Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Werbefenster öffnen sich selbstständig in allen Browsern

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.05.2014, 08:36   #1
Chris180294
 
Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



Hallo,

sobald ich meinen Explorer (zurzeit Google Chrome) benutze und nur einmal mit der Maus klicke öffnet sich ein neues Fenster mit jeglicher Werbung. Habe ein ähnliches Thread ("Alle Browser voll mit Werbung ") gefunden, wo das selbe Problem beschrieben wurde. Dort war beschrieben, dass ich mal mit Farbar Recovery Scan Tool einen Scan durchführen sollte, dies habe ich schonmal getan.



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by Chris (administrator) on CHRIS-HP on 07-05-2014 08:15:46
Running from C:\Users\Chris\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\ProgramData\DatacardService\DCService.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(ArcSoft, Inc.) C:\Windows\system\uArcCapture.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
() C:\Program Files\V-bates\ExtensionUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Korg Inc.) C:\Windows\System32\InitJam.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Windows\vsnpstd3.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Windows\tsnpstd3.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
() C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
() C:\Program Files (x86)\Re-markit\Re-markitfQL161.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-06-19] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [JamInit] => C:\windows\system32\InitJam.exe [253008 2009-04-15] (Korg Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [snpstd3] => C:\windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [518656 2009-11-19] (ArcSoft Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-10-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SiemensAutomationFileStorage] => C:\Program Files (x86)\Siemens\Automation\Portal V11\\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe [856064 2011-11-22] (Siemens AG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [tsnpstd3] => C:\windows\tsnpstd3.exe [262144 2006-07-07] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\MountPoints2: {cdca94ef-f67f-11e0-bec7-e02a82a1a3d8} - D:\AutoRun.exe
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\MountPoints2: {cdca9500-f67f-11e0-bec7-e02a82a1a3d8} - D:\AutoRun.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:14326
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323828&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPF77F99E8-AF03-4553-9896-3D874741D4F1&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323828&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPF77F99E8-AF03-4553-9896-3D874741D4F1&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}
BHO: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho64.dll (HQ-Video)
BHO: V-bates - {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} - C:\Program Files\V-bates\Extension64.dll ()
BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho.dll (HQ-Video)
BHO-x32: V-bates - {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} - C:\Program Files\V-bates\Extension32.dll ()
BHO-x32: File Sanitizer for HP ProtectTools - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Avira Savings Advisor BHO - {A18A516C-AA41-46A9-92DB-60208917E442} - C:\Program Files (x86)\avira\Internet Explorer\avira32.dll ()
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @doubletwist.com/NPPodcast - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: V-bates - C:\Program Files\V-bates\Firefox [2014-02-15]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: V-bates - C:\Program Files\V-bates\Firefox [2014-02-15]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\u5faacrf.default\extensions\quick_start@gmail.com
FF HKCU\...\Firefox\Extensions: [{00894511-B737-5398-6E7A-13EBFFF11FE9}] - C:\Program Files (x86)\Re-markit\161.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit\161.xpi [2014-04-30]

Chrome: 
=======
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-28]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-28]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-28]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-28]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-28]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx [2014-04-28]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1543816 2011-12-11] (SIEMENS AG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] ()
R3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2009-12-16] (McAfee, Inc.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462088 2009-11-25] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-11-18] (Hewlett-Packard Ltd)
R2 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-11-19] (Hewlett-Packard Development Company, L.P)
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2009-12-16] (McAfee, Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company)
R2 Re-markit; C:\Program Files (x86)\Re-markit\Re-markitfQL161.exe [142848 2014-04-30] ()
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [139864 2012-01-30] (SIEMENS AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [470104 2012-01-30] (SIEMENS AG)
R2 uArcCapture; C:\windows\system\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)
R2 V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [209408 2014-01-08] ()

==================== Drivers (Whitelisted) ====================

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32640 2009-12-04] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 JAMVOX_01; C:\Windows\System32\DRIVERS\JamWdm.sys [31824 2009-04-15] ()
S1 JAMVOX_AA; C:\Windows\System32\DRIVERS\JamDRV.sys [62544 2009-04-15] ()
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2009-12-16] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2009-12-16] (McAfee, Inc.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [89216 2009-12-22] (Realtek Semiconductor Corp.)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2012-01-17] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2012-01-17] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [195584 2011-09-29] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2012-01-17] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [192000 2011-09-29] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [196608 2012-01-17] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2009-12-16] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2009-12-16] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2009-12-16] (McAfee, Inc.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [179288 2011-10-11] (SIEMENS AG)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
U2 wuaserv; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-07 07:58 - 2014-05-07 08:00 - 00042982 _____ () C:\Users\Chris\Downloads\Addition.txt
2014-05-07 07:57 - 2014-05-07 08:15 - 00029045 _____ () C:\Users\Chris\Downloads\FRST.txt
2014-05-07 07:56 - 2014-05-07 08:15 - 00000000 ____D () C:\FRST
2014-05-07 07:55 - 2014-05-07 07:56 - 02063872 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2014-05-07 07:47 - 2014-05-07 07:47 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-05-07 07:15 - 2014-05-07 07:15 - 00611320 _____ () C:\Users\Chris\Downloads\Player Setup.exe
2014-05-07 07:08 - 2014-05-07 07:08 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-06 12:16 - 2014-05-06 12:38 - 34014392 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeToMP3Converter34430.exe
2014-05-05 12:23 - 2014-05-05 12:35 - 32346240 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeDownload-3.2.33.424.exe
2014-05-05 12:18 - 2014-05-05 12:18 - 00001477 _____ () C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2014-05-05 11:48 - 2014-05-05 12:01 - 32121120 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeMP4VideoConverter_v5.0.39.430.exe
2014-05-04 20:22 - 2014-05-04 20:22 - 00499184 _____ () C:\Users\Chris\Downloads\Java.exe
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieUserList
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieSiteList
2014-04-30 14:53 - 2014-05-06 15:40 - 00000386 _____ () C:\windows\Tasks\Re-markit Update.job
2014-04-30 14:52 - 2014-04-30 14:52 - 00002964 _____ () C:\windows\System32\Tasks\Re-markit_wd
2014-04-30 14:51 - 2014-04-30 14:53 - 00000000 ____D () C:\Program Files (x86)\Re-markit
2014-04-29 06:46 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 06:46 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 06:46 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-29 06:46 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 06:46 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-29 06:46 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-29 06:46 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-29 06:46 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-29 06:46 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-29 06:46 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-29 06:46 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-29 06:46 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-29 06:46 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-29 06:46 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-29 06:46 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-29 06:46 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-29 06:46 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-29 06:46 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-29 06:46 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-29 06:46 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-29 06:46 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-29 06:46 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-29 06:46 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-29 06:46 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-29 06:46 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-29 06:46 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-29 06:46 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-29 06:46 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-29 06:46 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-29 06:46 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-29 06:46 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-29 06:46 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-29 06:46 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-29 06:46 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-29 06:46 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-29 06:46 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-29 06:46 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-29 06:46 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-29 06:46 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-29 06:46 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-29 06:46 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-29 06:46 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-29 06:46 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-29 06:46 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-29 06:46 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-29 06:46 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-29 06:46 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-29 06:46 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-28 21:16 - 2014-05-07 07:52 - 00001108 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-28 21:16 - 2014-05-07 07:15 - 00001104 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-28 21:16 - 2014-05-02 12:15 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-28 21:16 - 2014-04-29 06:47 - 00004104 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-28 21:16 - 2014-04-29 06:47 - 00003852 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-28 20:55 - 2014-04-28 21:12 - 38317592 _____ (Google Inc.) C:\Users\Chris\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe
2014-04-28 19:11 - 2014-04-28 19:11 - 00000000 ____D () C:\Users\Chris\Desktop\Neuer Ordner
2014-04-28 12:44 - 2014-04-28 19:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-12 22:31 - 2014-04-12 22:31 - 00000000 ____D () C:\Users\Chris\Documents\ArcSoft
2014-04-10 13:49 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-10 13:49 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-10 13:49 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-10 13:49 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-10 13:49 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-10 11:33 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-10 11:33 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-10 11:33 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-10 11:33 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-10 11:33 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-10 11:33 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-10 11:33 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-10 11:33 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-10 11:33 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-10 11:33 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-10 11:33 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-10 11:33 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-07 08:15 - 2014-05-07 07:57 - 00029045 _____ () C:\Users\Chris\Downloads\FRST.txt
2014-05-07 08:15 - 2014-05-07 07:56 - 00000000 ____D () C:\FRST
2014-05-07 08:00 - 2014-05-07 07:58 - 00042982 _____ () C:\Users\Chris\Downloads\Addition.txt
2014-05-07 07:58 - 2011-01-08 11:28 - 01415741 _____ () C:\windows\WindowsUpdate.log
2014-05-07 07:56 - 2014-05-07 07:55 - 02063872 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2014-05-07 07:52 - 2014-04-28 21:16 - 00001108 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-07 07:51 - 2009-07-14 06:51 - 00302817 _____ () C:\windows\setupact.log
2014-05-07 07:50 - 2009-07-14 06:45 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-07 07:50 - 2009-07-14 06:45 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-07 07:47 - 2014-05-07 07:47 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-05-07 07:15 - 2014-05-07 07:15 - 00611320 _____ () C:\Users\Chris\Downloads\Player Setup.exe
2014-05-07 07:15 - 2014-04-28 21:16 - 00001104 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-07 07:12 - 2014-02-25 10:25 - 00003140 _____ () C:\windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job
2014-05-07 07:10 - 2010-12-07 14:06 - 00700134 _____ () C:\windows\system32\perfh007.dat
2014-05-07 07:10 - 2010-12-07 14:06 - 00149984 _____ () C:\windows\system32\perfc007.dat
2014-05-07 07:10 - 2009-07-14 07:13 - 01622236 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-07 07:08 - 2014-05-07 07:08 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-07 07:08 - 2012-11-08 22:32 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-05-07 07:08 - 2011-08-05 18:32 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\DVDVideoSoft
2014-05-07 07:08 - 2011-01-24 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-07 07:07 - 2014-02-25 10:26 - 00001580 _____ () C:\windows\Tasks\HQ-Video-Profession-1.3-updater.job
2014-05-07 07:07 - 2014-02-25 10:26 - 00001536 _____ () C:\windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job
2014-05-07 07:07 - 2014-02-25 10:26 - 00001434 _____ () C:\windows\Tasks\HQ-Video-Profession-1.3-enabler.job
2014-05-07 07:07 - 2014-02-25 10:25 - 00002662 _____ () C:\windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job
2014-05-06 15:40 - 2014-04-30 14:53 - 00000386 _____ () C:\windows\Tasks\Re-markit Update.job
2014-05-06 15:40 - 2014-02-25 10:16 - 00000376 _____ () C:\windows\Tasks\Re-markit_wd.job
2014-05-06 12:38 - 2014-05-06 12:16 - 34014392 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeToMP3Converter34430.exe
2014-05-06 12:14 - 2011-01-24 20:34 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers
2014-05-05 12:57 - 2011-05-19 18:05 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Skype
2014-05-05 12:35 - 2014-05-05 12:23 - 32346240 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeDownload-3.2.33.424.exe
2014-05-05 12:18 - 2014-05-05 12:18 - 00001477 _____ () C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2014-05-05 12:01 - 2014-05-05 11:48 - 32121120 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeMP4VideoConverter_v5.0.39.430.exe
2014-05-05 11:47 - 2011-01-23 19:32 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-05-05 11:46 - 2011-10-30 19:50 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-05 11:24 - 2014-02-25 10:25 - 00000000 ____D () C:\Program Files (x86)\HQ-Video-Profession-1.3
2014-05-04 20:22 - 2014-05-04 20:22 - 00499184 _____ () C:\Users\Chris\Downloads\Java.exe
2014-05-04 20:07 - 2014-03-13 19:55 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForChris
2014-05-04 20:07 - 2014-03-13 19:55 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForChris.job
2014-05-02 17:49 - 2010-12-07 14:05 - 00000000 ____D () C:\ProgramData\HPQLOG
2014-05-02 17:48 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-02 12:15 - 2014-04-28 21:16 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-30 15:06 - 2011-01-26 20:37 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieUserList
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieSiteList
2014-04-30 14:53 - 2014-04-30 14:51 - 00000000 ____D () C:\Program Files (x86)\Re-markit
2014-04-30 14:53 - 2014-02-25 10:16 - 00003034 _____ () C:\windows\System32\Tasks\Re-markit Update
2014-04-30 14:52 - 2014-04-30 14:52 - 00002964 _____ () C:\windows\System32\Tasks\Re-markit_wd
2014-04-30 14:51 - 2014-02-25 10:16 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-29 07:59 - 2011-01-22 01:27 - 00443788 _____ () C:\windows\PFRO.log
2014-04-29 07:58 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-29 06:47 - 2014-04-28 21:16 - 00004104 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-29 06:47 - 2014-04-28 21:16 - 00003852 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-28 21:12 - 2014-04-28 20:55 - 38317592 _____ (Google Inc.) C:\Users\Chris\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe
2014-04-28 20:23 - 2013-03-06 19:03 - 01232896 ___SH () C:\Users\Chris\Desktop\Thumbs.db
2014-04-28 20:07 - 2013-11-27 16:22 - 00017390 _____ () C:\windows\IE11_main.log
2014-04-28 19:11 - 2014-04-28 19:11 - 00000000 ____D () C:\Users\Chris\Desktop\Neuer Ordner
2014-04-28 19:11 - 2014-04-28 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-28 19:11 - 2011-01-21 18:20 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Mozilla
2014-04-12 22:31 - 2014-04-12 22:31 - 00000000 ____D () C:\Users\Chris\Documents\ArcSoft
2014-04-11 08:22 - 2011-02-02 17:24 - 00000000 ____D () C:\ProgramData\Microsoft Help

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.8992.dll


Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\0a50e25a83046228c11dcaa7eeed09bb.exe
C:\Users\Chris\AppData\Local\Temp\2dcd1d63cb45e6613582211c3d5f4b23.exe
C:\Users\Chris\AppData\Local\Temp\7z.dll
C:\Users\Chris\AppData\Local\Temp\7z.exe
C:\Users\Chris\AppData\Local\Temp\adks_awesomehp.exe
C:\Users\Chris\AppData\Local\Temp\AtpTimerInfo.dll
C:\Users\Chris\AppData\Local\Temp\avgnt.exe
C:\Users\Chris\AppData\Local\Temp\BackupSetup.exe
C:\Users\Chris\AppData\Local\Temp\cvppgr8x.dll
C:\Users\Chris\AppData\Local\Temp\CWPCUNLR.dll
C:\Users\Chris\AppData\Local\Temp\dlLogic.exe
C:\Users\Chris\AppData\Local\Temp\dltr.exe
C:\Users\Chris\AppData\Local\Temp\dtkill.exe
C:\Users\Chris\AppData\Local\Temp\EnhanceTronicSetup_20131220.exe
C:\Users\Chris\AppData\Local\Temp\Executor.exe
C:\Users\Chris\AppData\Local\Temp\Extract.exe
C:\Users\Chris\AppData\Local\Temp\GCVerifier.dll
C:\Users\Chris\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Chris\AppData\Local\Temp\HPQSi.exe
C:\Users\Chris\AppData\Local\Temp\installhelper.dll
C:\Users\Chris\AppData\Local\Temp\Install_Nokia_Ovi_Suite.exe
C:\Users\Chris\AppData\Local\Temp\j5ftrtpz.oft.exe
C:\Users\Chris\AppData\Local\Temp\killtask.exe
C:\Users\Chris\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Chris\AppData\Local\Temp\neoNCSetup64.exe
C:\Users\Chris\AppData\Local\Temp\NEventMessages.dll
C:\Users\Chris\AppData\Local\Temp\nsb947A.exe
C:\Users\Chris\AppData\Local\Temp\nsg58DE.exe
C:\Users\Chris\AppData\Local\Temp\nsl5B6E.exe
C:\Users\Chris\AppData\Local\Temp\nsl91AB.exe
C:\Users\Chris\AppData\Local\Temp\nssB819.tmp.exe
C:\Users\Chris\AppData\Local\Temp\nsuCA16.exe
C:\Users\Chris\AppData\Local\Temp\Resource.exe
C:\Users\Chris\AppData\Local\Temp\SetupAdmin.exe
C:\Users\Chris\AppData\Local\Temp\SetupDataMngr_jZip.exe
C:\Users\Chris\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Chris\AppData\Local\Temp\SP49020.exe
C:\Users\Chris\AppData\Local\Temp\SP50370.exe
C:\Users\Chris\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Chris\AppData\Local\Temp\SP50877.exe
C:\Users\Chris\AppData\Local\Temp\SP51626.exe
C:\Users\Chris\AppData\Local\Temp\sp52110.exe.exe
C:\Users\Chris\AppData\Local\Temp\sp54373.exe
C:\Users\Chris\AppData\Local\Temp\sp54620.exe
C:\Users\Chris\AppData\Local\Temp\SP57752.exe
C:\Users\Chris\AppData\Local\Temp\sp58915.exe
C:\Users\Chris\AppData\Local\Temp\SPSetup.exe
C:\Users\Chris\AppData\Local\Temp\spstub.exe
C:\Users\Chris\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Chris\AppData\Local\Temp\ubkojco2.dll
C:\Users\Chris\AppData\Local\Temp\uninstall.exe
C:\Users\Chris\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Chris\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Chris\AppData\Local\Temp\verifier.exe
C:\Users\Chris\AppData\Local\Temp\_ReMarkit_up.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 12:14

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2014
Ran by Chris at 2014-05-07 08:16:06
Running from C:\Users\Chris\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 1.0.23.26 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.43.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 1.0.0.26 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{E534C3AC-6D49-4EAC-8993-C1F0FF545B67}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira Savings Advisor (HKLM-x32\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira) <==== ATTENTION
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0805.358.5180 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0805.358.5180 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0805.358.5180 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help English (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help French (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help German (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0805.0357.5180 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0805.358.5180 - ATI) Hidden
ccc-utility64 (Version: 2010.0805.358.5180 - ATI) Hidden
Compatibility Check Tool TIA -  TIACOMPCHECK Single SetupPackage  V11.0 + SP1 (x32 Version: 11.00.0100 - Siemens AG) Hidden
Corel Home Office - CS Templates (x32 Version: 5.8 - 公司名称) Hidden
Corel Home Office - CT Templates (x32 Version: 5.8 - 您的公司名稱) Hidden
Corel Home Office - IPM (x32 Version: 5.8 - Corel Corporation) Hidden
Corel Home Office - JP Templates (x32 Version: 5.8 - 会社名) Hidden
Corel Home Office - KR Templates (x32 Version: 5.8 - 회사명) Hidden
Corel Home Office - Launcher (x32 Version: 5.8 - Corel Corporation) Hidden
Corel Home Office - Templates RU (x32 Version: 5.8 - Название организации) Hidden
Corel Home Office - Templates1 (x32 Version: 5.8 - Your Company Name) Hidden
Corel Home Office (HKLM-x32\...\_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}) (Version: 5.0.90.675 - Corel Corporation)
Corel Home Office (x32 Version: 5.8 - Corel Corporation) Hidden
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.5 - Hewlett-Packard)
doubleTwist (HKLM-x32\...\doubleTwist) (Version: 3.1.0.9758 - doubleTwist Corporation)
Drive Encryption for HP ProtectTools (HKLM-x32\...\Drive Encryption) (Version: 5.0.4.0 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.4.0 - Hewlett-Packard) Hidden
Druckerdeinstallation für EPSON BX310FN Series (HKLM\...\EPSON BX310FN Series) (Version:  - SEIKO EPSON Corporation)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Face Recognition for HP ProtectTools (HKLM\...\{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}) (Version: 2.02.4007 - Hewlett-Packard)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.2 - Hewlett-Packard)
Free MP4 Video Converter version 5.0.39.430 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.39.430 - DVDVideoSoft Ltd.)
Free YouTube Download 3 version 3.0.11.727 (HKLM-x32\...\Free YouTube Download 3_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube Download version 3.2.33.424 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.33.424 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{67C090D6-109A-47D7-8DED-4160C4D96F32}) (Version: 4.0.4.1 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{D21160A2-8B5F-409C-99C8-03582F5324B7}) (Version: 1.7.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{F5F16745-6FCB-4134-83F9-2688ACFF5DC9}) (Version: 1.1.8.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{014C6C60-4916-48F7-916E-E8048E12E9F1}) (Version: 4.0.3.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{32C278B2-BC1F-4018-8FB4-2012A40D9FC1}) (Version: 1.0.9.0 - Hewlett-Packard Company)
HP Power Data (HKLM\...\{F2177395-FD90-44B0-AFB8-2E0566855E5C}) (Version: 1.0.31.182 - Hewlett-Packard)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.03.637 - Hewlett-Packard)
HP ProtectTools Security Manager (Version: 5.03.637 - Hewlett-Packard) Hidden
HP QuickLook (HKLM\...\{E6BEE2A9-04CF-42FF-B95B-BB70FAD2DC3E}) (Version: 3.3.1.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{7861911B-4270-498A-8F7A-FCF0570F487D}) (Version: 1.0.1.63 - DeviceVM, Inc.)
HP Setup (HKLM-x32\...\{E7C34ED4-BBB6-4C57-9FBD-B29CA5878051}) (Version: 8.5.4371.3505 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}) (Version: 4.0.39.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.9 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0024 - Realtek Semiconductor Corp.)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
HQ-Video-Profession-1.3 (HKLM-x32\...\HQ-Video-Profession-1.3) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Juniper Networks Network Connect 7.0.0 (HKLM-x32\...\Juniper Network Connect 7.0.0) (Version: 7.0.0.18107 - Juniper Networks)
Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 2.2.5.9755 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
jZip (HKLM-x32\...\jZip) (Version:  - Bandoo Media Inc.) <==== ATTENTION
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
LOGO!Soft Comfort V6.1 (HKLM-x32\...\LOGO!Soft Comfort V6.1) (Version: 6.1.0.0 - Siemens AG)
LOGO!Soft Comfort V7.0 (Demo) (HKLM-x32\...\LOGO!Soft Comfort V7.0 (Demo)) (Version: 7.0.0.0 - Siemens AG)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (HKLM-x32\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCM GPRS 64 (Version: 01.01.0000 - Siemens AG) Hidden
Network Print Monitor for Windows 2000/XP/2003 (HKLM-x32\...\Network Print Monitor) (Version:  - )
OFT2 Grafcet Version 2.0.9.2 (HKLM-x32\...\Omegon Fluid Technology Grafcet_is1) (Version:  - Omegon Teachware)
PC Connectivity Solution (HKLM-x32\...\{499B65FF-C8A9-478C-BD83-3E25714D72C9}) (Version: 9.38.0.0 - Nokia)
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Pre-Boot Security for HP ProtectTools (Version: 5.0.7.1 - Hewlett-Packard) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}) (Version: 5.10.796 - Hewlett-Packard)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Re-markit (HKLM-x32\...\0CBE6C26-3AF7-4A9D-98E5-B8354D25C83E) (Version:  - Re-markit-software) <==== ATTENTION
SEE Electrical Building School V2 (HKLM-x32\...\{57689281-9E59-44AC-95FD-86D2897A36FF}) (Version: 2.20.3340 - IGE+XAO)
SEE Electrical Schulversion V4R1 (HKLM-x32\...\SEE Electrical Schulversion V4R1) (Version:  - )
SEE Electrical Schulversion V5R1 (HKLM-x32\...\SEE Electrical Schulversion V5R1) (Version:  - )
Siemens  Totally Integrated Automation Portal V11 (HKLM-x32\...\Siemens Installer Assistant - TIAP11) (Version: V11 - Siemens AG)
Siemens Automation License Manager (Version: 05.01.0103 - Siemens AG) Hidden
Siemens Automation License Manager V5.1 + SP1 + Upd3   (HKLM\...\{4EA2F07F-BD6B-4765-B7C1-53674EED70F6}LicenseManager) (Version: 05.01.0103 - Siemens AG)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - )
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista (HKLM-x32\...\{6D57B359-CCBA-4D1C-9FEB-966A2C392DD2}) (Version: 4.40 - Silicon Laboratories, Inc.)
SIMATIC Device Drivers (Version: 01.00.0300 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.00.0300 - Siemens AG) Hidden
SIMATIC Event Database (x32 Version: 05.05.0100 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0100 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0100 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
SIMATIC Prosave (x32 Version: 09.00.0300 - Siemens AG) Hidden
SIMATIC Prosave V9.0 incl. SP3   (HKLM-x32\...\{AE533A06-4655-41E8-88BB-48293AAF1FA0}Prosave) (Version: 09.00.0300 - Siemens AG)
SIMATIC S7-PLCSIM (x32 Version: 5.4.0502 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2   (HKLM-x32\...\{1CBF27F6-24A4-488D-940A-678F1C691C49}PLCSim) (Version: 5.4.0502 - Siemens AG)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Theft Recovery (HKLM-x32\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.18 - Hewlett-Packard)
Theft Recovery (x32 Version: 5.1.0.18 - Hewlett-Packard) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 0  V11.0 (x32 Version: 11.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 02  V11.0 (x32 Version: 11.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 03  V11.0 (x32 Version: 11.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package WCF-01  V11.0 (x32 Version: 11.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HWConfig Single SetupPackage  V11.0 SP2 UPD2 (x32 Version: 11.00.0200 - Siemens AG) Hidden
TIA Portal Single SetupPackage - STEP 7 Single SetupPackage  V11.0 SP2 UPD2 (x32 Version: 11.00.0200 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-01  V11.0 (x32 Version: 11.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-02  V11.0 (x32 Version: 11.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIA ESTOUR  V11.0 + SP2 (x32 Version: 11.00.0200 - Siemens AG) Hidden
TIA Portal Single SetupPackage - WinCC Single SetupPackage  V11.0 SP2 UPD2 (x32 Version: 11.00.0200 - Siemens AG) Hidden
TIA Portal Single SetupPackage - WINCCBASUCL  V11.0 + SP11 (x32 Version: 11.00.1100 - Siemens AG) Hidden
Totally Integrated Automation Portal V11 -  TIA Portal Single SetupPackage  V11.0 + SP2 (x32 Version: 11.00.0200 - Siemens AG) Hidden
TotalMedia Suite update (x32 Version: 1.0.0.1 - ArcSoft) Hidden
TrekStor Mobile (HKLM-x32\...\TrekStor Mobile) (Version: 16.001.06.01.789 - Huawei Technologies Co.,Ltd)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB PC Camera Plus (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.17.0.000 - Sonix)
Validity Fingerprint Driver (HKLM\...\{516DA517-73A0-40F8-8CD9-E5ED4EC383E5}) (Version: 4.0.10.0 - Validity Sensors, Inc.)
V-bates 2.0.0.438 (HKLM\...\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1) (Version: 2.0.0.438 - Southstarco) <==== ATTENTION
VC User 71 RTL X86 --- (x32 Version: 1.0 - redistributed from Microsoft Corporation merge modules) Hidden
WinCC Runtime Advanced Simulator (x32 Version: 11.00.0100 - Siemens AG) Hidden
Windows 7 Default Setting (HKLM-x32\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

==================== Restore Points  =========================

06-03-2014 18:02:41 Windows Update
13-03-2014 21:09:53 HPSF Applying updates
13-03-2014 21:10:16 HPSF Applying updates
15-03-2014 09:03:04 Windows Update
24-03-2014 15:35:20 Geplanter Prüfpunkt
06-04-2014 08:06:16 Geplanter Prüfpunkt
07-04-2014 20:32:37 HPSF Applying updates
07-04-2014 20:32:41 HPSF Applying updates
11-04-2014 06:17:43 Windows Update
22-04-2014 09:56:20 HPSF Applying updates
22-04-2014 09:56:21 HPSF Applying updates
29-04-2014 04:44:26 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2011-10-11 20:58 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {047B40A5-A0C5-4FF6-BB98-AF129ED6D2B2} - System32\Tasks\HQ-Video-Profession-1.3-chromeinstaller => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe [2014-02-25] (HQ-Video) <==== ATTENTION
Task: {41E6B786-D8ED-4C7D-AA5E-F771A14F34E1} - System32\Tasks\HQ-Video-Profession-1.3-enabler => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe <==== ATTENTION
Task: {4871D7ED-E699-4BA8-B134-ED5B6F21F909} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-28] (Google Inc.)
Task: {4ED7FD75-1B5B-498B-95FA-52955668D34C} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe [2014-04-30] () <==== ATTENTION
Task: {68BF7296-1DDC-4935-B35D-1172328CF57B} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {721EB5BD-E2E0-4E3A-80A2-B609CBC7CA72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-28] (Google Inc.)
Task: {857EBC26-8836-4CAE-A272-C89EB8838CE6} - System32\Tasks\{B601E01F-1259-447D-8EC8-95D0CA090B8D} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.120/en/abandoninstall?page=tsChrome&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {A2CDE9D4-7CA2-4DE2-ADA3-B6F555F8852B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A6B2CF5B-F239-4407-B50C-D4831B8E9953} - System32\Tasks\HPCeeScheduleForChris => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {B91F4F61-ECA3-471B-8317-580E0390720C} - System32\Tasks\HQ-Video-Profession-1.3-firefoxinstaller => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe [2014-02-25] (HQ-Video) <==== ATTENTION
Task: {BBC3D1A7-E66C-4610-8E85-8455DA034FBC} - System32\Tasks\HQ-Video-Profession-1.3-codedownloader => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe [2014-02-25] (HQ-Video) <==== ATTENTION
Task: {CABAE5E4-EDFF-453F-A55D-FA258589502C} - System32\Tasks\HQ-Video-Profession-1.3-updater => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe [2014-02-25] (HQ-Video) <==== ATTENTION
Task: {D4855862-ADF2-438D-B682-222DD7CF2189} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {EB881AE1-726C-425E-9623-8BEA3B3D6C93} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit\Re-markitfQL.exe [2014-04-30] () <==== ATTENTION
Task: {ECE80DA2-7C77-401A-A0A0-929B815BA8D2} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
Task: {F6D24017-9868-457D-9BF3-5A1457DF1B3D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForChris.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\HQ-Video-Profession-1.3-enabler.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\HQ-Video-Profession-1.3-updater.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe <==== ATTENTION
Task: C:\windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit\Re-markitfQL.exe <==== ATTENTION
Task: C:\windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2010-02-11 23:50 - 2010-02-11 23:50 - 00746256 _____ () C:\windows\system32\SUPSDK.dll
2009-11-23 19:24 - 2009-11-23 19:24 - 01412608 ____R () C:\windows\system32\LIBEAY32.dll
2009-10-29 03:57 - 2009-10-29 03:57 - 00100864 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-03-10 01:43 - 2011-03-10 01:43 - 00774144 _____ () C:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin64.dll
2010-08-19 10:52 - 2010-08-19 10:52 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2011-12-14 12:18 - 2011-12-14 12:18 - 00824320 _____ () C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\sn_regbase.dll
2014-02-15 12:08 - 2014-01-08 16:24 - 00209408 _____ () C:\Program Files\V-bates\ExtensionUpdaterService.exe
2010-06-19 02:25 - 2010-06-19 02:25 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2010-06-19 02:25 - 2010-06-19 02:25 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
2010-06-19 02:25 - 2010-06-19 02:25 - 00055864 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2006-09-19 10:07 - 2006-09-19 10:07 - 00827392 _____ () C:\Windows\vsnpstd3.exe
2014-02-22 15:41 - 2006-07-07 16:04 - 00262144 _____ () C:\Windows\tsnpstd3.exe
2010-06-22 03:54 - 2010-06-22 03:54 - 00098304 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-05 13:57 - 2010-08-05 13:57 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-04-05 21:12 - 2010-04-05 21:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-04-05 21:11 - 2010-04-05 21:11 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-04-05 21:12 - 2010-04-05 21:12 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-04-30 14:51 - 2014-04-30 14:51 - 00077312 _____ () C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe
2014-04-30 14:51 - 2014-04-30 14:51 - 00142848 _____ () C:\Program Files (x86)\Re-markit\Re-markitfQL161.exe
2014-02-25 18:02 - 2014-02-14 12:00 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-06-17 21:40 - 2009-06-17 21:40 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-06-17 21:40 - 2009-06-17 21:40 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-06-17 21:40 - 2009-06-17 21:40 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-02-15 14:27 - 2014-02-15 14:27 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-12-07 14:00 - 2010-03-04 06:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-12-14 12:18 - 2011-12-14 12:18 - 00749568 _____ () C:\windows\SysWOW64\sn_regbase.dll
2014-04-30 14:51 - 2014-04-30 14:51 - 00133120 _____ () C:\Program Files (x86)\Re-markit\Re-markitfQL161.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-05-02 12:15 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-05-02 12:15 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-05-02 12:15 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-05-02 12:15 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-05-02 12:15 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-05-02 12:15 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-05-02 12:15 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2014 07:06:58 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 53575689

Error: (05/07/2014 07:06:58 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 53575689

Error: (05/07/2014 07:06:58 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/06/2014 04:14:08 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 6131

Error: (05/06/2014 04:14:08 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 6131

Error: (05/06/2014 04:14:08 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/06/2014 04:14:07 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 5117

Error: (05/06/2014 04:14:07 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 5117

Error: (05/06/2014 04:14:07 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/06/2014 04:14:06 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 4088


System errors:
=============
Error: (05/02/2014 06:49:44 PM) (Source: WMPNetworkSvc) (User: ) (EventID: 14365)
Description: 0x80004004-1

Error: (05/02/2014 05:49:04 PM) (Source: Service Control Manager) (User: ) (EventID: 7026)
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
JAMVOX_AA

Error: (05/02/2014 05:47:55 PM) (Source: EventLog) (User: ) (EventID: 6008)
Description: Das System wurde zuvor am ‎02.‎05.‎2014 um 12:19:33 unerwartet heruntergefahren.

Error: (04/30/2014 02:55:23 PM) (Source: Service Control Manager) (User: ) (EventID: 7022)
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde nicht richtig gestartet.

Error: (04/30/2014 02:51:16 PM) (Source: Service Control Manager) (User: ) (EventID: 7026)
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
JAMVOX_AA

Error: (04/29/2014 11:43:37 AM) (Source: NetBT) (User: ) (EventID: 4311)
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "6431500765E0", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die 
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung 
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar 
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (04/29/2014 11:43:37 AM) (Source: NetBT) (User: ) (EventID: 4311)
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "6431500765E0", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die 
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung 
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar 
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (04/29/2014 08:00:48 AM) (Source: Service Control Manager) (User: ) (EventID: 7026)
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
JAMVOX_AA

Error: (04/29/2014 07:58:21 AM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (04/28/2014 07:23:07 PM) (Source: bowser) (User: ) (EventID: 8003)
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "BENNO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{BC1A1A27-F9ED-4D6C-985A-7FACB0397CAC}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (03/11/2013 08:38:29 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 60 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/11/2013 08:38:11 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 42 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 65%
Total physical RAM: 3951.43 MB
Available physical RAM: 1371.19 MB
Total Pagefile: 7901.04 MB
Available Pagefile: 3754.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.47 GB) (Free:198.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.48 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: EC9CDE1C)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End Of Log ============================
         



Hoffe mir kann da jemand genauso weiterhelfen!
Vielen dank schonmal
Gruß Chris

Alt 07.05.2014, 08:39   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



hi,

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 07.05.2014, 11:47   #3
Chris180294
 
Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



Okay,
habe den Revo Uninstaller heruntergeladen.
Bin auf dem ganzen Gebiet nicht so wirklich der Profi,

Zitat:
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION
Was meinst du damit? Bzw Wie finde ich das?

Danke schonmal!

Habe es doch verstanden.
Habe allerdings ein Programm nicht deinstalliert bekommen, dies finde ich in der Liste auch gar nicht?!

Code:
ATTFilter
V-bates 2.0.0.438 (HKLM\...\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1) (Version: 2.0.0.438 - Southstarco) <==== ATTENTION
         
Lasse ich dass dann aus ?

Danke
__________________

Alt 08.05.2014, 08:40   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



Versuch es normal über Windows zu deinstallieren. Geht es dort auch nicht, ignorieren und weiter mit der Anleitung
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.05.2014, 06:10   #5
Chris180294
 
Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



So Combofix ist nun drübergelaufen! Hier einmal die txt.

Code:
ATTFilter
ComboFix 14-05-07.03 - Chris 08.05.2014  13:02:58.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3951.1870 [GMT 2:00]
ausgeführt von:: c:\users\Chris\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\INSTALL.LOG
c:\programdata\52167B2056.sys
C:\Thumbs.db
c:\users\Chris\AppData\Local\lollipop
c:\users\Public\AlexaNSISPlugin.8992.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DCService.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-08 bis 2014-05-08  ))))))))))))))))))))))))))))))
.
.
2014-05-08 11:18 . 2014-05-08 11:18	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-05-08 11:18 . 2014-05-08 11:18	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-08 10:21 . 2014-04-29 14:01	23547904	----a-w-	c:\windows\system32\mshtml.dll
2014-05-08 10:21 . 2014-04-29 13:40	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-08 10:21 . 2014-04-29 12:34	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-08 10:21 . 2014-05-08 10:21	--------	d-s---w-	c:\windows\system32\CompatTel
2014-05-07 12:17 . 2014-04-17 03:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{C1570925-CB20-4F74-8854-52CFBF9DA42E}\mpengine.dll
2014-05-07 06:47 . 2014-05-07 06:47	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-05-07 05:56 . 2014-05-07 06:17	--------	d-----w-	C:\FRST
2014-05-06 08:52 . 2014-04-14 02:24	465408	----a-w-	c:\windows\system32\aepdu.dll
2014-05-06 08:52 . 2014-04-14 02:19	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-04-30 12:55 . 2014-04-30 12:55	--------	d-sh--w-	c:\users\Chris\AppData\Local\EmieUserList
2014-04-30 12:55 . 2014-04-30 12:55	--------	d-sh--w-	c:\users\Chris\AppData\Local\EmieSiteList
2014-04-28 19:16 . 2014-04-28 19:16	--------	d-----w-	c:\program files (x86)\Google
2014-04-28 19:16 . 2014-04-28 19:16	--------	d-----w-	c:\users\Chris\AppData\Local\Google
2014-04-10 11:49 . 2014-02-04 02:35	190912	----a-w-	c:\windows\system32\drivers\storport.sys
2014-04-10 11:49 . 2014-02-04 02:35	274880	----a-w-	c:\windows\system32\drivers\msiscsi.sys
2014-04-10 11:49 . 2014-02-04 02:35	27584	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2014-04-10 11:49 . 2014-02-04 02:28	2048	----a-w-	c:\windows\system32\iologmsg.dll
2014-04-10 11:49 . 2014-02-04 02:00	2048	----a-w-	c:\windows\SysWow64\iologmsg.dll
2014-04-10 09:33 . 2014-03-04 09:44	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-04-10 09:33 . 2014-03-04 09:44	243712	----a-w-	c:\windows\system32\wow64.dll
2014-04-10 09:33 . 2014-03-04 09:44	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-04-10 09:33 . 2014-03-04 09:44	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-04-10 09:33 . 2014-03-04 09:44	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-04-10 09:33 . 2014-03-04 09:17	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-04-10 09:33 . 2014-03-04 09:16	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-04-10 09:33 . 2014-03-04 09:16	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-04-10 09:33 . 2014-03-04 08:09	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-04-10 09:33 . 2014-03-04 08:09	2048	----a-w-	c:\windows\SysWow64\user.exe
2014-04-10 09:33 . 2014-01-24 02:37	1684928	----a-w-	c:\windows\system32\drivers\ntfs.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-31 07:35 . 2011-03-24 17:06	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-04 09:17 . 2014-04-10 09:33	44032	----a-w-	c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-09-14 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-12-12 11265536]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-19 518656]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-05 43848]
"SiemensAutomationFileStorage"="c:\program files (x86)\Siemens\Automation\Portal V11\\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe" [2011-11-21 856064]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-07-22 162856]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2006-07-07 262144]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-06 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 22:39	75320	----a-w-	c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	DPPassFilter scecli
.
R1 JAMVOX_AA;Service for JamVOX Controller driver;c:\windows\system32\DRIVERS\JamDRV.sys;c:\windows\SYSNATIVE\DRIVERS\JamDRV.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 JAMVOX_01;Service for JamVOX Audio driver;c:\windows\system32\DRIVERS\JamWdm.sys;c:\windows\SYSNATIVE\DRIVERS\JamWdm.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 RsvLock;RsvLock; [x]
S2 almservice;Automation License Manager Service;c:\program files\Common Files\Siemens\sws\almsrv\almsrv64x.exe;c:\program files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys;c:\windows\SYSNATIVE\drivers\iPodDrv.sys [x]
S2 s7oiehsx64;SIMATIC IEPG Help Service;c:\program files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe;c:\program files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [x]
S2 s7ousbu64x;SIMATIC USB Service;c:\windows\system32\DRIVERS\s7ousbu64x.sys;c:\windows\SYSNATIVE\DRIVERS\s7ousbu64x.sys [x]
S2 s7sn2srtx;PROFINET IO RT-Protocol V2.0;c:\windows\system32\DRIVERS\s7sn2srtx.sys;c:\windows\SYSNATIVE\DRIVERS\s7sn2srtx.sys [x]
S2 S7TraceServiceX;S7TraceServiceX;c:\program files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe;c:\program files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe;c:\windows\system\uArcCapture.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [x]
S3 dpmconv;SIMATIC NET DP Driver;c:\windows\system32\DRIVERS\dpmconv.sys;c:\windows\SYSNATIVE\DRIVERS\dpmconv.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 s7odpx2x64;SIMATIC Knotentaufe;c:\windows\system32\DRIVERS\s7odpx2x64.sys;c:\windows\SYSNATIVE\DRIVERS\s7odpx2x64.sys [x]
S3 s7oppinx64;SIMATIC PPI Transport;c:\windows\system32\DRIVERS\s7oppinx64.sys;c:\windows\SYSNATIVE\DRIVERS\s7oppinx64.sys [x]
S3 s7oserix64;Siemens PC Serial Cable;c:\windows\system32\Drivers\s7oserix64.sys;c:\windows\SYSNATIVE\Drivers\s7oserix64.sys [x]
S3 s7osmcax64;SIMATIC PC Adapter RS232;c:\windows\system32\DRIVERS\s7osmcax64.sys;c:\windows\SYSNATIVE\DRIVERS\s7osmcax64.sys [x]
S3 s7osobux64;SIMATIC SoftBus;c:\windows\system32\DRIVERS\s7osobux64.sys;c:\windows\SYSNATIVE\DRIVERS\s7osobux64.sys [x]
S3 s7otmcd64x;SIMATIC Memory Cards;c:\windows\system32\Drivers\s7otmcd64x.sys;c:\windows\SYSNATIVE\Drivers\s7otmcd64x.sys [x]
S3 s7otranx64;SIMATIC Transport;c:\windows\system32\DRIVERS\s7otranx64.sys;c:\windows\SYSNATIVE\DRIVERS\s7otranx64.sys [x]
S3 s7otsadx64;SIMATIC TS Adapter RS232;c:\windows\system32\DRIVERS\s7otsadx64.sys;c:\windows\SYSNATIVE\DRIVERS\s7otsadx64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 vsnl2ada;SIMATIC NET FDL Driver;c:\windows\system32\DRIVERS\vsnl2ada.sys;c:\windows\SYSNATIVE\DRIVERS\vsnl2ada.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 20:11	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-30 13:19	1078088	----a-w-	c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-28 19:16]
.
2014-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-28 19:16]
.
2014-05-04 c:\windows\Tasks\HPCeeScheduleForChris.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-06-19 1691192]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"JamInit"="InitJam.exe" [2009-04-15 253008]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
mDefault_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX
mStart Page = hxxp://www.awesomehp.com/?type=hp&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
BHO-{11111111-1111-1111-1111-110511151178} - c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho64.dll
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SysTrayApp - c:\program files\IDT\WDM\sttray64.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Juniper Networks\Common Files\dsNcService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\SysWOW64\pniopcac.exe
c:\windows\SysWOW64\pniopcac.exe
c:\windows\SysWOW64\pniopcac.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-08  13:38:05 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-05-08 11:37
.
Vor Suchlauf: 14 Verzeichnis(se), 215.519.752.192 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 216.732.708.864 Bytes frei
.
- - End Of File - - E8987641E4A6920A989EF83857430B8D
         


Alt 09.05.2014, 17:18   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Werbefenster öffnen sich selbstständig in allen Browsern

Alt 12.05.2014, 19:53   #7
Chris180294
 
Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



Malwarebytes Anti-Malware :
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 12.05.2014 15:22:00, SYSTEM, CHRIS-HP, Protection, Malware Protection, Starting, 
Protection, 12.05.2014 15:22:00, SYSTEM, CHRIS-HP, Protection, Malware Protection, Started, 
Protection, 12.05.2014 15:22:00, SYSTEM, CHRIS-HP, Protection, Malicious Website Protection, Starting, 
Update, 12.05.2014 15:22:12, SYSTEM, CHRIS-HP, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, 
Protection, 12.05.2014 15:22:40, SYSTEM, CHRIS-HP, Protection, Malicious Website Protection, Started, 
Update, 12.05.2014 15:25:05, SYSTEM, CHRIS-HP, Manual, Malware Database, 2014.3.4.9, 2014.5.12.2, 
Protection, 12.05.2014 15:25:07, SYSTEM, CHRIS-HP, Protection, Refresh, Starting, 
Protection, 12.05.2014 15:25:07, SYSTEM, CHRIS-HP, Protection, Malicious Website Protection, Stopping, 
Protection, 12.05.2014 15:25:07, SYSTEM, CHRIS-HP, Protection, Malicious Website Protection, Stopped, 
Protection, 12.05.2014 15:25:10, SYSTEM, CHRIS-HP, Protection, Refresh, Success, 
Protection, 12.05.2014 15:25:10, SYSTEM, CHRIS-HP, Protection, Malicious Website Protection, Starting, 
Protection, 12.05.2014 15:25:10, SYSTEM, CHRIS-HP, Protection, Malicious Website Protection, Started, 
Protection, 12.05.2014 15:44:26, SYSTEM, CHRIS-HP, Protection, Malware Protection, Starting, 
Protection, 12.05.2014 15:44:26, SYSTEM, CHRIS-HP, Protection, Malware Protection, Started, 
Protection, 12.05.2014 15:44:26, SYSTEM, CHRIS-HP, Protection, Malicious Website Protection, Starting, 
Protection, 12.05.2014 15:46:28, SYSTEM, CHRIS-HP, Protection, Malicious Website Protection, Started, 

(end)
         

AdwCleaner:
Code:
ATTFilter
# AdwCleaner v3.208 - Bericht erstellt am 12/05/2014 um 19:16:33
# Aktualisiert 11/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Chris - CHRIS-HP
# Gestartet von : C:\Users\Chris\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Chris\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Chris\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\Chris\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\Chris\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Chris\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\Searchqutoolbar

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_virtual-dj_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_virtual-dj_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3323828&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPF77F99E8-AF03-4553-9896-3D874741D4F1&q={searchTerms}&SSPV=
Gelöscht [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Gelöscht [Search Provider] : hxxp://www.awesomehp.com/web/?type=ds&ts=1393075610&from=adks&uid=HitachiXHTS725050A9A364_101216PCK404GLG5MS5JX&q={searchTerms}

*************************

AdwCleaner[R0].txt - [7565 octets] - [12/05/2014 15:54:14]
AdwCleaner[S0].txt - [6282 octets] - [12/05/2014 19:16:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6342 octets] ##########
         
Junkware Removal Tool :
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Chris on 12.05.2014 at 19:21:28,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.05.2014 at 19:29:09,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Chris (administrator) on CHRIS-HP on 12-05-2014 19:52:05
Running from C:\Users\Chris\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Korg Inc.) C:\Windows\System32\InitJam.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Windows\vsnpstd3.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(ArcSoft, Inc.) C:\Windows\system\uArcCapture.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Windows\tsnpstd3.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-06-19] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [JamInit] => C:\windows\system32\InitJam.exe [253008 2009-04-15] (Korg Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [snpstd3] => C:\windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [518656 2009-11-19] (ArcSoft Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-10-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SiemensAutomationFileStorage] => C:\Program Files (x86)\Siemens\Automation\Portal V11\\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe [856064 2011-11-22] (Siemens AG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [tsnpstd3] => C:\windows\tsnpstd3.exe [262144 2006-07-07] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @doubletwist.com/NPPodcast - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-28]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-28]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-28]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-28]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-28]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1543816 2011-12-11] (SIEMENS AG)
R3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2009-12-16] (McAfee, Inc.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462088 2009-11-25] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-11-18] (Hewlett-Packard Ltd)
R2 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-11-19] (Hewlett-Packard Development Company, L.P)
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2009-12-16] (McAfee, Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [139864 2012-01-30] (SIEMENS AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [470104 2012-01-30] (SIEMENS AG)
R2 uArcCapture; C:\windows\system\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32640 2009-12-04] (ArcSoft, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 JAMVOX_01; C:\Windows\System32\DRIVERS\JamWdm.sys [31824 2009-04-15] ()
S1 JAMVOX_AA; C:\Windows\System32\DRIVERS\JamDRV.sys [62544 2009-04-15] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2009-12-16] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2009-12-16] (McAfee, Inc.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [89216 2009-12-22] (Realtek Semiconductor Corp.)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2012-01-17] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2012-01-17] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [195584 2011-09-29] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2012-01-17] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [192000 2011-09-29] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [196608 2012-01-17] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2009-12-16] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2009-12-16] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2009-12-16] (McAfee, Inc.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [179288 2011-10-11] (SIEMENS AG)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
U2 wuaserv; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-12 19:51 - 2014-05-12 19:51 - 00000000 ____D () C:\Users\Chris\Downloads\FRST-OlderVersion
2014-05-12 19:29 - 2014-05-12 19:29 - 00000695 _____ () C:\Users\Chris\Desktop\JRT.txt
2014-05-12 19:21 - 2014-05-12 19:21 - 00000000 ____D () C:\windows\ERUNT
2014-05-12 19:20 - 2014-05-12 19:21 - 01016261 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe
2014-05-12 19:19 - 2014-05-12 19:19 - 00006434 _____ () C:\Users\Chris\Desktop\AdwCleaner[S0].txt
2014-05-12 15:54 - 2014-05-12 19:16 - 00000000 ____D () C:\AdwCleaner
2014-05-12 15:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-05-12 15:52 - 2014-05-12 15:53 - 01325827 _____ () C:\Users\Chris\Desktop\adwcleaner.exe
2014-05-12 15:49 - 2014-05-12 15:49 - 00001642 _____ () C:\Users\Chris\Desktop\mbam.txt
2014-05-12 15:21 - 2014-05-12 19:20 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-12 15:21 - 2014-05-12 15:21 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-12 15:21 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-12 15:21 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-12 15:21 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-12 15:10 - 2014-05-12 15:16 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Chris\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-12 15:04 - 2014-05-12 15:04 - 00003284 _____ () C:\windows\System32\Tasks\{2D6FB43B-3571-411F-AF75-EDDBCB35F900}
2014-05-08 13:38 - 2014-05-08 13:38 - 00026049 _____ () C:\ComboFix.txt
2014-05-08 13:00 - 2014-05-08 13:38 - 00000000 ____D () C:\Qoobox
2014-05-08 13:00 - 2014-05-08 13:34 - 00000000 ____D () C:\windows\erdnt
2014-05-08 13:00 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-05-08 13:00 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-05-08 13:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-05-08 13:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-05-08 13:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-05-08 13:00 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-05-08 13:00 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-05-08 13:00 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-05-08 12:58 - 2014-05-08 13:00 - 05200039 ____R (Swearware) C:\Users\Chris\Desktop\ComboFix.exe
2014-05-08 12:21 - 2014-05-08 12:21 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-08 12:21 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-08 12:21 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-08 12:21 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-08 12:21 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-07 08:47 - 2014-05-07 08:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Chris\Downloads\revosetup95 (1).exe
2014-05-07 08:47 - 2014-05-07 08:47 - 00001264 _____ () C:\Users\Chris\Desktop\Revo Uninstaller.lnk
2014-05-07 08:47 - 2014-05-07 08:47 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 08:46 - 2014-05-07 08:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Chris\Downloads\revosetup95.exe
2014-05-07 07:58 - 2014-05-07 08:17 - 00042984 _____ () C:\Users\Chris\Downloads\Addition.txt
2014-05-07 07:57 - 2014-05-12 19:52 - 00021403 _____ () C:\Users\Chris\Downloads\FRST.txt
2014-05-07 07:56 - 2014-05-12 19:52 - 00000000 ____D () C:\FRST
2014-05-07 07:55 - 2014-05-12 19:51 - 02066944 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2014-05-07 07:47 - 2014-05-07 07:47 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-05-07 07:08 - 2014-05-07 07:08 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-06 12:16 - 2014-05-06 12:38 - 34014392 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeToMP3Converter34430.exe
2014-05-06 10:52 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-06 10:52 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-05 12:23 - 2014-05-05 12:35 - 32346240 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeDownload-3.2.33.424.exe
2014-05-05 12:18 - 2014-05-05 12:18 - 00001477 _____ () C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2014-05-05 11:48 - 2014-05-05 12:01 - 32121120 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeMP4VideoConverter_v5.0.39.430.exe
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieUserList
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieSiteList
2014-04-29 06:46 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-29 06:46 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-29 06:46 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-29 06:46 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-29 06:46 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-29 06:46 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-29 06:46 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-29 06:46 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-29 06:46 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-29 06:46 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-29 06:46 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-29 06:46 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-29 06:46 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-29 06:46 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-29 06:46 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-29 06:46 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-29 06:46 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-29 06:46 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-29 06:46 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-29 06:46 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-29 06:46 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-29 06:46 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-29 06:46 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-29 06:46 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-29 06:46 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-29 06:46 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-29 06:46 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-29 06:46 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-29 06:46 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-29 06:46 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-29 06:46 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-29 06:46 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-29 06:46 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-29 06:46 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-29 06:46 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-29 06:46 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-29 06:46 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-29 06:46 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-29 06:46 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-29 06:46 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-29 06:46 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-29 06:46 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-29 06:46 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-29 06:46 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-28 21:16 - 2014-05-12 19:28 - 00001108 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-28 21:16 - 2014-05-12 19:18 - 00001104 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-28 21:16 - 2014-05-08 12:22 - 00004104 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-28 21:16 - 2014-05-08 12:22 - 00003852 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-28 21:16 - 2014-05-02 12:15 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-28 20:55 - 2014-04-28 21:12 - 38317592 _____ (Google Inc.) C:\Users\Chris\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe
2014-04-28 19:11 - 2014-04-28 19:11 - 00000000 ____D () C:\Users\Chris\Desktop\Neuer Ordner
2014-04-28 12:44 - 2014-04-28 19:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-12 22:31 - 2014-04-12 22:31 - 00000000 ____D () C:\Users\Chris\Documents\ArcSoft

==================== One Month Modified Files and Folders =======

2014-05-12 19:52 - 2014-05-07 07:57 - 00021403 _____ () C:\Users\Chris\Downloads\FRST.txt
2014-05-12 19:52 - 2014-05-07 07:56 - 00000000 ____D () C:\FRST
2014-05-12 19:51 - 2014-05-12 19:51 - 00000000 ____D () C:\Users\Chris\Downloads\FRST-OlderVersion
2014-05-12 19:51 - 2014-05-07 07:55 - 02066944 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2014-05-12 19:29 - 2014-05-12 19:29 - 00000695 _____ () C:\Users\Chris\Desktop\JRT.txt
2014-05-12 19:28 - 2014-04-28 21:16 - 00001108 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-12 19:25 - 2009-07-14 06:45 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-12 19:25 - 2009-07-14 06:45 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-12 19:24 - 2010-12-07 14:06 - 00700134 _____ () C:\windows\system32\perfh007.dat
2014-05-12 19:24 - 2010-12-07 14:06 - 00149984 _____ () C:\windows\system32\perfc007.dat
2014-05-12 19:24 - 2009-07-14 07:13 - 01622236 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-12 19:21 - 2014-05-12 19:21 - 00000000 ____D () C:\windows\ERUNT
2014-05-12 19:21 - 2014-05-12 19:20 - 01016261 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe
2014-05-12 19:20 - 2014-05-12 15:21 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-12 19:20 - 2010-12-07 14:05 - 00000000 ____D () C:\ProgramData\HPQLOG
2014-05-12 19:19 - 2014-05-12 19:19 - 00006434 _____ () C:\Users\Chris\Desktop\AdwCleaner[S0].txt
2014-05-12 19:18 - 2014-04-28 21:16 - 00001104 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-12 19:18 - 2011-05-19 18:05 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Skype
2014-05-12 19:17 - 2011-01-22 01:27 - 00452180 _____ () C:\windows\PFRO.log
2014-05-12 19:17 - 2011-01-08 11:28 - 01770257 _____ () C:\windows\WindowsUpdate.log
2014-05-12 19:17 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-12 19:17 - 2009-07-14 06:51 - 00302985 _____ () C:\windows\setupact.log
2014-05-12 19:16 - 2014-05-12 15:54 - 00000000 ____D () C:\AdwCleaner
2014-05-12 19:16 - 2011-01-21 17:42 - 00000989 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-12 15:53 - 2014-05-12 15:52 - 01325827 _____ () C:\Users\Chris\Desktop\adwcleaner.exe
2014-05-12 15:49 - 2014-05-12 15:49 - 00001642 _____ () C:\Users\Chris\Desktop\mbam.txt
2014-05-12 15:43 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\Resources
2014-05-12 15:21 - 2014-05-12 15:21 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-12 15:16 - 2014-05-12 15:10 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Chris\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-12 15:04 - 2014-05-12 15:04 - 00003284 _____ () C:\windows\System32\Tasks\{2D6FB43B-3571-411F-AF75-EDDBCB35F900}
2014-05-08 20:07 - 2014-03-13 19:55 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForChris
2014-05-08 20:07 - 2014-03-13 19:55 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForChris.job
2014-05-08 13:38 - 2014-05-08 13:38 - 00026049 _____ () C:\ComboFix.txt
2014-05-08 13:38 - 2014-05-08 13:00 - 00000000 ____D () C:\Qoobox
2014-05-08 13:38 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-08 13:34 - 2014-05-08 13:00 - 00000000 ____D () C:\windows\erdnt
2014-05-08 13:24 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2014-05-08 13:21 - 2014-02-25 18:02 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-08 13:21 - 2009-07-14 04:34 - 23330816 _____ () C:\windows\system32\config\SYSTEM.bak
2014-05-08 13:21 - 2009-07-14 04:34 - 100925440 _____ () C:\windows\system32\config\SOFTWARE.bak
2014-05-08 13:21 - 2009-07-14 04:34 - 01048576 _____ () C:\windows\system32\config\DEFAULT.bak
2014-05-08 13:21 - 2009-07-14 04:34 - 00262144 _____ () C:\windows\system32\config\SECURITY.bak
2014-05-08 13:21 - 2009-07-14 04:34 - 00262144 _____ () C:\windows\system32\config\SAM.bak
2014-05-08 13:00 - 2014-05-08 12:58 - 05200039 ____R (Swearware) C:\Users\Chris\Desktop\ComboFix.exe
2014-05-08 12:22 - 2014-04-28 21:16 - 00004104 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 12:22 - 2014-04-28 21:16 - 00003852 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 12:21 - 2014-05-08 12:21 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-07 11:44 - 2014-02-25 10:16 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-07 09:58 - 2011-01-22 01:29 - 00000000 ____D () C:\windows\rescache
2014-05-07 08:48 - 2014-05-07 08:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Chris\Downloads\revosetup95 (1).exe
2014-05-07 08:47 - 2014-05-07 08:47 - 00001264 _____ () C:\Users\Chris\Desktop\Revo Uninstaller.lnk
2014-05-07 08:47 - 2014-05-07 08:47 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 08:47 - 2014-05-07 08:46 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Chris\Downloads\revosetup95.exe
2014-05-07 08:17 - 2014-05-07 07:58 - 00042984 _____ () C:\Users\Chris\Downloads\Addition.txt
2014-05-07 07:47 - 2014-05-07 07:47 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-05-07 07:08 - 2014-05-07 07:08 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-07 07:08 - 2012-11-08 22:32 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-05-07 07:08 - 2011-08-05 18:32 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\DVDVideoSoft
2014-05-07 07:08 - 2011-01-24 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-06 12:38 - 2014-05-06 12:16 - 34014392 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeToMP3Converter34430.exe
2014-05-05 12:35 - 2014-05-05 12:23 - 32346240 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeDownload-3.2.33.424.exe
2014-05-05 12:18 - 2014-05-05 12:18 - 00001477 _____ () C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2014-05-05 12:01 - 2014-05-05 11:48 - 32121120 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeMP4VideoConverter_v5.0.39.430.exe
2014-05-05 11:47 - 2011-01-23 19:32 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-05-05 11:46 - 2011-10-30 19:50 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-02 12:15 - 2014-04-28 21:16 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-30 15:06 - 2011-01-26 20:37 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieUserList
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieSiteList
2014-04-29 16:01 - 2014-05-08 12:21 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-08 12:21 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-08 12:21 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-08 12:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-29 07:58 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-28 21:12 - 2014-04-28 20:55 - 38317592 _____ (Google Inc.) C:\Users\Chris\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe
2014-04-28 20:23 - 2013-03-06 19:03 - 01232896 ___SH () C:\Users\Chris\Desktop\Thumbs.db
2014-04-28 20:07 - 2013-11-27 16:22 - 00017390 _____ () C:\windows\IE11_main.log
2014-04-28 19:11 - 2014-04-28 19:11 - 00000000 ____D () C:\Users\Chris\Desktop\Neuer Ordner
2014-04-28 19:11 - 2014-04-28 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-28 19:11 - 2011-01-21 18:20 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Mozilla
2014-04-14 04:24 - 2014-05-06 10:52 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-06 10:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-04-12 22:31 - 2014-04-12 22:31 - 00000000 ____D () C:\Users\Chris\Documents\ArcSoft

Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\Quarantine.exe
         
LG

Alt 13.05.2014, 16:22   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.05.2014, 20:28   #9
Chris180294
 
Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



So einmal alles :

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ec465302a1d0cf42a42da47e6bce8bb0
# engine=18276
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-15 05:49:38
# local_time=2014-05-15 07:49:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 105529 151806028 0 0
# scanned=265317
# found=14
# cleaned=8
# scan_time=4478
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=E4333469F3070D049E4FDA053756B96B9F59569B ft=1 fh=5e9b3d881266bb41 vn="Win32/Distromatic evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="Variante von Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]"
sh=29E421AB9476F9D2E23DAC7CFDE8DD9EE9D0768A ft=1 fh=d53e88ba43d6b8ab vn="Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]"
sh=F4BBB551315DBE49911663D85F079AFE8B5F8F51 ft=1 fh=96414ff33da39282 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[1]"
sh=F4BBB551315DBE49911663D85F079AFE8B5F8F51 ft=1 fh=96414ff33da39282 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[2]"
sh=7800581A9599622F64C310DF897FD72BDF27155C ft=1 fh=04a3fa8adc261380 vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000"
sh=8F5C4B49415DD1D33CA87A417BFC6306883CF7F0 ft=1 fh=fe26d910a0aa5728 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Chris\Downloads\PDF XChange Viewer - CHIP-Downloader.exe"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=E4333469F3070D049E4FDA053756B96B9F59569B ft=1 fh=5e9b3d881266bb41 vn="Win32/Distromatic evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="Variante von Win32/Distromatic.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]"
sh=29E421AB9476F9D2E23DAC7CFDE8DD9EE9D0768A ft=1 fh=d53e88ba43d6b8ab vn="Win32/Distromatic.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]"
sh=F4BBB551315DBE49911663D85F079AFE8B5F8F51 ft=1 fh=96414ff33da39282 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[1]"
sh=F4BBB551315DBE49911663D85F079AFE8B5F8F51 ft=1 fh=96414ff33da39282 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[2]"
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
  Adobe Flash Player 11.7.700.202 Flash Player out of Date!  
 Google Chrome 34.0.1847.116  
 Google Chrome 34.0.1847.131  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Chris (administrator) on CHRIS-HP on 15-05-2014 20:23:41
Running from C:\Users\Chris\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ArcSoft, Inc.) C:\Windows\system\uArcCapture.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Korg Inc.) C:\Windows\System32\InitJam.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Windows\vsnpstd3.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Windows\tsnpstd3.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtITunesPlugIn.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-06-19] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [JamInit] => C:\windows\system32\InitJam.exe [253008 2009-04-15] (Korg Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [snpstd3] => C:\windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [518656 2009-11-19] (ArcSoft Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-10-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SiemensAutomationFileStorage] => C:\Program Files (x86)\Siemens\Automation\Portal V11\\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe [856064 2011-11-22] (Siemens AG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [tsnpstd3] => C:\windows\tsnpstd3.exe [262144 2006-07-07] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-538565719-3422209620-1557115018-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @doubletwist.com/NPPodcast - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-28]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-28]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-28]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-28]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-28]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1543816 2011-12-11] (SIEMENS AG)
R3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2009-12-16] (McAfee, Inc.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462088 2009-11-25] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-11-18] (Hewlett-Packard Ltd)
R2 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-11-19] (Hewlett-Packard Development Company, L.P)
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2009-12-16] (McAfee, Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [139864 2012-01-30] (SIEMENS AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [470104 2012-01-30] (SIEMENS AG)
R2 uArcCapture; C:\windows\system\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32640 2009-12-04] (ArcSoft, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 JAMVOX_01; C:\Windows\System32\DRIVERS\JamWdm.sys [31824 2009-04-15] ()
S1 JAMVOX_AA; C:\Windows\System32\DRIVERS\JamDRV.sys [62544 2009-04-15] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2009-12-16] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2009-12-16] (McAfee, Inc.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [89216 2009-12-22] (Realtek Semiconductor Corp.)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2012-01-17] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2012-01-17] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [195584 2011-09-29] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2012-01-17] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [192000 2011-09-29] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [196608 2012-01-17] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2009-12-16] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2009-12-16] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2009-12-16] (McAfee, Inc.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [179288 2011-10-11] (SIEMENS AG)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
U2 wuaserv; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-15 20:19 - 2014-05-15 20:20 - 00855379 _____ () C:\Users\Chris\Desktop\SecurityCheck.exe
2014-05-15 12:46 - 2014-05-15 12:46 - 00765144 _____ () C:\windows\Minidump\051514-19359-01.dmp
2014-05-12 19:51 - 2014-05-12 19:51 - 00000000 ____D () C:\Users\Chris\Downloads\FRST-OlderVersion
2014-05-12 19:29 - 2014-05-12 19:29 - 00000695 _____ () C:\Users\Chris\Desktop\JRT.txt
2014-05-12 19:21 - 2014-05-12 19:21 - 00000000 ____D () C:\windows\ERUNT
2014-05-12 19:20 - 2014-05-12 19:21 - 01016261 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe
2014-05-12 19:19 - 2014-05-12 19:19 - 00006434 _____ () C:\Users\Chris\Desktop\AdwCleaner[S0].txt
2014-05-12 15:54 - 2014-05-12 19:16 - 00000000 ____D () C:\AdwCleaner
2014-05-12 15:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-05-12 15:52 - 2014-05-12 15:53 - 01325827 _____ () C:\Users\Chris\Desktop\adwcleaner.exe
2014-05-12 15:49 - 2014-05-12 15:49 - 00001642 _____ () C:\Users\Chris\Desktop\mbam.txt
2014-05-12 15:21 - 2014-05-15 18:03 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-12 15:21 - 2014-05-12 15:21 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-12 15:21 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-12 15:21 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-12 15:21 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-12 15:10 - 2014-05-12 15:16 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Chris\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-12 15:04 - 2014-05-12 15:04 - 00003284 _____ () C:\windows\System32\Tasks\{2D6FB43B-3571-411F-AF75-EDDBCB35F900}
2014-05-08 13:38 - 2014-05-08 13:38 - 00026049 _____ () C:\ComboFix.txt
2014-05-08 13:00 - 2014-05-08 13:38 - 00000000 ____D () C:\Qoobox
2014-05-08 13:00 - 2014-05-08 13:34 - 00000000 ____D () C:\windows\erdnt
2014-05-08 13:00 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-05-08 13:00 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-05-08 13:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-05-08 13:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-05-08 13:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-05-08 13:00 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-05-08 13:00 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-05-08 13:00 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-05-08 12:58 - 2014-05-08 13:00 - 05200039 ____R (Swearware) C:\Users\Chris\Desktop\ComboFix.exe
2014-05-08 12:21 - 2014-05-08 12:21 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-08 12:21 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-08 12:21 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-08 12:21 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-08 12:21 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-07 08:47 - 2014-05-07 08:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Chris\Downloads\revosetup95 (1).exe
2014-05-07 08:47 - 2014-05-07 08:47 - 00001264 _____ () C:\Users\Chris\Desktop\Revo Uninstaller.lnk
2014-05-07 08:47 - 2014-05-07 08:47 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 08:46 - 2014-05-07 08:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Chris\Downloads\revosetup95.exe
2014-05-07 07:58 - 2014-05-07 08:17 - 00042984 _____ () C:\Users\Chris\Downloads\Addition.txt
2014-05-07 07:57 - 2014-05-15 20:23 - 00021748 _____ () C:\Users\Chris\Downloads\FRST.txt
2014-05-07 07:56 - 2014-05-15 20:23 - 00000000 ____D () C:\FRST
2014-05-07 07:55 - 2014-05-12 19:51 - 02066944 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2014-05-07 07:47 - 2014-05-07 07:47 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-05-07 07:08 - 2014-05-07 07:08 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-06 12:16 - 2014-05-06 12:38 - 34014392 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeToMP3Converter34430.exe
2014-05-06 10:52 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-06 10:52 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-05 12:23 - 2014-05-05 12:35 - 32346240 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeDownload-3.2.33.424.exe
2014-05-05 12:18 - 2014-05-05 12:18 - 00001477 _____ () C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2014-05-05 11:48 - 2014-05-05 12:01 - 32121120 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeMP4VideoConverter_v5.0.39.430.exe
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieUserList
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieSiteList
2014-04-29 06:46 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-29 06:46 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-29 06:46 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-29 06:46 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-29 06:46 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-29 06:46 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-29 06:46 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-29 06:46 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-29 06:46 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-29 06:46 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-29 06:46 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-29 06:46 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-29 06:46 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-29 06:46 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-29 06:46 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-29 06:46 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-29 06:46 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-29 06:46 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-29 06:46 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-29 06:46 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-29 06:46 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-29 06:46 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-29 06:46 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-29 06:46 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-29 06:46 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-29 06:46 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-29 06:46 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-29 06:46 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-29 06:46 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-29 06:46 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-29 06:46 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-29 06:46 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-29 06:46 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-29 06:46 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-29 06:46 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-29 06:46 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-29 06:46 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-29 06:46 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-29 06:46 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-29 06:46 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-29 06:46 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-29 06:46 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-29 06:46 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-29 06:46 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-28 21:16 - 2014-05-15 19:27 - 00001108 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-28 21:16 - 2014-05-15 12:46 - 00001104 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-28 21:16 - 2014-05-08 12:22 - 00004104 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-28 21:16 - 2014-05-08 12:22 - 00003852 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-28 21:16 - 2014-05-02 12:15 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-28 20:55 - 2014-04-28 21:12 - 38317592 _____ (Google Inc.) C:\Users\Chris\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe
2014-04-28 19:11 - 2014-04-28 19:11 - 00000000 ____D () C:\Users\Chris\Desktop\Neuer Ordner
2014-04-28 12:44 - 2014-04-28 19:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-05-15 20:23 - 2014-05-07 07:57 - 00021748 _____ () C:\Users\Chris\Downloads\FRST.txt
2014-05-15 20:23 - 2014-05-07 07:56 - 00000000 ____D () C:\FRST
2014-05-15 20:20 - 2014-05-15 20:19 - 00855379 _____ () C:\Users\Chris\Desktop\SecurityCheck.exe
2014-05-15 19:27 - 2014-04-28 21:16 - 00001108 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-15 18:54 - 2011-01-08 11:28 - 01950755 _____ () C:\windows\WindowsUpdate.log
2014-05-15 18:06 - 2010-12-07 14:06 - 00700134 _____ () C:\windows\system32\perfh007.dat
2014-05-15 18:06 - 2010-12-07 14:06 - 00149984 _____ () C:\windows\system32\perfc007.dat
2014-05-15 18:06 - 2009-07-14 07:13 - 01622236 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-15 18:03 - 2014-05-12 15:21 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-15 12:54 - 2011-02-02 17:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 12:54 - 2009-07-14 06:45 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-15 12:54 - 2009-07-14 06:45 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-15 12:48 - 2010-12-07 14:05 - 00000000 ____D () C:\ProgramData\HPQLOG
2014-05-15 12:46 - 2014-05-15 12:46 - 00765144 _____ () C:\windows\Minidump\051514-19359-01.dmp
2014-05-15 12:46 - 2014-04-28 21:16 - 00001104 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-15 12:46 - 2011-07-27 15:02 - 564609626 _____ () C:\windows\MEMORY.DMP
2014-05-15 12:46 - 2011-07-27 15:02 - 00000000 ____D () C:\windows\Minidump
2014-05-15 12:46 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-15 12:46 - 2009-07-14 06:51 - 00303153 _____ () C:\windows\setupact.log
2014-05-14 14:26 - 2011-05-19 18:05 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Skype
2014-05-12 20:07 - 2014-03-13 19:55 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForChris
2014-05-12 20:07 - 2014-03-13 19:55 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForChris.job
2014-05-12 19:51 - 2014-05-12 19:51 - 00000000 ____D () C:\Users\Chris\Downloads\FRST-OlderVersion
2014-05-12 19:51 - 2014-05-07 07:55 - 02066944 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2014-05-12 19:29 - 2014-05-12 19:29 - 00000695 _____ () C:\Users\Chris\Desktop\JRT.txt
2014-05-12 19:21 - 2014-05-12 19:21 - 00000000 ____D () C:\windows\ERUNT
2014-05-12 19:21 - 2014-05-12 19:20 - 01016261 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe
2014-05-12 19:19 - 2014-05-12 19:19 - 00006434 _____ () C:\Users\Chris\Desktop\AdwCleaner[S0].txt
2014-05-12 19:17 - 2011-01-22 01:27 - 00452180 _____ () C:\windows\PFRO.log
2014-05-12 19:16 - 2014-05-12 15:54 - 00000000 ____D () C:\AdwCleaner
2014-05-12 19:16 - 2011-01-21 18:53 - 00000000 ____D () C:\ProgramData\ICQ
2014-05-12 19:16 - 2011-01-21 17:42 - 00000989 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-12 15:53 - 2014-05-12 15:52 - 01325827 _____ () C:\Users\Chris\Desktop\adwcleaner.exe
2014-05-12 15:49 - 2014-05-12 15:49 - 00001642 _____ () C:\Users\Chris\Desktop\mbam.txt
2014-05-12 15:43 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\Resources
2014-05-12 15:21 - 2014-05-12 15:21 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-12 15:21 - 2014-05-12 15:21 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-12 15:16 - 2014-05-12 15:10 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Chris\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-12 15:04 - 2014-05-12 15:04 - 00003284 _____ () C:\windows\System32\Tasks\{2D6FB43B-3571-411F-AF75-EDDBCB35F900}
2014-05-08 13:38 - 2014-05-08 13:38 - 00026049 _____ () C:\ComboFix.txt
2014-05-08 13:38 - 2014-05-08 13:00 - 00000000 ____D () C:\Qoobox
2014-05-08 13:38 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-08 13:34 - 2014-05-08 13:00 - 00000000 ____D () C:\windows\erdnt
2014-05-08 13:24 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2014-05-08 13:21 - 2014-02-25 18:02 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-08 13:21 - 2009-07-14 04:34 - 23330816 _____ () C:\windows\system32\config\SYSTEM.bak
2014-05-08 13:21 - 2009-07-14 04:34 - 100925440 _____ () C:\windows\system32\config\SOFTWARE.bak
2014-05-08 13:21 - 2009-07-14 04:34 - 01048576 _____ () C:\windows\system32\config\DEFAULT.bak
2014-05-08 13:21 - 2009-07-14 04:34 - 00262144 _____ () C:\windows\system32\config\SECURITY.bak
2014-05-08 13:21 - 2009-07-14 04:34 - 00262144 _____ () C:\windows\system32\config\SAM.bak
2014-05-08 13:00 - 2014-05-08 12:58 - 05200039 ____R (Swearware) C:\Users\Chris\Desktop\ComboFix.exe
2014-05-08 12:22 - 2014-04-28 21:16 - 00004104 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 12:22 - 2014-04-28 21:16 - 00003852 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 12:21 - 2014-05-08 12:21 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-07 11:44 - 2014-02-25 10:16 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-07 09:58 - 2011-01-22 01:29 - 00000000 ____D () C:\windows\rescache
2014-05-07 08:48 - 2014-05-07 08:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Chris\Downloads\revosetup95 (1).exe
2014-05-07 08:47 - 2014-05-07 08:47 - 00001264 _____ () C:\Users\Chris\Desktop\Revo Uninstaller.lnk
2014-05-07 08:47 - 2014-05-07 08:47 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 08:47 - 2014-05-07 08:46 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Chris\Downloads\revosetup95.exe
2014-05-07 08:17 - 2014-05-07 07:58 - 00042984 _____ () C:\Users\Chris\Downloads\Addition.txt
2014-05-07 07:47 - 2014-05-07 07:47 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-05-07 07:08 - 2014-05-07 07:08 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-05-07 07:08 - 2012-11-08 22:32 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-05-07 07:08 - 2011-08-05 18:32 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\DVDVideoSoft
2014-05-07 07:08 - 2011-01-24 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-06 12:38 - 2014-05-06 12:16 - 34014392 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeToMP3Converter34430.exe
2014-05-05 12:35 - 2014-05-05 12:23 - 32346240 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTubeDownload-3.2.33.424.exe
2014-05-05 12:18 - 2014-05-05 12:18 - 00001477 _____ () C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2014-05-05 12:01 - 2014-05-05 11:48 - 32121120 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeMP4VideoConverter_v5.0.39.430.exe
2014-05-05 11:47 - 2011-01-23 19:32 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-05-05 11:46 - 2011-10-30 19:50 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-02 12:15 - 2014-04-28 21:16 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-30 15:06 - 2011-01-26 20:37 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieUserList
2014-04-30 14:55 - 2014-04-30 14:55 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieSiteList
2014-04-29 16:01 - 2014-05-08 12:21 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-08 12:21 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-08 12:21 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-08 12:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-29 07:58 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-28 21:16 - 2014-04-28 21:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-28 21:12 - 2014-04-28 20:55 - 38317592 _____ (Google Inc.) C:\Users\Chris\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe
2014-04-28 20:23 - 2013-03-06 19:03 - 01232896 ___SH () C:\Users\Chris\Desktop\Thumbs.db
2014-04-28 20:07 - 2013-11-27 16:22 - 00017390 _____ () C:\windows\IE11_main.log
2014-04-28 19:11 - 2014-04-28 19:11 - 00000000 ____D () C:\Users\Chris\Desktop\Neuer Ordner
2014-04-28 19:11 - 2014-04-28 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-28 19:11 - 2011-01-21 18:20 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Mozilla

Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 07:16

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Sieht sehr gut aus ! denke der scheiß ist weg !
Vielen vielen dank !
Kannst du mir eventuell ein gutes Antivierenprogramm empfehlen?
Kostenlos?

LG

Alt 16.05.2014, 12:55   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



Flash updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.05.2014, 19:44   #11
Chris180294
 
Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



Das mit der Fixlist öffnet Frst nicht was kann ich tun ?:-/

Alt 19.05.2014, 12:57   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



Zitat:
Running from C:\Users\Chris\Downloads
Pack die fixlist mal in den Download Ordner.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.05.2014, 10:37   #13
Chris180294
 
Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



Alles an Werbung ist weg
Allerdings habe ich den Delfix rüberlaufen lassen, und nun ist das letzte FRST log weg:-/ ist das schlimm ?:-/

Vielen lieben dank ! Hast mir sehr geholfen und danke für die zahlreichen Tipps !

MfG Chris

Alt 22.05.2014, 09:38   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Werbefenster öffnen sich selbstständig in allen Browsern - Standard

Werbefenster öffnen sich selbstständig in allen Browsern



Neee, passt

Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Werbefenster öffnen sich selbstständig in allen Browsern
antivir, association, avira, avira savings advisor, awesomehp, awesomehp entfernen, bonjour, branding, desktop, dvdvideosoft ltd., email, flash player, google, iexplore.exe, maus, mozilla, mp3, problem, quick_start, registry, scan, software, svchost.exe, tracker, vista, werbefenster, win32/distromatic.b, win32/domaiq.bb, win32/downloadsponsor.a, win32/toolbar.bitcocktail.b



Ähnliche Themen: Werbefenster öffnen sich selbstständig in allen Browsern


  1. Festplatte füllt sich selbstständig nach dem Hochfahren, Speicherplatz grundlos auf allen Partitionen immer wieder voll
    Plagegeister aller Art und deren Bekämpfung - 19.07.2015 (8)
  2. Windows 7: Auf allen Webseiten erscheinen aus allen richtungen Werbebanner und neue Werbefenster werden automatisch göffnet.
    Log-Analyse und Auswertung - 26.04.2015 (7)
  3. In Browsern öffnen sich permanent Fenster mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 23.04.2015 (9)
  4. Tabs laden selbstständig mit Reklame in allen Browsern bei W7 32bit
    Log-Analyse und Auswertung - 21.04.2015 (16)
  5. Snap.do lässt sich nicht deinstallieren - taucht immer wieder in allen Browsern auf - Win 8.1 x64
    Log-Analyse und Auswertung - 23.10.2014 (15)
  6. Webseiten öffnen sich mit extremer Verzögerung in allen Browsern
    Log-Analyse und Auswertung - 20.10.2014 (9)
  7. Pop-up Fenster öffnen sich unkontrollierbar in allen Browsern
    Log-Analyse und Auswertung - 25.05.2014 (1)
  8. Werbung auf allen browsern, adope flash player hängt sich immer auf
    Plagegeister aller Art und deren Bekämpfung - 30.03.2014 (19)
  9. Windows 7, in Browsern öffnen sich Warnseiten oder Werbung
    Log-Analyse und Auswertung - 21.01.2014 (11)
  10. Windows 7: 'Nation Zoom' auto-öffnet sich in allen Browsern
    Log-Analyse und Auswertung - 07.01.2014 (14)
  11. Nation Zoom öffnet sich ungefragt in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 04.01.2014 (12)
  12. Ad.Yieldmanager.Com - Werbefenster und Weiterleitungen in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (13)
  13. Werbefenster öffnen sich selbstständig
    Log-Analyse und Auswertung - 06.11.2008 (4)
  14. Werbefenster öffnen sich
    Log-Analyse und Auswertung - 10.03.2008 (7)
  15. Werbefenster öffnen sich
    Log-Analyse und Auswertung - 07.03.2007 (1)
  16. Werbefenster öffnen sich
    Log-Analyse und Auswertung - 31.12.2006 (2)
  17. Probleme mit allen Browsern
    Log-Analyse und Auswertung - 01.10.2006 (9)

Zum Thema Werbefenster öffnen sich selbstständig in allen Browsern - Hallo, sobald ich meinen Explorer (zurzeit Google Chrome) benutze und nur einmal mit der Maus klicke öffnet sich ein neues Fenster mit jeglicher Werbung. Habe ein ähnliches Thread ("Alle Browser - Werbefenster öffnen sich selbstständig in allen Browsern...
Archiv
Du betrachtest: Werbefenster öffnen sich selbstständig in allen Browsern auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.