 2013-10-15 14:39 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-30 19:11 - 2014-04-25 16:39 - 00000948 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
2014-04-30 19:11 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-30 19:11 - 2009-07-14 06:39 - 00049365 _____ () C:\Windows\setupact.log
2014-04-30 19:10 - 2014-04-30 18:54 - 00001606 _____ () C:\Windows\system32\debug.log
2014-04-30 19:08 - 2014-04-30 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 19:06 - 2014-04-30 19:05 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT.exe
2014-04-30 19:02 - 2013-06-09 12:34 - 00000000 ____D () C:\Users\hühne\AppData\Local\CrashDumps
2014-04-30 18:55 - 2014-04-30 18:55 - 00000346 _____ () C:\Windows\Tasks\pricemeterwatcher.job
2014-04-30 18:55 - 2014-04-30 18:55 - 00000344 _____ () C:\Windows\Tasks\pricemetertask.job
2014-04-30 18:55 - 2009-07-14 06:53 - 00024824 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-30 18:53 - 2010-11-20 23:48 - 00279866 _____ () C:\Windows\PFRO.log
2014-04-30 18:51 - 2013-10-15 14:39 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-30 18:48 - 2013-02-03 12:06 - 00000000 ____D () C:\ProgramData\Avira
2014-04-30 18:44 - 2014-04-25 16:39 - 00000952 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
2014-04-30 18:38 - 2014-04-25 16:38 - 00000294 _____ () C:\Windows\Tasks\Price Meter Updater.job
2014-04-30 18:38 - 2014-04-25 16:38 - 00000294 _____ () C:\Windows\Tasks\MySearchDial.job
2014-04-30 18:16 - 2014-04-30 18:16 - 00001234 _____ () C:\Users\hühne\Desktop\Revo Uninstaller.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-30 18:15 - 2014-04-30 18:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\hühne\Downloads\revosetup95.exe
2014-04-30 17:51 - 2014-04-26 21:29 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Nico Mak Computing
2014-04-30 17:48 - 2011-12-16 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-04-30 17:48 - 2011-12-16 13:37 - 00000000 ____D () C:\Program Files\Packard Bell
2014-04-30 17:45 - 2014-04-25 16:38 - 00000000 ____D () C:\Users\hühne\AppData\Local\PriceMeter
2014-04-30 12:17 - 2014-04-30 12:17 - 00000000 ____D () C:\AdwCleaner
2014-04-30 12:06 - 2014-04-30 12:03 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner.exe
2014-04-30 07:30 - 2014-04-30 07:30 - 00001072 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-30 07:30 - 2014-04-30 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-30 07:30 - 2014-04-30 07:29 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-30 07:29 - 2014-04-30 07:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-30 07:25 - 2014-04-30 07:25 - 01101794 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-30 07:25 - 2014-04-30 07:23 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 21:00 - 2014-04-29 06:40 - 00000000 ____D () C:\Users\hühne\AppData\Local\iMesh
2014-04-29 17:42 - 2014-04-29 17:42 - 00000000 ____D () C:\ProgramData\24206
2014-04-29 08:50 - 2013-10-15 14:41 - 00002133 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 07:13 - 2014-04-29 07:13 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\MusicNet
2014-04-29 07:12 - 2014-04-29 07:12 - 00000000 ____D () C:\Users\hühne\Documents\My Received Files
2014-04-29 07:11 - 2014-04-29 07:11 - 00001162 _____ () C:\Users\hühne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk
2014-04-29 07:11 - 2014-04-29 07:11 - 00001132 _____ () C:\Users\hühne\Desktop\iMesh.lnk
2014-04-29 07:03 - 2014-04-29 06:48 - 00036772 _____ () C:\Users\hühne\Downloads\Addition.txt
2014-04-29 06:38 - 2014-04-29 06:38 - 00000000 ____D () C:\Program Files\iMesh Applications
2014-04-29 06:33 - 2014-04-29 06:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181
2014-04-29 06:32 - 2012-12-01 09:56 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 06:32 - 2011-12-16 14:02 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 06:31 - 2014-04-29 06:29 - 01049600 _____ (Farbar) C:\Users\hühne\Downloads\FRST.exe
2014-04-29 06:28 - 2014-04-29 06:28 - 00000000 ____D () C:\Program Files\Music Toolbar
2014-04-29 06:24 - 2014-04-29 06:21 - 01431792 _____ (iMesh Inc) C:\Users\hühne\Downloads\iMeshSetup-r1482-w-bc.exe
2014-04-28 12:25 - 2014-04-25 16:57 - 00000240 _____ () C:\Windows\Tasks\AppSafe.job
2014-04-26 21:27 - 2014-04-26 21:26 - 04892480 _____ (WinZip International LLC ) C:\Users\hühne\Downloads\wzmp_8.exe
2014-04-26 17:18 - 2014-04-26 17:17 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\AppSafe
2014-04-26 17:14 - 2014-04-26 17:14 - 00000043 _____ () C:\Users\hühne\AppData\Roaming\WB.CFG
2014-04-25 20:47 - 2014-04-25 16:38 - 00000294 _____ () C:\Windows\Tasks\AppCloudUpdater.job
2014-04-25 16:44 - 2014-04-25 16:44 - 00000000 ____D () C:\Users\hühne\Documents\PC Speed Maximizer
2014-04-25 16:42 - 2014-04-25 16:41 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer (1).exe
2014-04-25 16:41 - 2014-04-25 16:40 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer.exe
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\Users\hühne\AppData\Local\PriceMeterLiveUpdate
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\Program Files\PriceMeterLiveUpdate
2014-04-25 16:38 - 2014-04-25 16:38 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\PriceMeterUpdater
2014-04-25 16:38 - 2014-04-25 16:38 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
2014-04-25 16:38 - 2014-04-25 16:38 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\AppCloudUpdater
2014-04-25 16:34 - 2014-04-25 16:33 - 00806208 _____ ( ) C:\Users\hühne\Downloads\CCleanerSetup.exe
2014-04-25 16:11 - 2014-04-25 16:11 - 00000000 ____D () C:\Windows\system32\Adobe
2014-04-25 16:10 - 2014-04-25 16:08 - 04994480 _____ (Adobe Systems Inc.) C:\Users\hühne\Downloads\Shockwave_Installer_Slim.exe
2014-04-25 15:58 - 2014-04-25 15:56 - 02682880 _____ () C:\Users\hühne\Downloads\AdbeRdrSecUpd11005.msp
2014-04-25 08:31 - 2012-12-30 16:04 - 00000000 ____D () C:\Users\hühne\Desktop\Musik
2014-04-24 22:12 - 2014-04-24 22:12 - 00243488 _____ (Premium Installer ) C:\Users\hühne\Downloads\Player-Chrome.exe
2014-04-24 22:09 - 2014-04-24 22:09 - 00448504 _____ () C:\Users\hühne\Downloads\Player_Setup (2).exe
2014-04-24 22:06 - 2014-04-24 22:06 - 00000000 ____D () C:\Users\hühne\AppData\Local\SearchProtect
2014-04-24 22:05 - 2014-04-24 22:05 - 00448504 _____ () C:\Users\hühne\Downloads\Player_Setup (1).exe
2014-04-24 22:04 - 2014-04-24 22:04 - 00630264 _____ () C:\Users\hühne\Downloads\Player_Setup.exe
2014-04-22 19:18 - 2014-04-22 19:17 - 02358688 _____ (Xacti, LLC ) C:\Users\hühne\Downloads\SocialNetworksSetup.exe
2014-04-20 12:55 - 2013-03-06 09:53 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Spotify
2014-04-20 12:38 - 2012-12-04 18:12 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Skype
2014-04-18 08:16 - 2013-03-06 09:53 - 00000000 ____D () C:\Users\hühne\AppData\Local\Spotify
2014-04-17 20:33 - 2010-11-20 23:01 - 01619832 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 20:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-16 11:17 - 2014-04-02 14:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\Windows Live
2014-04-15 20:24 - 2011-12-16 13:32 - 00000000 ____D () C:\Program Files\WildTangent Games
2014-04-15 20:22 - 2014-04-15 20:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-12 19:51 - 2012-11-30 18:40 - 00000000 ____D () C:\Users\hühne\AppData\Local\Adobe
2014-04-12 19:09 - 2014-04-12 19:09 - 00003288 ____N () C:\bootsqm.dat
2014-04-04 13:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-04 12:34 - 2014-03-02 17:21 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-04 12:34 - 2014-03-02 17:20 - 00002129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-04-04 12:32 - 2014-03-02 17:19 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-03 21:16 - 2009-07-14 06:33 - 00264128 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-03 09:51 - 2014-04-30 07:29 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-30 07:29 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-30 07:29 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 14:13 - 2014-04-02 14:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

Files to move or delete:
====================
C:\Program Files\Music Toolbar\Datamngr\apcrtldr.dll


Some content of TEMP:
====================
C:\Users\hühne\AppData\Local\Temp\7.8.20.2-EasyShrx.Dll
C:\Users\hühne\AppData\Local\Temp\AskSLib.dll
C:\Users\hühne\AppData\Local\Temp\avgnt.exe
C:\Users\hühne\AppData\Local\Temp\BackupSetup.exe
C:\Users\hühne\AppData\Local\Temp\install_flashplayer13x32au_mssa_aaa_aih.exe
C:\Users\hühne\AppData\Local\Temp\IrsoDLL.dll
C:\Users\hühne\AppData\Local\Temp\SEVINST.EXE
C:\Users\hühne\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-04 13:17

==================== End Of Log ============================
--- --- ---

--- --- ---
JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Starter x86
Ran by hhne on 30.04.2014 at 19:21:24,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Failed to stop: [Service] datamngrcoordinator



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1313469467-449356098-3674421868-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\discoveryhelper.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\gifanimator.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\imesh.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\imtrprogress.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\imweb.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\wmhelper.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\distromatic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mysearchdial
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imweb.imwebcontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2625848
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{84778D90-081E-41B1-B9B9-AEFCCBB35EE1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}



~~~ Files

Successfully deleted: [File] "C:\Windows\system32\roboot.exe"
Successfully deleted: [File] C:\Windows\system32\sho326A.tmp
Successfully deleted: [File] C:\Windows\system32\sho7162.tmp
Successfully deleted: [File] C:\Windows\system32\sho741F.tmp
Successfully deleted: [File] C:\Windows\system32\shoC445.tmp
Successfully deleted: [File] C:\Windows\system32\shoC9A5.tmp
Successfully deleted: [File] C:\Windows\system32\shoF13E.tmp
Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\bonanzadealslive"
Failed to delete: [Folder] "C:\ProgramData\datamngr"
Successfully deleted: [Folder] "C:\ProgramData\speedypc software"
Failed to delete: [Folder] "C:\ProgramData\application data\datamngr"
Successfully deleted: [Folder] "C:\Users\hhne\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\hhne\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\hhne\AppData\Roaming\metacrawler"
Successfully deleted: [Folder] "C:\Users\hhne\AppData\Roaming\mysearchdial"
Successfully deleted: [Folder] "C:\Users\hhne\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\hhne\AppData\Roaming\speedypc software"
Successfully deleted: [Folder] "C:\Users\hhne\AppData\Roaming\systweak"
Failed to delete: [Folder] "C:\Users\hhne\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files\amazon browser bar"
Successfully deleted: [Folder] "C:\Program Files\bonanzadealslive"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\linkidoo"
Successfully deleted: [Folder] "C:\Program Files\mysearchdial"
Successfully deleted: [Folder] "C:\Program Files\Common Files\speedypc software"
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{1D70084A-9B3A-4438-987F-F5D0784AD752}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{3F3AB2FD-7935-4FCC-A7FC-00F9153CC9DA}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{469A71A5-F27C-4D8B-91E9-936429A2A1E8}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{4DCBEF7D-DA70-45A2-8075-07FE19AEB5CF}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{74CEC5F2-C65D-4BFA-83EF-107829053431}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{77C6822C-12E5-440F-B2D3-D2F3F3D07AB3}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{78FE4AE8-6A07-4698-BB88-F72E13BAD027}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{7A7C570C-45A5-475D-9524-F9B90C875B32}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{9385CD92-B296-4721-9CFF-C14E135DCD44}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{99A994B1-B641-41FF-A037-643AA40DFC8C}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{9C530AB4-26B4-4CF6-99B7-16C7213396C3}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{AD7C41E9-B64A-43ED-9484-FC283CE5351B}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{CEB45739-7F44-4A15-B9D1-7A71D27C5846}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{D4DC8994-4B09-4325-8C4C-E4F7A1B2A755}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{E2B339EF-73C4-43F4-A8CB-04DAF0C539B9}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{F98E49B9-E0B8-4240-86CE-E0B36F1CD0CA}
Successfully deleted: [Empty Folder] C:\Users\hhne\appdata\local\{FC5C930D-CB15-4175-9B48-D250AADE3842}



~~~ FireFox

Successfully deleted: [File] C:\Users\hhne\AppData\Roaming\mozilla\firefox\profiles\wtkri3i8.default-1381429290898\user.js
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted the following from C:\Users\hhne\AppData\Roaming\mozilla\firefox\profiles\wtkri3i8.default-1381429290898\prefs.js

user_pref("extensions.iminent.admin", false);
user_pref("extensions.iminent.aflt", "orgnl");
user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
user_pref("extensions.iminent.autoRvrt", "false");
user_pref("extensions.iminent.dfltLng", "");
user_pref("extensions.iminent.excTlbr", false);
user_pref("extensions.iminent.ffxUnstlRst", false);
user_pref("extensions.iminent.id", "a4eadd9e0000000000007ce9d3418d43");
user_pref("extensions.iminent.instlDay", "16026");
user_pref("extensions.iminent.instlRef", "");
user_pref("extensions.iminent.newTab", false);
user_pref("extensions.iminent.prdct", "iminent");
user_pref("extensions.iminent.prtnrId", "iminent");
user_pref("extensions.iminent.rvrt", "false");
user_pref("extensions.iminent.smplGrp", "none");
user_pref("extensions.iminent.tlbrId", "base");
user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
user_pref("extensions.iminent.vrsn", "1.8.26.8");
user_pref("extensions.iminent.vrsnTs", "1.8.26.817:36:18");
user_pref("extensions.iminent.vrsni", "1.8.26.8");
Emptied folder: C:\Users\hhne\AppData\Roaming\mozilla\firefox\profiles\wtkri3i8.default-1381429290898\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.04.2014 at 19:39:15,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---


Bin alles nochmal durchgegangen,das neue FRST log und das JRT.txt.
Hab ich was falsch gemacht?

schrauber 01.05.2014 16:34
AdwCLeaner neu laden, dann das AV PRogramm ausschalten und AdwCleaner nochmal versuchen.

tubaca 02.05.2014 07:58
AdwCleaner Logfile:
Code:
# AdwCleaner v3.205 - Bericht erstellt am 02/05/2014 um 08:47:11
# Aktualisiert 28/04/2014 von Xplode
# Betriebssystem : Windows 7 Starter Service Pack 1 (32 bits)
# Benutzername : hühne - HÜHNE-PC
# Gestartet von : C:\Users\hühne\Downloads\adwcleaner (2).exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : DatamngrCoordinator
[#] Dienst Gelöscht : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Dienst Gelöscht : pricemeterliveUpdate
[#] Dienst Gelöscht : pricemeterliveUpdatem

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\IminentToolbar
Ordner Gelöscht : C:\Program Files\media enhance
[!] Ordner Gelöscht : C:\Program Files\Music Toolbar
[!] Ordner Gelöscht : C:\Program Files\PriceMeterLiveUpdate
Ordner Gelöscht : C:\Program Files\SupTab
Ordner Gelöscht : C:\Program Files\DVDVideoSoftTB_DE
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\hühne\AppData\Local\BonanzaDealsLive
Ordner Gelöscht : C:\Users\hühne\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\hühne\AppData\Local\PriceMeter
Ordner Gelöscht : C:\Users\hühne\AppData\Local\PriceMeterLiveUpdate
Ordner Gelöscht : C:\Users\hühne\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\HHNE~1\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\HHNE~1\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\hühne\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\hühne\AppData\LocalLow\DVDVideoSoftTB_DE
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\aartemis
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\AppCloudUpdater
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\AppSafe
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\PriceMeterUpdater
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\webssearches
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
Ordner Gelöscht : C:\Users\hühne\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\b2ri8l52.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\b2ri8l52.default\Extensions\staged\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Ordner Gelöscht : C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com
Ordner Gelöscht : C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
[!] Ordner Gelöscht : C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
Datei Gelöscht : C:\Users\hühne\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898\searchplugins\iminent.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\webssearches.xml
Datei Gelöscht : C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Datei Gelöscht : C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
Datei Gelöscht : C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Windows\Tasks\AppCloudUpdater.job
Datei Gelöscht : C:\Windows\System32\Tasks\AppCloudUpdater
Datei Gelöscht : C:\Windows\Tasks\MySearchDial.job
Datei Gelöscht : C:\Windows\System32\Tasks\MySearchDial
Datei Gelöscht : C:\Windows\System32\Tasks\pricemeterdownloader
Datei Gelöscht : C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore
Datei Gelöscht : C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
Datei Gelöscht : C:\Windows\System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA
Datei Gelöscht : C:\Windows\Tasks\pricemetertask.job
Datei Gelöscht : C:\Windows\System32\Tasks\pricemetertask
Datei Gelöscht : C:\Windows\Tasks\pricemeterwatcher.job
Datei Gelöscht : C:\Windows\System32\Tasks\pricemeterwatcher

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD8B562A-E19C-43B3-B172-68F9A6033B56}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD8B562A-E19C-43B3-B172-68F9A6033B56}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{236682D9-5118-4C34-A8A7-978874ED24F4}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{236682D9-5118-4C34-A8A7-978874ED24F4}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8BC8710-6C4E-4E45-9613-C879C6D95970}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8BC8710-6C4E-4E45-9613-C879C6D95970}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD8B882C-805F-47F9-9B16-256E9C1C70DA}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD8B882C-805F-47F9-9B16-256E9C1C70DA}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E03EB1A8-C2F7-4E18-B7C9-BDE9EEA3D6DF}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E03EB1A8-C2F7-4E18-B7C9-BDE9EEA3D6DF}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CF5D191-2A2A-4575-AF43-240DBA08B085}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CF5D191-2A2A-4575-AF43-240DBA08B085}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C445E9F-2E47-4630-A798-C26EB7F55D34}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C445E9F-2E47-4630-A798-C26EB7F55D34}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E017D806-5951-4648-ACB9-29B5FA3DEE99}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E017D806-5951-4648-ACB9-29B5FA3DEE99}
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PriceMeterW]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickCtrl.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.Update3WebControl.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=3
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=9
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\${dtUserElevationPolicyID}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{282B0E54-8981-49EB-9193-5910A1F6FD33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BA90BB0-A7C2-43AE-B5B9-0FB6829A44E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66B87B44-C5FB-4D6D-9B43-82FA6599A950}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{282B0E54-8981-49EB-9193-5910A1F6FD33}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Schlüssel Gelöscht : HKCU\Software\APNDTX
Schlüssel Gelöscht : HKCU\Software\AppCloudUpdater
Schlüssel Gelöscht : HKCU\Software\AppSafe
Schlüssel Gelöscht : HKCU\Software\Imesh
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB_DE
Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB_DE
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB_DE Toolbar
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v17.0 (de)

[ Datei : C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1395691535&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WXL1EA1AZWKMAZWKM&q={searchTerms}
Gelöscht [Search Provider] : hxxp://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80832&iwk=304&lng=de
Gelöscht [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=1482&systemid=1&v=n12441-332&apn_uid=9144602692664342&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
Gelöscht [Startup_urls] : hxxp://www.search.ask.com/?o=APN10653A&gct=hp&d=1-1482&v=n12441-332&t=4
Gelöscht [Homepage] : hxxp://www.search.ask.com/?o=APN10653A&gct=hp&d=1-1482&v=n12441-332&t=4
Gelöscht [Extension] : lekgiimbfodefdaoofhlckefjbgpeilo
Gelöscht [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [18611 octets] - [02/05/2014 08:44:56]
AdwCleaner[S0].txt - [18074 octets] - [02/05/2014 08:47:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18135 octets] ##########
--- --- ---


Das AV Programm von Avira habe ich schon komplett entfernt,es hat mir ja eh nichts geholfen.

schrauber 03.05.2014 07:13

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

tubaca 03.05.2014 15:23
ESETSmartInstaller@High as downloader log:
all ok

Results of screen317's Security Check version 0.99.82
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 13.0.0.206
Adobe Reader 10.1.0 Adobe Reader out of Date!
Mozilla Firefox 17.0 Firefox out of Date!
Google Chrome 34.0.1847.116
Google Chrome 34.0.1847.131
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
Windows Defender MSMpEng.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

also,Downloads gehen jetzt wesentlich schneller.
ab und zu hängt er sich noch auf.ich muss jetzt mal ein paar Tage testen,weil das Internet immer mal schneller oder langsamer ist(ist das normal?)

ganz viele Dankeschöns für Deine Mühe und Hilfe.
hab ich jetzt eigentlich noch ei AVProgramm?Avira hab ich deinstalliert.kannst Du mir eins empfehlem,was für mein Netbook geeignet ist?Ich hab mal gehört,das viele Computer langsamer werden,weil Programme installiert wurden,die sichnciht vertragen.

LG tubaca


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014
Ran by hühne (administrator) on HÜHNE-PC on 03-05-2014 16:08:29
Running from C:\Users\hühne\Downloads
Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Spotify Ltd) C:\Users\hühne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\hühne\Downloads\FRST (2).exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-30] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1812264 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [715368 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [385024 2008-02-01] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [Spotify Web Helper] => C:\Users\hühne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [AppSafe] => C:\Program Files\AppSafe\AppSafe.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\music toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files\music toolbar\datamngr\apcrtldr.dll <===== ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\hühne\AppData\Roaming\Mozilla\Firefox\Profiles\wtkri3i8.default-1381429290898
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Music Toolbar) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [2014-04-29]
CHR Extension: (Google Docs) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-15]
CHR Extension: (Google Drive) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-15]
CHR Extension: (YouTube) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-15]
CHR Extension: (Google-Suche) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-15]
CHR Extension: (Google Wallet) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR Extension: (Google Mail) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-15]
CHR HKLM\...\Chrome\Extension: [aaaaihhnfnbnpbhpagnmoplpcjbediml] - C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181\GC\toolbar.crx [2014-01-27]

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor9.0; c:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-15] (WildTangent)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S2 AntiVirWebService; "C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

==================== Drivers (Whitelisted) ====================

R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [116008 2010-11-12] (ELAN Microelectronics Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-03 16:06 - 2014-05-03 16:07 - 01050624 _____ (Farbar) C:\Users\hühne\Downloads\FRST (2).exe
2014-05-03 15:48 - 2014-05-03 15:48 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (2).exe
2014-05-03 15:42 - 2014-05-03 15:43 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (1).exe
2014-05-03 15:41 - 2014-05-03 15:42 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck.exe
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieUserList
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieSiteList
2014-05-03 15:12 - 2014-05-03 15:12 - 02347384 _____ (ESET) C:\Users\hühne\Downloads\esetsmartinstaller_deu.exe
2014-05-02 08:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-02 08:42 - 2014-05-02 08:43 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner (2).exe
2014-05-02 08:42 - 2014-05-02 08:43 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner (1).exe
2014-05-01 06:57 - 2014-05-01 06:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 19:39 - 2014-04-30 19:39 - 00010224 _____ () C:\Users\hühne\Desktop\JRT.txt
2014-04-30 19:32 - 2014-04-30 19:32 - 01050624 _____ (Farbar) C:\Users\hühne\Downloads\FRST (1).exe
2014-04-30 19:18 - 2014-04-30 19:20 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (2).exe
2014-04-30 19:18 - 2014-04-30 19:19 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (1).exe
2014-04-30 19:13 - 2014-04-30 19:13 - 00000000 ____D () C:\ProgramData\2D9F
2014-04-30 19:08 - 2014-04-30 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 19:05 - 2014-04-30 19:06 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT.exe
2014-04-30 18:54 - 2014-04-30 19:10 - 00001606 _____ () C:\Windows\system32\debug.log
2014-04-30 18:16 - 2014-04-30 18:16 - 00001234 _____ () C:\Users\hühne\Desktop\Revo Uninstaller.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-30 18:15 - 2014-04-30 18:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\hühne\Downloads\revosetup95.exe
2014-04-30 12:17 - 2014-05-02 08:48 - 00000000 ____D () C:\AdwCleaner
2014-04-30 12:03 - 2014-04-30 12:06 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner.exe
2014-04-30 07:33 - 2014-05-03 16:04 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-30 07:30 - 2014-04-30 07:30 - 00001072 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-30 07:30 - 2014-04-30 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-30 07:29 - 2014-04-30 07:30 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-30 07:29 - 2014-04-30 07:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-30 07:29 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-30 07:29 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-30 07:29 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-30 07:25 - 2014-04-30 07:25 - 01101794 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-30 07:23 - 2014-04-30 07:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-30 07:23 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-30 07:23 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-29 17:42 - 2014-04-29 17:42 - 00000000 ____D () C:\ProgramData\24206
2014-04-29 07:13 - 2014-04-29 07:13 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\MusicNet
2014-04-29 07:12 - 2014-04-29 07:12 - 00000000 ____D () C:\Users\hühne\Documents\My Received Files
2014-04-29 06:48 - 2014-04-29 07:03 - 00036772 _____ () C:\Users\hühne\Downloads\Addition.txt
2014-04-29 06:44 - 2014-05-03 16:08 - 00013786 _____ () C:\Users\hühne\Downloads\FRST.txt
2014-04-29 06:40 - 2014-05-03 16:08 - 00000000 ____D () C:\FRST
2014-04-29 06:33 - 2014-04-29 06:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181
2014-04-29 06:29 - 2014-04-29 06:31 - 01049600 _____ (Farbar) C:\Users\hühne\Downloads\FRST.exe
2014-04-26 21:29 - 2014-04-30 17:51 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Nico Mak Computing
2014-04-26 21:26 - 2014-04-26 21:27 - 04892480 _____ (WinZip International LLC ) C:\Users\hühne\Downloads\wzmp_8.exe
2014-04-26 17:14 - 2014-04-26 17:14 - 00000043 _____ () C:\Users\hühne\AppData\Roaming\WB.CFG
2014-04-25 16:57 - 2014-04-28 12:25 - 00000240 _____ () C:\Windows\Tasks\AppSafe.job
2014-04-25 16:41 - 2014-04-25 16:42 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer (1).exe
2014-04-25 16:40 - 2014-04-25 16:41 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer.exe
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-25 16:38 - 2014-05-03 15:38 - 00000294 _____ () C:\Windows\Tasks\Price Meter Updater.job
2014-04-25 16:11 - 2014-04-25 16:11 - 00000000 ____D () C:\Windows\system32\Adobe
2014-04-25 16:08 - 2014-04-25 16:10 - 04994480 _____ (Adobe Systems Inc.) C:\Users\hühne\Downloads\Shockwave_Installer_Slim.exe
2014-04-25 15:56 - 2014-04-25 15:58 - 02682880 _____ () C:\Users\hühne\Downloads\AdbeRdrSecUpd11005.msp
2014-04-17 20:04 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 20:03 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 20:03 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 20:03 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 20:03 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 20:03 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 20:03 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 20:03 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 20:03 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 20:03 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 20:02 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 20:02 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 20:02 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 20:02 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 20:02 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 20:02 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 20:02 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 20:02 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 20:02 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 20:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 20:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 20:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 20:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 20:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 20:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 20:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-15 20:22 - 2014-04-15 20:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-12 19:09 - 2014-04-12 19:09 - 00003288 ____N () C:\bootsqm.dat
2014-04-10 16:48 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 16:48 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 16:48 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 16:48 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 16:48 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 16:48 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-03 16:09 - 2014-04-29 06:44 - 00013786 _____ () C:\Users\hühne\Downloads\FRST.txt
2014-05-03 16:08 - 2014-04-29 06:40 - 00000000 ____D () C:\FRST
2014-05-03 16:07 - 2014-05-03 16:06 - 01050624 _____ (Farbar) C:\Users\hühne\Downloads\FRST (2).exe
2014-05-03 16:04 - 2014-04-30 07:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 16:01 - 2013-10-15 14:39 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-03 16:01 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-03 16:01 - 2009-07-14 06:39 - 00049477 _____ () C:\Windows\setupact.log
2014-05-03 16:00 - 2012-12-04 18:12 - 00000394 _____ () C:\Windows\Tasks\Packard Bell Registration - Reminder Recall task.job
2014-05-03 16:00 - 2010-11-20 23:48 - 00300314 _____ () C:\Windows\PFRO.log
2014-05-03 15:59 - 2012-09-02 17:26 - 01863884 _____ () C:\Windows\WindowsUpdate.log
2014-05-03 15:51 - 2013-10-15 14:39 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-03 15:48 - 2014-05-03 15:48 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (2).exe
2014-05-03 15:43 - 2014-05-03 15:42 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck (1).exe
2014-05-03 15:42 - 2014-05-03 15:41 - 00855379 _____ () C:\Users\hühne\Downloads\SecurityCheck.exe
2014-05-03 15:38 - 2014-04-25 16:38 - 00000294 _____ () C:\Windows\Tasks\Price Meter Updater.job
2014-05-03 15:29 - 2012-12-01 09:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieUserList
2014-05-03 15:26 - 2014-05-03 15:26 - 00000000 __SHD () C:\Users\hühne\AppData\Local\EmieSiteList
2014-05-03 15:12 - 2014-05-03 15:12 - 02347384 _____ (ESET) C:\Users\hühne\Downloads\esetsmartinstaller_deu.exe
2014-05-02 09:01 - 2009-07-14 06:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-02 09:01 - 2009-07-14 06:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-02 08:52 - 2009-07-14 06:53 - 00025580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-02 08:48 - 2014-04-30 12:17 - 00000000 ____D () C:\AdwCleaner
2014-05-02 08:47 - 2012-12-30 15:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-05-02 08:43 - 2014-05-02 08:42 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner (2).exe
2014-05-02 08:43 - 2014-05-02 08:42 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner (1).exe
2014-05-01 06:57 - 2014-05-01 06:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 19:39 - 2014-04-30 19:39 - 00010224 _____ () C:\Users\hühne\Desktop\JRT.txt
2014-04-30 19:32 - 2014-04-30 19:32 - 01050624 _____ (Farbar) C:\Users\hühne\Downloads\FRST (1).exe
2014-04-30 19:20 - 2014-04-30 19:18 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (2).exe
2014-04-30 19:19 - 2014-04-30 19:18 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT (1).exe
2014-04-30 19:13 - 2014-04-30 19:13 - 00000000 ____D () C:\ProgramData\2D9F
2014-04-30 19:10 - 2014-04-30 18:54 - 00001606 _____ () C:\Windows\system32\debug.log
2014-04-30 19:08 - 2014-04-30 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-04-30 19:06 - 2014-04-30 19:05 - 01016261 _____ (Thisisu) C:\Users\hühne\Downloads\JRT.exe
2014-04-30 19:02 - 2013-06-09 12:34 - 00000000 ____D () C:\Users\hühne\AppData\Local\CrashDumps
2014-04-30 18:48 - 2013-02-03 12:06 - 00000000 ____D () C:\ProgramData\Avira
2014-04-30 18:16 - 2014-04-30 18:16 - 00001234 _____ () C:\Users\hühne\Desktop\Revo Uninstaller.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-30 18:15 - 2014-04-30 18:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\hühne\Downloads\revosetup95.exe
2014-04-30 17:51 - 2014-04-26 21:29 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Nico Mak Computing
2014-04-30 17:48 - 2011-12-16 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-04-30 17:48 - 2011-12-16 13:37 - 00000000 ____D () C:\Program Files\Packard Bell
2014-04-30 12:06 - 2014-04-30 12:03 - 01310621 _____ () C:\Users\hühne\Downloads\adwcleaner.exe
2014-04-30 07:30 - 2014-04-30 07:30 - 00001072 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-30 07:30 - 2014-04-30 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-30 07:30 - 2014-04-30 07:29 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-30 07:29 - 2014-04-30 07:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-30 07:25 - 2014-04-30 07:25 - 01101794 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-30 07:25 - 2014-04-30 07:23 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hühne\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 17:42 - 2014-04-29 17:42 - 00000000 ____D () C:\ProgramData\24206
2014-04-29 08:50 - 2013-10-15 14:41 - 00002133 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 07:13 - 2014-04-29 07:13 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\MusicNet
2014-04-29 07:12 - 2014-04-29 07:12 - 00000000 ____D () C:\Users\hühne\Documents\My Received Files
2014-04-29 07:03 - 2014-04-29 06:48 - 00036772 _____ () C:\Users\hühne\Downloads\Addition.txt
2014-04-29 06:33 - 2014-04-29 06:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181
2014-04-29 06:32 - 2012-12-01 09:56 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 06:32 - 2011-12-16 14:02 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 06:31 - 2014-04-29 06:29 - 01049600 _____ (Farbar) C:\Users\hühne\Downloads\FRST.exe
2014-04-28 12:25 - 2014-04-25 16:57 - 00000240 _____ () C:\Windows\Tasks\AppSafe.job
2014-04-26 21:27 - 2014-04-26 21:26 - 04892480 _____ (WinZip International LLC ) C:\Users\hühne\Downloads\wzmp_8.exe
2014-04-26 17:14 - 2014-04-26 17:14 - 00000043 _____ () C:\Users\hühne\AppData\Roaming\WB.CFG
2014-04-25 16:42 - 2014-04-25 16:41 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer (1).exe
2014-04-25 16:41 - 2014-04-25 16:40 - 02217480 _____ (SoftCity ) C:\Users\hühne\Downloads\PCSpeedMaximizer.exe
2014-04-25 16:39 - 2014-04-25 16:39 - 00000000 ____D () C:\ProgramData\PriceMeterLiveUpdate
2014-04-25 16:11 - 2014-04-25 16:11 - 00000000 ____D () C:\Windows\system32\Adobe
2014-04-25 16:10 - 2014-04-25 16:08 - 04994480 _____ (Adobe Systems Inc.) C:\Users\hühne\Downloads\Shockwave_Installer_Slim.exe
2014-04-25 15:58 - 2014-04-25 15:56 - 02682880 _____ () C:\Users\hühne\Downloads\AdbeRdrSecUpd11005.msp
2014-04-25 08:31 - 2012-12-30 16:04 - 00000000 ____D () C:\Users\hühne\Desktop\Musik
2014-04-20 12:55 - 2013-03-06 09:53 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Spotify
2014-04-20 12:38 - 2012-12-04 18:12 - 00000000 ____D () C:\Users\hühne\AppData\Roaming\Skype
2014-04-18 08:16 - 2013-03-06 09:53 - 00000000 ____D () C:\Users\hühne\AppData\Local\Spotify
2014-04-17 20:33 - 2010-11-20 23:01 - 01619832 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 20:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-16 11:17 - 2014-04-02 14:33 - 00000000 ____D () C:\Users\hühne\AppData\Local\Windows Live
2014-04-15 20:24 - 2011-12-16 13:32 - 00000000 ____D () C:\Program Files\WildTangent Games
2014-04-15 20:22 - 2014-04-15 20:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-14 04:11 - 2014-04-30 07:23 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:07 - 2014-04-30 07:23 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-12 19:51 - 2012-11-30 18:40 - 00000000 ____D () C:\Users\hühne\AppData\Local\Adobe
2014-04-12 19:09 - 2014-04-12 19:09 - 00003288 ____N () C:\bootsqm.dat
2014-04-04 13:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-04 12:34 - 2014-03-02 17:21 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-04 12:34 - 2014-03-02 17:20 - 00002129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-04-04 12:32 - 2014-03-02 17:19 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-03 21:16 - 2009-07-14 06:33 - 00264128 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-03 09:51 - 2014-04-30 07:29 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-30 07:29 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-30 07:29 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\hühne\AppData\Local\Temp\7.8.20.2-EasyShrx.Dll
C:\Users\hühne\AppData\Local\Temp\AskSLib.dll
C:\Users\hühne\AppData\Local\Temp\avgnt.exe
C:\Users\hühne\AppData\Local\Temp\BackupSetup.exe
C:\Users\hühne\AppData\Local\Temp\install_flashplayer13x32au_mssa_aaa_aih.exe
C:\Users\hühne\AppData\Local\Temp\IrsoDLL.dll
C:\Users\hühne\AppData\Local\Temp\Quarantine.exe
C:\Users\hühne\AppData\Local\Temp\SEVINST.EXE
C:\Users\hühne\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-04 13:17

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Du hast gefragt,ob ich noch Probleme habe.Tja,gerade eben hatte ich wieder das Problem,das ich eine Seite schließen wollte,der Bildschirm milchig wurde und "Chrome-keine Rückmeldung" angezeigt wurde.Auch lässt er sich ab und zu immer noch nicht scrollen.
Woran liegt das?
Hast Du sonst noch Tipps,wie ich dafür sorgen kann,das de PC sauber bleibt und läuft?
Oder ist das immer die gleiche Prozedur,jede Woche?

LG

im FRST steht immer noch mit =======>Attention die blöde Misictoolbar,wieso werde ich die nicht los?

LG

schrauber 04.05.2014 07:45
Adobe und Firefox updaten. Ich empfehle immer Emsisoft.

Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKLM\...\AppCertDlls: [x64] -> c:\program files\music toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files\music toolbar\datamngr\apcrtldr.dll <===== ATTENTION
c:\program files\music toolbar
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-30] ()
C:\Windows\system32\GfxCUIServiceInstall.vbs
HKU\S-1-5-21-1313469467-449356098-3674421868-1000\...\Run: [AppSafe] => C:\Program Files\AppSafe\AppSafe.exe
CHR HKLM\...\Chrome\Extension: [aaaaihhnfnbnpbhpagnmoplpcjbediml] - C:\Users\hühne\AppData\Local\imeshmusicboxtoolbar181\GC\toolbar.crx [2014-01-27]
CHR Extension: (Music Toolbar) - C:\Users\hühne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [2014-04-29]

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Poste bitte nochmal ein frisches FST log, Rest besprechen wir dann wenn wir fertig sind.

tubaca 04.05.2014 15:20
wenn ich auf den FIX Button klicke erscheint"no fixlist found"

und

wie kann ich Adobe und Firefox updaten?Hab nach Emsisoft im Internet gesucht und auch gefunden,aber da sind so viele


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:21 Uhr.
Seite 1 von 4 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20