Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 08.07.2014, 13:39   #1
rabe7
 
Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



Hallo Trojanerboard,

mein MacBook Pro; Bootamp, Win7, verhält sich seltsam,

- normalerweise ist es absolut still (außer bei extremen Temperaturen im Urlaub), jetzt lüftet es auch mal länger über Stunden.

- Der Mauszeiger springt umher, ok, ich hab gegoogelt, Problem bekannt.

Aber der Mauszeiger sprint auch rum, wenn ich die Hand eben nicht an der Maus habe und Seiten wechseln. willkürlich.

Hier mal das Hijackthis-Log von eben gerade.

Danke für Hilfe, nette Grüße

Rabe

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:09:44, on 08.07.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe
C:\Program Files (x86)\Timerle\Timerle.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\T-Home\Eumex 800 V1.30\ControlCenter.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
C:\Windows\SysWOW64\DVAPTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Users\User\AppData\Local\Apps\2.0\51BCD30V.NKB\DXG6EG14.TTB\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\LocalServiceJre\bin\AmazonCloudD riveW.exe
C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe
C:\PROGRA~2\MICROS~1\Office14\WINWORD.EXE
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\T-Mobile\web'n'walk Manager\WTGU.exe
C:\Users\User\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\7b4e384f5b096b9656fee276ba88bb81\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1\spIEBho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: WOT - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\User\AppData\LocalLow\WOT\IE\WOT.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O3 - Toolbar: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1\spIEBho.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLPSP] "C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
O4 - HKLM\..\Run: [DVAPTray] C:\Windows\System32\DVAPTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunServices: [DLPWD95] "C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWD95.EXE"
O4 - HKCU\..\Run: [KasperskyPasswordManager] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe
O4 - HKCU\..\Run: [Timerle] "C:\Program Files (x86)\Timerle\Timerle.exe" -q
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Updater shortcut] C:\Program Files (x86)\T-Mobile\web'n'walk Manager\WTGU.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-3783384763-327156978-2262831219-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3783384763-327156978-2262831219-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Amazon Cloud Drive.appref-ms
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ControlCenter.lnk = C:\Program Files (x86)\T-Home\Eumex 800 V1.30\ControlCenter.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\Windows\system32\AppleOSSMgr.exe (file missing)
O23 - Service: Apple-Time-Server (AppleTimeSrv) - Unknown owner - C:\Windows\system32\AppleTimeSrv.exe (file missing)
O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ShadowProtect Service (ShadowProtectSvc) - StorageCraft Technology Corporation - C:\Program Files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: StorageCraft ImageReady - Unknown owner - C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: StorageCraft Shadow Copy Provider (VSNAPVSS) - StorageCraft Technology Corporation - C:\Program Files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WOT Updater (WOTUpdater) - Unknown owner - C:\Users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe

--
End of file - 15811 bytes

Alt 08.07.2014, 13:57   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 08.07.2014, 19:04   #3
rabe7
 
Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



Hallo Schrauber,
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by User (administrator) on USER-PC on 08-07-2014 19:42:22
Running from C:\Users\User\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
() C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
() C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe
(Dell Inc.) C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
(StorageCraft Technology Corporation) C:\Program Files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(StorageCraft Technology Corporation) C:\Program Files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe
(JFSoftware) C:\Program Files (x86)\Timerle\Timerle.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(T-Com) C:\Program Files (x86)\T-Home\Eumex 800 V1.30\ControlCenter.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Amazon Digital Services, LLC.) C:\Users\User\AppData\Local\Apps\2.0\51BCD30V.NKB\DXG6EG14.TTB\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\AmazonCloudDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dell Inc.) C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
() C:\Windows\SysWOW64\DVAPTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe
(Sun Microsystems, Inc.) C:\Users\User\AppData\Local\Apps\2.0\51BCD30V.NKB\DXG6EG14.TTB\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\LocalServiceJre\bin\AmazonCloudDriveW.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Trend Micro Inc.) C:\Users\User\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\7b4e384f5b096b9656fee276ba88bb81\HiJackThis204.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
() C:\Program Files (x86)\T-Mobile\web'n'walk Manager\WTGU.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [741800 2012-06-14] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2012-06-13] (Intel Corporation)
HKLM-x32\...\Run: [Sweetpacks Communicator] => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DLPSP] => C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE [192512 2006-02-23] (Dell Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe [253952 2013-02-09] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [DVAPTray] => C:\Windows\SysWOW64\DVAPTray.exe [192512 2012-06-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [KasperskyPasswordManager] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe [3176384 2013-01-29] (Kaspersky Lab)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [Timerle] => C:\Program Files (x86)\Timerle\Timerle.exe [160899 2006-02-19] (JFSoftware)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [] => [X]
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [Updater shortcut] => C:\Program Files (x86)\T-Mobile\web'n'walk Manager\WTGU.exe [857544 2008-06-19] ()
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [Facebook Update] => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-14] (Facebook Inc.)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {03b97e62-32ce-11e2-bce8-9bb3585cf48e} - E:\Setup.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {42115f5e-9855-11e2-88a9-20c9d04829a4} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {42115f6a-9855-11e2-88a9-20c9d04829a4} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {7c6d2144-6910-11e2-93e1-20c9d04829a3} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {8e2d158c-95d5-11e2-b397-b43b7d87459e} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {8e2d1590-95d5-11e2-b397-b43b7d87459e} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {8e2d1602-95d5-11e2-b397-b43b7d87459e} - F:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {cf53d8f5-93cf-11e2-89d6-bc05ddfe319f} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {f39f762b-72e4-11e2-b2ce-f6322c28b199} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {f39f7632-72e4-11e2-b2ce-20c9d04829a4} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ControlCenter.lnk
ShortcutTarget: ControlCenter.lnk -> C:\Program Files (x86)\T-Home\Eumex 800 V1.30\ControlCenter.exe (T-Com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC00FBF6E22FFCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WOT - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\User\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 bmnet.dll File Not found ()
Winsock: Catalog9 02 bmnet.dll File Not found ()
Winsock: Catalog9 03 bmnet.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina
FF DefaultSearchEngine: LEO Eng-Deu
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @kaspersky.com/Password Manager - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\npkpmAutofill.dll (Kaspersky Lab)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\user.js
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\searchplugins\softonic.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: anonymoX - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\client@anonymox.net.xpi [2013-05-12]
FF Extension: Ghostery - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\firefox@ghostery.com.xpi [2013-08-02]
FF Extension: Self-Destructing Cookies - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2014-01-12]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-21]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKCU\...\Firefox\Extensions: [{72CA2996-F580-47DF-98FF-0B853D09CEC8}] - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill
FF Extension: Password Manager Autofill Engine - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill [2012-11-15]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKCU\...\Thunderbird\Extensions: [{72CA2996-F580-47DF-98FF-0B853D09CEC8}] - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill
FF Extension: Password Manager Autofill Engine - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill [2012-11-15]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-05]
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\User\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-22] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224680 2012-06-14] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DLPWD; C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE [90112 2005-11-10] (Dell Inc.) [File not signed]
R2 DLSDB; C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [135168 2005-08-25] (Dell Inc.) [File not signed]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
R2 ShadowProtectSvc; C:\Program Files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [4586760 2013-05-10] (StorageCraft Technology Corporation)
R2 StorageCraft ImageReady; C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe [4408000 2013-05-10] ()
R2 VSNAPVSS; C:\Program Files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe [94984 2013-05-10] (StorageCraft Technology Corporation)
R2 WOTUpdater; C:\Users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [File not signed]

==================== Drivers (Whitelisted) ====================

R3 applemtm; C:\Windows\System32\DRIVERS\applemtm.sys [12288 2010-12-22] (Apple Inc.)
R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [38912 2010-12-22] (Apple Inc.)
S3 AppleODD; C:\Windows\System32\DRIVERS\AppleODD.sys [8704 2010-10-11] (Apple Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 B57ports; C:\Windows\System32\DRIVERS\b57ports.sys [44544 2012-06-13] (Broadcom Corporation)
R3 cecsvad; C:\Windows\System32\drivers\cecvad.sys [23040 2011-12-08] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
R1 sbmount; C:\Windows\System32\Drivers\sbmount.sys [117000 2013-05-10] (StorageCraft Technology Corporation)
R0 stcvsm; C:\Windows\System32\DRIVERS\stcvsm.sys [283400 2013-05-10] (StorageCraft Technology Corporation)
S1 tcpipBM; C:\Windows\SysWow64\Drivers\tcpipBM.sys [18816 2008-05-08] (Bytemobile, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-08 19:42 - 2014-07-08 19:42 - 00022983 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-08 19:42 - 2014-07-08 19:42 - 00000000 ____D () C:\FRST
2014-07-08 19:40 - 2014-07-08 19:40 - 02084352 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-08 19:39 - 2014-07-08 19:39 - 01074688 _____ (Farbar) C:\Users\User\Downloads\FRST(1).exe
2014-07-08 19:37 - 2014-07-08 19:37 - 01074688 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2014-07-08 14:10 - 2014-07-08 14:10 - 00000000 ____D () C:\Users\User\Documents\Hijackthis Logiles
2014-07-08 14:06 - 2014-07-08 14:07 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\HijackThis - CHIP-Installer.exe
2014-07-03 00:04 - 2014-07-03 00:05 - 00000000 ____D () C:\Users\User\Documents\Waschmittel
2014-06-29 11:01 - 2014-06-29 11:01 - 32826224 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeDownload.exe
2014-06-22 10:57 - 2014-06-22 10:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-20 10:41 - 2014-06-20 10:42 - 00000000 ____D () C:\Users\User\Documents\Eumex
2014-06-20 10:30 - 2014-06-20 10:30 - 00000000 ____D () C:\Users\User\AppData\Local\T-Home
2014-06-20 10:26 - 2014-06-20 10:26 - 00000046 _____ () C:\Windows\hmview.ini
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eumex 800 V1.30
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\Program Files (x86)\T-Home
2014-06-16 18:13 - 2014-06-22 09:56 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-06-14 02:55 - 2014-07-08 19:24 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA.job
2014-06-14 02:55 - 2014-07-08 03:00 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core.job
2014-06-14 02:55 - 2014-06-14 02:55 - 00003898 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA
2014-06-14 02:55 - 2014-06-14 02:55 - 00003530 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core
2014-06-14 02:55 - 2014-06-14 02:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\NVIDIA
2014-06-14 02:54 - 2014-06-14 02:55 - 00000000 ____D () C:\Users\User\AppData\Local\Facebook
2014-06-11 11:55 - 2014-06-13 13:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2014-07-08 19:42 - 2014-07-08 19:42 - 00022983 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-08 19:42 - 2014-07-08 19:42 - 00000000 ____D () C:\FRST
2014-07-08 19:40 - 2014-07-08 19:40 - 02084352 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-08 19:39 - 2014-07-08 19:39 - 01074688 _____ (Farbar) C:\Users\User\Downloads\FRST(1).exe
2014-07-08 19:39 - 2013-02-09 21:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\HCM Updater
2014-07-08 19:37 - 2014-07-08 19:37 - 01074688 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2014-07-08 19:28 - 2012-11-15 09:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-07-08 19:27 - 2011-04-12 09:43 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-07-08 19:27 - 2011-04-12 09:43 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-07-08 19:27 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-08 19:24 - 2014-06-14 02:55 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA.job
2014-07-08 19:24 - 2013-12-26 12:06 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-07-08 19:24 - 2012-11-12 14:44 - 01216446 _____ () C:\Windows\WindowsUpdate.log
2014-07-08 14:22 - 2012-11-15 09:26 - 00000000 ___SD () C:\Users\User\Documents\Passwords Database
2014-07-08 14:10 - 2014-07-08 14:10 - 00000000 ____D () C:\Users\User\Documents\Hijackthis Logiles
2014-07-08 14:07 - 2014-07-08 14:06 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\HijackThis - CHIP-Installer.exe
2014-07-08 03:00 - 2014-06-14 02:55 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core.job
2014-07-07 09:13 - 2012-12-28 10:44 - 00000000 ____D () C:\HVBefin
2014-07-05 16:08 - 2013-07-01 04:57 - 00000000 ____D () C:\Users\User\Documents\Rezepte Kochen Getränke
2014-07-04 22:58 - 2009-07-14 06:51 - 00107118 _____ () C:\Windows\setupact.log
2014-07-04 16:47 - 2014-02-02 21:07 - 00340480 ___SH () C:\Users\User\Desktop\Thumbs.db
2014-07-04 08:42 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 08:42 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 13:19 - 2012-11-12 16:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-03 13:19 - 2010-11-21 05:47 - 00356056 _____ () C:\Windows\PFRO.log
2014-07-03 13:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-03 00:05 - 2014-07-03 00:04 - 00000000 ____D () C:\Users\User\Documents\Waschmittel
2014-06-29 11:01 - 2014-06-29 11:01 - 32826224 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeDownload.exe
2014-06-28 07:17 - 2012-12-15 00:29 - 00000000 ____D () C:\Users\User\Documents\pi
2014-06-24 19:30 - 2013-04-21 15:40 - 00184832 ___SH () C:\Users\User\Documents\Thumbs.db
2014-06-24 13:30 - 2013-03-20 12:07 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-23 20:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-23 07:38 - 2012-11-14 18:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-22 10:57 - 2014-06-22 10:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 09:56 - 2014-06-16 18:13 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-06-20 10:42 - 2014-06-20 10:41 - 00000000 ____D () C:\Users\User\Documents\Eumex
2014-06-20 10:30 - 2014-06-20 10:30 - 00000000 ____D () C:\Users\User\AppData\Local\T-Home
2014-06-20 10:26 - 2014-06-20 10:26 - 00000046 _____ () C:\Windows\hmview.ini
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eumex 800 V1.30
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\Program Files (x86)\T-Home
2014-06-20 10:26 - 2012-11-12 16:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-19 10:26 - 2012-11-15 08:40 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-15 13:51 - 2012-11-15 09:02 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-15 13:51 - 2012-11-15 09:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-14 02:55 - 2014-06-14 02:55 - 00003898 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA
2014-06-14 02:55 - 2014-06-14 02:55 - 00003530 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core
2014-06-14 02:55 - 2014-06-14 02:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\NVIDIA
2014-06-14 02:55 - 2014-06-14 02:54 - 00000000 ____D () C:\Users\User\AppData\Local\Facebook
2014-06-13 13:39 - 2014-06-11 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-13 12:17 - 2014-06-01 08:17 - 00000000 ____D () C:\Users\User\Documents\Christian Sander
2014-06-10 19:02 - 2014-05-08 19:16 - 00000000 ____D () C:\Users\User\Documents\SM
2014-06-10 10:09 - 2012-11-13 11:16 - 00000000 ____D () C:\Users\User\Documents\Outlook-Dateien

Files to move or delete:
====================
C:\Users\User\AppData\Roaming\LatestAdhoc.ini
C:\Users\User\AppData\Roaming\LatestCamera.ini
C:\Users\User\AppData\Roaming\LatestInfra.ini


Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\AskSLib.dll
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\User\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\User\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\mgsqlite3.dll
C:\Users\User\AppData\Local\Temp\msvbvm60.dll
C:\Users\User\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\User\AppData\Local\Temp\PromptInfo.exe
C:\Users\User\AppData\Local\Temp\ResetDevice.exe
C:\Users\User\AppData\Local\Temp\Setup64.exe
C:\Users\User\AppData\Local\Temp\Shortcut_SweetIM_2.exe
C:\Users\User\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\User\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\User\AppData\Local\Temp\swfo.exe
C:\Users\User\AppData\Local\Temp\_is6FEE.exe
C:\Users\User\AppData\Local\Temp\_isF0D8.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 02:21

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by User (administrator) on USER-PC on 08-07-2014 19:42:22
Running from C:\Users\User\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
() C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
() C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe
(Dell Inc.) C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
(StorageCraft Technology Corporation) C:\Program Files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(StorageCraft Technology Corporation) C:\Program Files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe
(JFSoftware) C:\Program Files (x86)\Timerle\Timerle.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(T-Com) C:\Program Files (x86)\T-Home\Eumex 800 V1.30\ControlCenter.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Amazon Digital Services, LLC.) C:\Users\User\AppData\Local\Apps\2.0\51BCD30V.NKB\DXG6EG14.TTB\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\AmazonCloudDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dell Inc.) C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
() C:\Windows\SysWOW64\DVAPTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe
(Sun Microsystems, Inc.) C:\Users\User\AppData\Local\Apps\2.0\51BCD30V.NKB\DXG6EG14.TTB\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\LocalServiceJre\bin\AmazonCloudDriveW.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Trend Micro Inc.) C:\Users\User\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\7b4e384f5b096b9656fee276ba88bb81\HiJackThis204.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
() C:\Program Files (x86)\T-Mobile\web'n'walk Manager\WTGU.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [741800 2012-06-14] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2012-06-13] (Intel Corporation)
HKLM-x32\...\Run: [Sweetpacks Communicator] => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DLPSP] => C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE [192512 2006-02-23] (Dell Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe [253952 2013-02-09] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [DVAPTray] => C:\Windows\SysWOW64\DVAPTray.exe [192512 2012-06-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [KasperskyPasswordManager] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe [3176384 2013-01-29] (Kaspersky Lab)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [Timerle] => C:\Program Files (x86)\Timerle\Timerle.exe [160899 2006-02-19] (JFSoftware)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [] => [X]
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [Updater shortcut] => C:\Program Files (x86)\T-Mobile\web'n'walk Manager\WTGU.exe [857544 2008-06-19] ()
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [Facebook Update] => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-14] (Facebook Inc.)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {03b97e62-32ce-11e2-bce8-9bb3585cf48e} - E:\Setup.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {42115f5e-9855-11e2-88a9-20c9d04829a4} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {42115f6a-9855-11e2-88a9-20c9d04829a4} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {7c6d2144-6910-11e2-93e1-20c9d04829a3} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {8e2d158c-95d5-11e2-b397-b43b7d87459e} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {8e2d1590-95d5-11e2-b397-b43b7d87459e} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {8e2d1602-95d5-11e2-b397-b43b7d87459e} - F:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {cf53d8f5-93cf-11e2-89d6-bc05ddfe319f} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {f39f762b-72e4-11e2-b2ce-f6322c28b199} - E:\AutoRun.exe
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\MountPoints2: {f39f7632-72e4-11e2-b2ce-20c9d04829a4} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ControlCenter.lnk
ShortcutTarget: ControlCenter.lnk -> C:\Program Files (x86)\T-Home\Eumex 800 V1.30\ControlCenter.exe (T-Com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC00FBF6E22FFCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WOT - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\User\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 bmnet.dll File Not found ()
Winsock: Catalog9 02 bmnet.dll File Not found ()
Winsock: Catalog9 03 bmnet.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina
FF DefaultSearchEngine: LEO Eng-Deu
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @kaspersky.com/Password Manager - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\npkpmAutofill.dll (Kaspersky Lab)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\user.js
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\searchplugins\softonic.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: anonymoX - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\client@anonymox.net.xpi [2013-05-12]
FF Extension: Ghostery - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\firefox@ghostery.com.xpi [2013-08-02]
FF Extension: Self-Destructing Cookies - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2014-01-12]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-21]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKCU\...\Firefox\Extensions: [{72CA2996-F580-47DF-98FF-0B853D09CEC8}] - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill
FF Extension: Password Manager Autofill Engine - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill [2012-11-15]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKCU\...\Thunderbird\Extensions: [{72CA2996-F580-47DF-98FF-0B853D09CEC8}] - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill
FF Extension: Password Manager Autofill Engine - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill [2012-11-15]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-05]
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\User\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-22] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224680 2012-06-14] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DLPWD; C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE [90112 2005-11-10] (Dell Inc.) [File not signed]
R2 DLSDB; C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [135168 2005-08-25] (Dell Inc.) [File not signed]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
R2 ShadowProtectSvc; C:\Program Files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [4586760 2013-05-10] (StorageCraft Technology Corporation)
R2 StorageCraft ImageReady; C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe [4408000 2013-05-10] ()
R2 VSNAPVSS; C:\Program Files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe [94984 2013-05-10] (StorageCraft Technology Corporation)
R2 WOTUpdater; C:\Users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [File not signed]

==================== Drivers (Whitelisted) ====================

R3 applemtm; C:\Windows\System32\DRIVERS\applemtm.sys [12288 2010-12-22] (Apple Inc.)
R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [38912 2010-12-22] (Apple Inc.)
S3 AppleODD; C:\Windows\System32\DRIVERS\AppleODD.sys [8704 2010-10-11] (Apple Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 B57ports; C:\Windows\System32\DRIVERS\b57ports.sys [44544 2012-06-13] (Broadcom Corporation)
R3 cecsvad; C:\Windows\System32\drivers\cecvad.sys [23040 2011-12-08] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
R1 sbmount; C:\Windows\System32\Drivers\sbmount.sys [117000 2013-05-10] (StorageCraft Technology Corporation)
R0 stcvsm; C:\Windows\System32\DRIVERS\stcvsm.sys [283400 2013-05-10] (StorageCraft Technology Corporation)
S1 tcpipBM; C:\Windows\SysWow64\Drivers\tcpipBM.sys [18816 2008-05-08] (Bytemobile, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-08 19:42 - 2014-07-08 19:42 - 00022983 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-08 19:42 - 2014-07-08 19:42 - 00000000 ____D () C:\FRST
2014-07-08 19:40 - 2014-07-08 19:40 - 02084352 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-08 19:39 - 2014-07-08 19:39 - 01074688 _____ (Farbar) C:\Users\User\Downloads\FRST(1).exe
2014-07-08 19:37 - 2014-07-08 19:37 - 01074688 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2014-07-08 14:10 - 2014-07-08 14:10 - 00000000 ____D () C:\Users\User\Documents\Hijackthis Logiles
2014-07-08 14:06 - 2014-07-08 14:07 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\HijackThis - CHIP-Installer.exe
2014-07-03 00:04 - 2014-07-03 00:05 - 00000000 ____D () C:\Users\User\Documents\Waschmittel
2014-06-29 11:01 - 2014-06-29 11:01 - 32826224 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeDownload.exe
2014-06-22 10:57 - 2014-06-22 10:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-20 10:41 - 2014-06-20 10:42 - 00000000 ____D () C:\Users\User\Documents\Eumex
2014-06-20 10:30 - 2014-06-20 10:30 - 00000000 ____D () C:\Users\User\AppData\Local\T-Home
2014-06-20 10:26 - 2014-06-20 10:26 - 00000046 _____ () C:\Windows\hmview.ini
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eumex 800 V1.30
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\Program Files (x86)\T-Home
2014-06-16 18:13 - 2014-06-22 09:56 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-06-14 02:55 - 2014-07-08 19:24 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA.job
2014-06-14 02:55 - 2014-07-08 03:00 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core.job
2014-06-14 02:55 - 2014-06-14 02:55 - 00003898 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA
2014-06-14 02:55 - 2014-06-14 02:55 - 00003530 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core
2014-06-14 02:55 - 2014-06-14 02:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\NVIDIA
2014-06-14 02:54 - 2014-06-14 02:55 - 00000000 ____D () C:\Users\User\AppData\Local\Facebook
2014-06-11 11:55 - 2014-06-13 13:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2014-07-08 19:42 - 2014-07-08 19:42 - 00022983 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-08 19:42 - 2014-07-08 19:42 - 00000000 ____D () C:\FRST
2014-07-08 19:40 - 2014-07-08 19:40 - 02084352 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-08 19:39 - 2014-07-08 19:39 - 01074688 _____ (Farbar) C:\Users\User\Downloads\FRST(1).exe
2014-07-08 19:39 - 2013-02-09 21:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\HCM Updater
2014-07-08 19:37 - 2014-07-08 19:37 - 01074688 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2014-07-08 19:28 - 2012-11-15 09:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-07-08 19:27 - 2011-04-12 09:43 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-07-08 19:27 - 2011-04-12 09:43 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-07-08 19:27 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-08 19:24 - 2014-06-14 02:55 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA.job
2014-07-08 19:24 - 2013-12-26 12:06 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-07-08 19:24 - 2012-11-12 14:44 - 01216446 _____ () C:\Windows\WindowsUpdate.log
2014-07-08 14:22 - 2012-11-15 09:26 - 00000000 ___SD () C:\Users\User\Documents\Passwords Database
2014-07-08 14:10 - 2014-07-08 14:10 - 00000000 ____D () C:\Users\User\Documents\Hijackthis Logiles
2014-07-08 14:07 - 2014-07-08 14:06 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\HijackThis - CHIP-Installer.exe
2014-07-08 03:00 - 2014-06-14 02:55 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core.job
2014-07-07 09:13 - 2012-12-28 10:44 - 00000000 ____D () C:\HVBefin
2014-07-05 16:08 - 2013-07-01 04:57 - 00000000 ____D () C:\Users\User\Documents\Rezepte Kochen Getränke
2014-07-04 22:58 - 2009-07-14 06:51 - 00107118 _____ () C:\Windows\setupact.log
2014-07-04 16:47 - 2014-02-02 21:07 - 00340480 ___SH () C:\Users\User\Desktop\Thumbs.db
2014-07-04 08:42 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 08:42 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 13:19 - 2012-11-12 16:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-03 13:19 - 2010-11-21 05:47 - 00356056 _____ () C:\Windows\PFRO.log
2014-07-03 13:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-03 00:05 - 2014-07-03 00:04 - 00000000 ____D () C:\Users\User\Documents\Waschmittel
2014-06-29 11:01 - 2014-06-29 11:01 - 32826224 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeDownload.exe
2014-06-28 07:17 - 2012-12-15 00:29 - 00000000 ____D () C:\Users\User\Documents\pi
2014-06-24 19:30 - 2013-04-21 15:40 - 00184832 ___SH () C:\Users\User\Documents\Thumbs.db
2014-06-24 13:30 - 2013-03-20 12:07 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-23 20:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-23 07:38 - 2012-11-14 18:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-22 10:57 - 2014-06-22 10:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 09:56 - 2014-06-16 18:13 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-06-20 10:42 - 2014-06-20 10:41 - 00000000 ____D () C:\Users\User\Documents\Eumex
2014-06-20 10:30 - 2014-06-20 10:30 - 00000000 ____D () C:\Users\User\AppData\Local\T-Home
2014-06-20 10:26 - 2014-06-20 10:26 - 00000046 _____ () C:\Windows\hmview.ini
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eumex 800 V1.30
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\Program Files (x86)\T-Home
2014-06-20 10:26 - 2012-11-12 16:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-19 10:26 - 2012-11-15 08:40 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-15 13:51 - 2012-11-15 09:02 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-15 13:51 - 2012-11-15 09:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-14 02:55 - 2014-06-14 02:55 - 00003898 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA
2014-06-14 02:55 - 2014-06-14 02:55 - 00003530 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core
2014-06-14 02:55 - 2014-06-14 02:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\NVIDIA
2014-06-14 02:55 - 2014-06-14 02:54 - 00000000 ____D () C:\Users\User\AppData\Local\Facebook
2014-06-13 13:39 - 2014-06-11 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-13 12:17 - 2014-06-01 08:17 - 00000000 ____D () C:\Users\User\Documents\Christian Sander
2014-06-10 19:02 - 2014-05-08 19:16 - 00000000 ____D () C:\Users\User\Documents\SM
2014-06-10 10:09 - 2012-11-13 11:16 - 00000000 ____D () C:\Users\User\Documents\Outlook-Dateien

Files to move or delete:
====================
C:\Users\User\AppData\Roaming\LatestAdhoc.ini
C:\Users\User\AppData\Roaming\LatestCamera.ini
C:\Users\User\AppData\Roaming\LatestInfra.ini


Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\AskSLib.dll
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\User\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\User\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\mgsqlite3.dll
C:\Users\User\AppData\Local\Temp\msvbvm60.dll
C:\Users\User\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\User\AppData\Local\Temp\PromptInfo.exe
C:\Users\User\AppData\Local\Temp\ResetDevice.exe
C:\Users\User\AppData\Local\Temp\Setup64.exe
C:\Users\User\AppData\Local\Temp\Shortcut_SweetIM_2.exe
C:\Users\User\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\User\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\User\AppData\Local\Temp\swfo.exe
C:\Users\User\AppData\Local\Temp\_is6FEE.exe
C:\Users\User\AppData\Local\Temp\_isF0D8.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 02:21

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by User at 2014-07-08 19:42:47
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

ABUS CMS Software (HKLM-x32\...\{B1369BD6-AA4E-4404-AC15-4551E89E552A}) (Version: 2.02.07 - ABUS)
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Amazon Cloud Drive (HKCU\...\23ab716f18849b6f) (Version: 2.4.2013.3290 - Amazon)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Boot Camp-Dienste (HKLM\...\{ADA3F9C8-A6D3-4FCF-BFBB-EAD69AC0884E}) (Version: 4.0.4326 - Apple Inc.)
calibre 64bit (HKLM\...\{F1290006-F37A-4CCE-BEBA-FBF97C66F787}) (Version: 0.9.13 - Kovid Goyal)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
Dell-Druckersoftware (HKLM-x32\...\{105F3CE5-FE55-408E-BF30-E78F85BA0B12}) (Version: 1.00.000 - Dell)
Eumex 800 V1.30 (HKLM-x32\...\InstallShield_{FACE9D51-E374-4DDB-857C-816FCB1D6B40}) (Version: 1.30.0000 - T-Home)
Eumex 800 V1.30 (x32 Version: 1.30.0000 - T-Home) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
ffdshow v1.1.3425 [2010-05-08] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3425.0 - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Flickr Uploadr 3.2.1 (HKLM-x32\...\Flickr Uploadr) (Version:  - )
Free YouTube Download version 3.2.16.1028 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.16.1028 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}) (Version: 7.1.1.1580 - Google)
HERMA Label World (HKLM-x32\...\{7DA64485-2CEE-4F7B-84AB-B287236703B6}) (Version: 1.00.0000 - HERMA GmbH)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{E0FE1E14-3A7A-4DB0-9FFA-0DD945AE84DB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HVB eFIN 3.2 (HKLM-x32\...\HVB eFIN 3.2) (Version:  - )
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky Password Manager 5.0.0.172 (HKLM-x32\...\Kaspersky Password Manager_is1) (Version: 5.0 - Kaspersky Lab)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{2E01C311-3ED2-42CF-B1E9-9A36D4B9E26B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Plus (HKLM-x32\...\MAGIX_{258D56DE-24F2-479E-BED2-8103CB0B9D58}) (Version: 12.0.0.32 - MAGIX AG)
MAGIX Video deluxe 2013 Plus (Version: 12.0.0.32 - MAGIX AG) Hidden
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Moo0 Disk Cleaner 1.23 (HKLM-x32\...\Moo0 DiskCleaner) (Version:  - )
Moo0 System Monitor 1.76 (HKLM-x32\...\Moo0 SystemMonitor) (Version:  - )
Moo0 YouTube Downloader 1.07 (HKLM-x32\...\Moo0 Utube-DL) (Version:  - )
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
Nokia Suite (x32 Version: 3.7.22.0 - Nokia) Hidden
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
PantsOff 2.0 (HKLM-x32\...\{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1) (Version: 2.0 - Christoph Bünger Software)
PC Connectivity Solution (HKLM-x32\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
ShadowProtect Desktop (x32 Version: 4.15.9340 - StorageCraft) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
StorageCraft ShadowProtect (HKLM-x32\...\ShadowProtect) (Version: 5.0.1.23057 - StorageCraft Technology Corporation (STC))
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Timerle 1.04 (HKLM-x32\...\{7C459192-BBB7-446C-9DC8-E502E02FEB51}_is1) (Version: 1.04 - JFSoftware)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
web'n'walk Manager (HKLM-x32\...\web'n'walk Manager) (Version: 11.002.03.00.108 - T-Mobile D)
Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net  (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1) (HKLM\...\2CD6536AAFFF9B465A871060CF483EC9F3341D29) (Version: 06/27/2007 2.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Broadcom Bluetooth (11/28/2011 4.0.3.0) (HKLM\...\1016ED26ACC3EEFE09AE974AFCAAFB4B107620D5) (Version: 11/28/2011 4.0.3.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0) (HKLM\...\70C7CBB0824BF74552A2F28F5FFBF62A15053DA8) (Version: 10/25/2007 2.0.1.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Keyboard (01/27/2012 4.0.2.0) (HKLM\...\AF92AA38D11B3EB580979783E9A5241104001FCF) (Version: 01/27/2012 4.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch (01/27/2012 4.0.2.0) (HKLM\...\CE9118C4690D5A4F58FF3D1DDF6357FE763F7A86) (Version: 01/27/2012 4.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (01/27/2012 4.0.2.0) (HKLM\...\AD7958B9A89A99077874492D7D6302AC136075C1) (Version: 01/27/2012 4.0.2.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple System Device (10/07/2011 4.0.1.0) (HKLM\...\9CA06E33CCD19F5A2A0985B77F37FCF8B8829140) (Version: 10/07/2011 4.0.1.0 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Trackpad (07/13/2009 3.0.0.1) (HKLM\...\A0A897639A1D288A8B472FE790EBF9DB71E52ACF) (Version: 07/13/2009 3.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Trackpad Enabler (07/13/2009 3.0.0.1) (HKLM\...\76830D11874044260C923425E7F5A72F25EDA758) (Version: 07/13/2009 3.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (01/17/2011 3.2.0.0) (HKLM\...\C7DD621795A42EAE550280D4D7601459F35C4EC2) (Version: 01/17/2011 3.2.0.0 - Apple Inc.)
Windows-Treiberpaket - Atheros Communications Inc. (athr) Net  (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.)
Windows-Treiberpaket - Broadcom (b57nd60a) Net  (02/10/2012 15.2.0.5) (HKLM\...\A3497C108F7A1DBB206EFFA287BF6B101B2B3219) (Version: 02/10/2012 15.2.0.5 - Broadcom)
Windows-Treiberpaket - Broadcom (B57ports) Net  (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom)
Windows-Treiberpaket - Broadcom (BCM43XX) Net  (04/05/2012 5.106.198.19) (HKLM\...\557DBFEBA7FC5BDA0855461ED735CD79BB48295A) (Version: 04/05/2012 5.106.198.19 - Broadcom)
Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) SDHost  (02/10/2012 1.0.0.235) (HKLM\...\271634A61293D6ABA4C3307620CA706C3810487C) (Version: 02/10/2012 1.0.0.235 - Broadcom Corporation)
Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA  (01/30/2012 6.6001.1.36) (HKLM\...\FF8B5F3FD21FE7703C294F36CF12825927AB70B0) (Version: 01/30/2012 6.6001.1.36 - Cirrus Logic, Inc.)
Windows-Treiberpaket - Intel (e1express) Net  (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel)
Windows-Treiberpaket - Intel (e1kexpress) Net  (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel)
Windows-Treiberpaket - Intel (e1qexpress) Net  (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel)
Windows-Treiberpaket - Intel (e1rexpress) Net  (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel)
Windows-Treiberpaket - Intel (e1yexpress) Net  (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel)
Windows-Treiberpaket - Intel System  (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows-Treiberpaket - Marvell (yukonx64) Net  (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WiVideo (HKLM-x32\...\{2A9BA733-C465-400A-8AA0-937C656503FB}) (Version: 2.01.202 - )
XnView 1.98.7 (HKLM-x32\...\XnView_is1) (Version: 1.98.7 - Gougelet Pierre-e)

==================== Restore Points  =========================

11-06-2014 03:52:47 Windows Update
14-06-2014 03:53:10 Windows Update
18-06-2014 00:32:10 Windows Update
20-06-2014 08:25:06 Installed Eumex RNDIS Driver V1.00.
20-06-2014 08:25:22 Installed Eumex RNDIS Driver V1.00.
20-06-2014 08:26:10 Installiert Eumex 800 V1.30
22-06-2014 01:33:35 Windows Update
28-06-2014 00:34:06 Windows Update
02-07-2014 01:02:36 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {6070DFB7-F9FF-459E-8157-9E327E53ED80} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-14] (Facebook Inc.)
Task: {C303BABF-B915-45E6-A258-ABD5443D49DE} - System32\Tasks\Moo0 System Monitor 1.76 => C:\Program Files (x86)\Moo0\SystemMonitor 1.76\SystemMonitor.exe [2013-10-19] (Moo0)
Task: {C9403B77-6CF4-4F80-B867-B11A5DF1CBF4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D19C1031-60F2-401B-B9A7-0A042597987E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-14] (Facebook Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-12 16:28 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-14 14:18 - 2012-06-14 14:18 - 00224680 _____ () C:\Windows\system32\AppleOSSMgr.exe
2013-05-10 14:47 - 2013-05-10 14:47 - 04408000 _____ () C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
2012-01-12 12:23 - 2012-01-12 12:23 - 00018432 _____ () C:\Users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe
2013-03-30 20:10 - 2012-06-08 17:37 - 00192512 _____ () C:\Windows\SysWOW64\DVAPTray.exe
2013-02-09 21:36 - 2008-06-19 12:42 - 00857544 _____ () C:\Program Files (x86)\T-Mobile\web'n'walk Manager\WTGU.exe
2014-07-03 13:19 - 2014-07-03 13:19 - 00098816 _____ () C:\Windows\TEMP\_MEI21642\win32api.pyd
2014-07-03 13:19 - 2014-07-03 13:19 - 00110080 _____ () C:\Windows\TEMP\_MEI21642\pywintypes27.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 00358912 _____ () C:\Windows\TEMP\_MEI21642\pythoncom27.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 00042496 _____ () C:\Windows\TEMP\_MEI21642\win32service.pyd
2014-07-03 13:19 - 2014-07-03 13:19 - 00027648 _____ () C:\Windows\TEMP\_MEI21642\servicemanager.pyd
2014-07-03 13:19 - 2014-07-03 13:19 - 00018432 _____ () C:\Windows\TEMP\_MEI21642\win32event.pyd
2014-07-03 13:19 - 2014-07-03 13:19 - 00040960 _____ () C:\Windows\TEMP\_MEI21642\_socket.pyd
2014-07-03 13:19 - 2014-07-03 13:19 - 00721920 _____ () C:\Windows\TEMP\_MEI21642\_ssl.pyd
2014-07-03 13:19 - 2014-07-03 13:19 - 00009728 _____ () C:\Windows\TEMP\_MEI21642\select.pyd
2014-07-03 13:19 - 2014-07-03 13:19 - 00074240 _____ () C:\Windows\TEMP\_MEI21642\_ctypes.pyd
2014-07-03 13:19 - 2014-07-03 13:19 - 00285184 _____ () C:\Windows\TEMP\_MEI21642\_hashlib.pyd
2014-07-03 13:19 - 2014-07-03 13:19 - 00103424 _____ () C:\Windows\TEMP\_MEI21642\pyexpat.pyd
2012-12-21 18:57 - 2012-12-21 18:57 - 08507384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 02354168 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 01014776 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 00364536 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 02481144 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 01347064 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 00206328 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 02653176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 00033272 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 00035832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 00207352 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 11166712 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 00276984 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2012-12-21 16:29 - 2012-12-21 16:29 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2012-12-21 16:29 - 2012-12-21 16:29 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2012-12-21 18:56 - 2012-12-21 18:56 - 00438264 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 00446456 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 00520696 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 00720888 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2012-12-21 18:56 - 2012-12-21 18:56 - 00606200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2012-12-21 18:57 - 2012-12-21 18:57 - 00093176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2012-12-21 16:29 - 2012-12-21 16:29 - 00110080 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
2013-03-30 20:10 - 2011-12-08 16:06 - 00055296 _____ () C:\Windows\SysWOW64\cecvcam.ax
2013-03-30 20:10 - 2010-07-28 19:24 - 05603328 _____ () C:\Windows\SysWOW64\CAMACCESS.dll
2014-06-22 10:57 - 2014-06-22 10:57 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-15 13:51 - 2014-06-15 13:51 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
2012-11-12 16:31 - 2012-06-13 20:16 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-06-11 11:55 - 2014-06-11 11:56 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-11 11:56 - 2014-06-11 11:56 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-11 11:56 - 2014-06-11 11:56 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2011-02-18 11:04 - 2011-02-18 11:04 - 00196448 _____ () C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL
2013-12-26 12:09 - 2014-07-06 11:00 - 00046080 _____ () C:\Users\User\AppData\Local\Apps\2.0\51BCD30V.NKB\DXG6EG14.TTB\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\NativeOperations.dll
2013-12-26 12:09 - 2013-12-26 12:09 - 00541696 _____ () C:\Users\User\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
2005-04-06 08:52 - 2005-04-06 08:52 - 01327104 _____ () C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.dll
2013-02-09 21:36 - 2008-06-19 15:15 - 00741376 _____ () C:\Program Files (x86)\T-Mobile\web'n'walk Manager\UpgraderGer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:9453D700
AlternateDataStreams: C:\Users\User\Desktop\ForwardedMessage.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/08/2014 07:25:04 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 08.07.2014 19:25:04
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/08/2014 05:15:28 AM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 08.07.2014 05:15:28
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/08/2014 05:11:12 AM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 08.07.2014 05:11:12
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/07/2014 10:00:00 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 07.07.2014 22:00:00
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/07/2014 02:09:07 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 07.07.2014 14:09:07
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/06/2014 10:00:00 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 06.07.2014 22:00:00
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/05/2014 10:00:00 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 05.07.2014 22:00:00
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/04/2014 11:50:41 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 04.07.2014 23:50:41
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/04/2014 10:58:55 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 04.07.2014 22:58:55
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/04/2014 10:00:00 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 04.07.2014 22:00:00
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen


System errors:
=============
Error: (07/08/2014 02:39:15 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/08/2014 10:55:15 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/08/2014 06:55:15 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/08/2014 05:12:01 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/08/2014 05:00:27 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/08/2014 04:57:40 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/08/2014 04:47:03 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/08/2014 03:51:56 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/08/2014 03:15:08 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR17 gefunden.

Error: (07/07/2014 10:10:32 PM) (Source: DCOM) (EventID: 10016) (User: User-PC)
Description: AnwendungsspezifischLokalAktivierung{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}User-PCUserS-1-5-21-3783384763-327156978-2262831219-1000LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (07/08/2014 07:25:04 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 08.07.2014 19:25:04
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/08/2014 05:15:28 AM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 08.07.2014 05:15:28
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/08/2014 05:11:12 AM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 08.07.2014 05:11:12
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/07/2014 10:00:00 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 07.07.2014 22:00:00
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/07/2014 02:09:07 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 07.07.2014 14:09:07
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/06/2014 10:00:00 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 06.07.2014 22:00:00
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/05/2014 10:00:00 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 05.07.2014 22:00:00
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/04/2014 11:50:41 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 04.07.2014 23:50:41
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/04/2014 10:58:55 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 04.07.2014 22:58:55
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen

Error: (07/04/2014 10:00:00 PM) (Source: ShadowProtectSvc) (EventID: 1121) (User: NT-AUTORITÄT)
Description: Backup Status: failed
Image Datei: U:\Laptop Tina\C_VOL
Log Datei: C:\Program Files (x86)\StorageCraft\ShadowProtect\Logs\{CD892CCA-2E9B-4063-BAAC-D04D8A7895F0}.txt
Startzeit: 04.07.2014 22:00:00
Modul: service
Code: 509
Nachricht: Kann nicht auf das Zielobjekt zugreifen


==================== Memory info =========================== 

Percentage of memory in use: 82%
Total physical RAM: 8098.7 MB
Available physical RAM: 1446.45 MB
Total Pagefile: 16195.58 MB
Available Pagefile: 7769.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (BOOTCAMP) (Fixed) (Total:281.65 GB) (Free:122.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Macintosh HD) (Fixed) (Total:183.47 GB) (Free:163.27 GB) HFS
Drive g: () (Removable) (Total:14.9 GB) (Free:12.76 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 01427308)

Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=183 GB) - (Type=AF)
Partition 3: (Not Active) - (Size=620 MB) - (Type=AB)
Partition 4: (Active) - (Size=282 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 09.07.2014, 13:15   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2014, 21:45   #5
rabe7
 
Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



Hallo Schrauber,

erst mal Danke für Deine Hilfe!

Code:
ATTFilter
ComboFix 14-07-08.01 - User 09.07.2014  22:20:21.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8099.6025 [GMT 2:00]
ausgeführt von:: c:\users\User\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
c:\program files (x86)\Java\jre7\bin\jp2ssv.dll
C:\uninstall.exe
C:\Update.exe
c:\windows\IsUn0407.exe
c:\windows\TEMP\_MEI21642\_ctypes.pyd
c:\windows\TEMP\_MEI21642\_hashlib.pyd
c:\windows\TEMP\_MEI21642\_socket.pyd
c:\windows\TEMP\_MEI21642\_ssl.pyd
c:\windows\TEMP\_MEI21642\pyexpat.pyd
c:\windows\TEMP\_MEI21642\python27.dll
c:\windows\TEMP\_MEI21642\pythoncom27.dll
c:\windows\TEMP\_MEI21642\PyWinTypes27.dll
c:\windows\TEMP\_MEI21642\select.pyd
c:\windows\TEMP\_MEI21642\servicemanager.pyd
c:\windows\TEMP\_MEI21642\win32api.pyd
c:\windows\TEMP\_MEI21642\win32event.pyd
c:\windows\TEMP\_MEI21642\win32service.pyd
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-09 bis 2014-07-09  ))))))))))))))))))))))))))))))
.
.
2014-07-09 14:14 . 2014-06-05 10:54	10779000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0E35A87E-0651-4B74-9CDE-3F4C1AA3A73A}\mpengine.dll
2014-07-08 17:42 . 2014-07-08 17:43	--------	d-----w-	C:\FRST
2014-06-20 08:30 . 2014-06-20 08:30	--------	d-----w-	c:\users\User\AppData\Local\T-Home
2014-06-20 08:26 . 2014-06-20 08:26	--------	d-----w-	c:\program files (x86)\T-Home
2014-06-16 16:13 . 2014-06-22 07:56	--------	d-----w-	c:\users\User\AppData\Local\Adobe
2014-06-14 00:55 . 2014-06-14 00:55	--------	d-----w-	c:\users\User\AppData\Roaming\NVIDIA
2014-06-14 00:54 . 2014-06-14 00:55	--------	d-----w-	c:\users\User\AppData\Local\Facebook
2014-06-11 09:55 . 2014-06-13 11:39	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-24 11:30 . 2013-03-20 10:07	117712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-06-15 11:51 . 2012-11-15 07:02	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-15 11:51 . 2012-11-15 07:02	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-03 08:35 . 2013-03-20 10:07	130584	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-05-26 14:40 . 2012-11-17 06:04	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-05-09 06:14 . 2014-05-26 14:37	477184	----a-w-	c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-26 14:37	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-05-08 07:14 . 2014-05-26 14:45	23134208	----a-w-	c:\windows\system32\mshtml.dll
2014-05-08 06:37 . 2014-05-26 14:45	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-08 05:27 . 2014-05-26 14:45	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-08 04:57 . 2014-05-26 14:45	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-04-15 00:34 . 2014-04-15 00:34	1070232	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-04-14 18:13 . 2014-03-16 00:24	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22 . 2014-05-26 14:37	95680	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-26 14:37	155072	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-26 14:37	29184	----a-w-	c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-26 14:37	136192	----a-w-	c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-26 14:37	28160	----a-w-	c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-26 14:38	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-26 14:37	31232	----a-w-	c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-26 14:37	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-26 14:37	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KasperskyPasswordManager"="c:\program files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe" [2013-01-29 3176384]
"Timerle"="c:\program files (x86)\Timerle\Timerle.exe" [2006-02-19 160899]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-12-21 1090040]
"Updater shortcut"="c:\program files (x86)\T-Mobile\web'n'walk Manager\WTGU.exe" [2008-06-19 857544]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-06-13 291096]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"DLPSP"="c:\program files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE" [2006-02-22 192512]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-06-24 750160]
"DataCardMonitor"="c:\program files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe" [2013-02-09 253952]
"DVAPTray"="c:\windows\System32\DVAPTray.exe" [2012-06-08 192512]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunServices]
"DLPWD95"="c:\program files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWD95.EXE" [2004-03-11 81920]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Amazon Cloud Drive.appref-ms [2014-7-3 408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ControlCenter.lnk - c:\program files (x86)\T-Home\Eumex 800 V1.30\ControlCenter.exe [2007-2-9 221184]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 AppleODD;Apple ODD;c:\windows\system32\DRIVERS\AppleODD.sys;c:\windows\SYSNATIVE\DRIVERS\AppleODD.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AppleHFS;AppleHFS; [x]
S0 AppleMNT;AppleMNT; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 stcvsm;StorageCraft Volume Snapshot Driver;c:\windows\system32\DRIVERS\stcvsm.sys;c:\windows\SYSNATIVE\DRIVERS\stcvsm.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 sbmount;StorageCraft Image Mount Driver; [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AppleOSSMgr;Apple OS Switch Manager;c:\windows\system32\AppleOSSMgr.exe;c:\windows\SYSNATIVE\AppleOSSMgr.exe [x]
S2 AppleTimeSrv;Apple-Time-Server;c:\windows\system32\AppleTimeSrv.exe;c:\windows\SYSNATIVE\AppleTimeSrv.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DLSDB;Dell Printer Status Database;c:\program files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE;c:\program files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [x]
S2 KeyAgent;KeyAgent;c:\windows\system32\drivers\KeyAgent.sys;c:\windows\SYSNATIVE\drivers\KeyAgent.sys [x]
S2 MacHALDriver;Mac HAL;c:\windows\system32\drivers\MacHALDriver.sys;c:\windows\SYSNATIVE\drivers\MacHALDriver.sys [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 ShadowProtectSvc;ShadowProtect Service;c:\program files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe;c:\program files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 StorageCraft ImageReady;StorageCraft ImageReady;c:\program files (x86)\StorageCraft\ShadowProtect\ImageReady.exe;c:\program files (x86)\StorageCraft\ShadowProtect\ImageReady.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 VSNAPVSS;StorageCraft Shadow Copy Provider;c:\program files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe;c:\program files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe [x]
S2 WOTUpdater;WOT Updater;c:\users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe;c:\users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe [x]
S3 acpials;ALS-Sensorfilter;c:\windows\system32\DRIVERS\acpials.sys;c:\windows\SYSNATIVE\DRIVERS\acpials.sys [x]
S3 AppleBtBc;Apple Broadcom Built-in Bluetooth;c:\windows\system32\DRIVERS\AppleBtBc.sys;c:\windows\SYSNATIVE\DRIVERS\AppleBtBc.sys [x]
S3 applemtm;Apple Multitouch Mouse;c:\windows\system32\DRIVERS\applemtm.sys;c:\windows\SYSNATIVE\DRIVERS\applemtm.sys [x]
S3 applemtp;Apple Multitouch;c:\windows\system32\DRIVERS\applemtp.sys;c:\windows\SYSNATIVE\DRIVERS\applemtp.sys [x]
S3 B57ports;Broadcom Simple Communications Device;c:\windows\system32\DRIVERS\b57ports.sys;c:\windows\SYSNATIVE\DRIVERS\b57ports.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 cecsvad;WiVideo Camera;c:\windows\system32\drivers\cecvad.sys;c:\windows\SYSNATIVE\drivers\cecvad.sys [x]
S3 CirrusFilter;CS420xLowerFilter;c:\windows\system32\DRIVERS\CS420x64.sys;c:\windows\SYSNATIVE\DRIVERS\CS420x64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KeyMagic;USB Keyboard HID Filter;c:\windows\system32\DRIVERS\KeyMagic.sys;c:\windows\SYSNATIVE\DRIVERS\KeyMagic.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys;c:\program files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-14 00:54]
.
2014-07-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-14 00:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apple_KbdMgr"="c:\program files\Boot Camp\Bootcamp.exe" [2012-06-14 741800]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
TCP: DhcpNameServer = 192.168.179.1
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\
FF - prefs.js: browser.search.selectedEngine - LEO Eng-Deu
FF - prefs.js: browser.startup.homepage - www.google.de
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=e84c6fea00000000000020c9d04829a3&q=
FF - user.js: extensions.Softonic.id - e84c6fea00000000000020c9d04829a3
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 16014
FF - user.js: extensions.Softonic.vrsn - 1.8.21.14
FF - user.js: extensions.Softonic.vrsni - 1.8.21.14
FF - user.js: extensions.Softonic.vrsnTs - 1.8.21.149:14
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - OC
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - opencandy2013
FF - user.js: extensions.Softonic.instlRef - MOY00621
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=e84c6fea00000000000020c9d04829a3
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=e84c6fea00000000000020c9d04829a3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
AddRemove-Adobe Photoshop 7.0 - c:\windows\ISUN0407.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-09  22:26:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-07-09 20:26
.
Vor Suchlauf: 19 Verzeichnis(se), 138.568.220.672 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 144.373.202.944 Bytes frei
.
- - End Of File - - 17F081A13E89FCCA732DF17BAE140607
A36C5E4F47E84449FF07ED3517B43A31
         
LG

Rabe


Alt 10.07.2014, 15:32   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.

Alt 10.07.2014, 18:44   #7
rabe7
 
Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 10.07.2014
Scan Time: 17:56:26
Logfile: mbam 2017-07-10.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.09.13
Rootkit Database: v2014.07.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 325517
Time Elapsed: 5 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 26
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.admin", false);), ,[d0b18518f08ba195a936a8201ce855ab]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.aflt", "OC");), ,[84fde4b980fb73c3ac33c9ffa0643dc3]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");), ,[6f12ddc06c0f1d19e1feddebcf35b947]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.autoRvrt", "false");), ,[0a771f7e96e550e659860cbc58accc34]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.dfltLng", "de");), ,[8cf5e0bdbac13ff7e3fc0fb96f95fe02]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.dfltSrch", true);), ,[037ed8c59be0ab8b0bd46365bc48eb15]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.dnsErr", true);), ,[aed36f2eff7cae881ac5bc0c18ec4ab6]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.excTlbr", false);), ,[9de479242d4e4aec3fa0c404c73d6898]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.ffxUnstlRst", false);), ,[522fe9b4ef8c85b1528dccfc1fe55ca4]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.hmpg", true);), ,[166b237add9e2016db045b6dd331d62a]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=e84c6fea00000000000020c9d04829a3");), ,[d5acc1dcaccfca6cbe21eade19ebd52b]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.id", "e84c6fea00000000000020c9d04829a3");), ,[bdc48617e09be84e9e41587008fc936d]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.instlDay", "16014");), ,[96eb029b592240f65b8411b728dc7789]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.instlRef", "MOY00621");), ,[166bbedf8cef102604db2f99758f936d]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.newTab", true);), ,[d3aec0dddc9fbb7b02dd8543df258e72]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=e84c6fea00000000000020c9d04829a3");), ,[97eaff9ef58642f435aaa6229b695ca4]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.prdct", "Softonic");), ,[661b6538631874c2716e26a26f9528d8]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.prtnrId", "softonic");), ,[a2df207de596f73fd30c9f295aaadd23]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.rvrt", "false");), ,[94ed3964c8b33ef82fb0e9dfd52f26da]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.smplGrp", "none");), ,[d1b0b9e4ea91171f9a455276f50f6b95]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");), ,[037e0e8f86f556e0855a4a7e50b46898]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.tlbrId", "opencandy2013");), ,[fb861687b2c99e987e61c80022e2cb35]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=e84c6fea00000000000020c9d04829a3&q=");), ,[bec3742996e550e6558a3494857f3dc3]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.vrsn", "1.8.21.14");), ,[9ee35845afccff375887804883813bc5]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.vrsnTs", "1.8.21.149:14:40");), ,[e59c67362853a492b32c8642ce36857b]
PUP.Optional.Softonic.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.vrsni", "1.8.21.14");), ,[2061e3ba6b10b08629b6cbfd4eb6748c]

Physical Sectors: 0
(No malicious items detected)


(end)
         
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.215 - Bericht erstellt am 10/07/2014 um 18:53:58
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : User - USER-PC
# Gestartet von : C:\Users\User\Downloads\adwcleaner_3.215.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\User\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\User\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\User\Documents\Updater
Datei Gelöscht : C:\Users\User\Desktop\Search The Web.url
Datei Gelöscht : C:\Users\User\Desktop\sweetpcfix.url
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_2_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_2_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Updater shortcut]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\wscontb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\prefs.js ]

Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=e84c6fea00000000000020c9d04829a3");
Zeile gelöscht : user_pref("extensions.Softonic.id", "e84c6fea00000000000020c9d04829a3");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16014");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=e84c6fea00000000000020c9d04829a3");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=e84c6fea00000000000020c9d04829a3&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.149:14:40");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [6726 octets] - [10/07/2014 18:52:18]
AdwCleaner[S0].txt - [6535 octets] - [10/07/2014 18:53:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6595 octets] ##########
         
--- --- ---

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by User on 10.07.2014 at 19:17:13,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3783384763-327156978-2262831219-1000\Software\sweetim



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\mkk4idk3.Tina\minidumps [28 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.07.2014 at 19:24:03,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Combofix Logfile:
Code:
ATTFilter
ComboFix 14-07-08.04 - User 10.07.2014  19:35:54.2.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8099.5918 [GMT 2:00]
ausgeführt von:: c:\users\User\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\_MEI23762\_ctypes.pyd
c:\windows\TEMP\_MEI23762\_hashlib.pyd
c:\windows\TEMP\_MEI23762\_socket.pyd
c:\windows\TEMP\_MEI23762\_ssl.pyd
c:\windows\TEMP\_MEI23762\pyexpat.pyd
c:\windows\TEMP\_MEI23762\python27.dll
c:\windows\TEMP\_MEI23762\pythoncom27.dll
c:\windows\TEMP\_MEI23762\PyWinTypes27.dll
c:\windows\TEMP\_MEI23762\select.pyd
c:\windows\TEMP\_MEI23762\servicemanager.pyd
c:\windows\TEMP\_MEI23762\win32api.pyd
c:\windows\TEMP\_MEI23762\win32event.pyd
c:\windows\TEMP\_MEI23762\win32service.pyd
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-10 bis 2014-07-10  ))))))))))))))))))))))))))))))
.
.
2014-07-10 17:39 . 2014-07-10 17:39	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-07-10 17:39 . 2014-07-10 17:39	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-07-10 17:17 . 2014-07-10 17:17	--------	d-----w-	c:\windows\ERUNT
2014-07-10 16:52 . 2010-08-30 06:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-07-10 16:50 . 2014-07-10 16:54	--------	d-----w-	C:\AdwCleaner
2014-07-10 15:19 . 2014-07-10 17:41	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-10 15:18 . 2014-07-10 15:18	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-07-10 15:18 . 2014-07-10 15:18	--------	d-----w-	c:\programdata\Malwarebytes
2014-07-10 15:18 . 2014-05-12 05:26	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-07-10 15:18 . 2014-05-12 05:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-07-10 15:18 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-07-09 14:14 . 2014-06-05 10:54	10779000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0E35A87E-0651-4B74-9CDE-3F4C1AA3A73A}\mpengine.dll
2014-07-08 17:42 . 2014-07-08 17:43	--------	d-----w-	C:\FRST
2014-06-20 08:30 . 2014-06-20 08:30	--------	d-----w-	c:\users\User\AppData\Local\T-Home
2014-06-20 08:26 . 2014-06-20 08:26	--------	d-----w-	c:\program files (x86)\T-Home
2014-06-16 16:13 . 2014-06-22 07:56	--------	d-----w-	c:\users\User\AppData\Local\Adobe
2014-06-14 00:55 . 2014-06-14 00:55	--------	d-----w-	c:\users\User\AppData\Roaming\NVIDIA
2014-06-14 00:54 . 2014-06-14 00:55	--------	d-----w-	c:\users\User\AppData\Local\Facebook
2014-06-11 09:55 . 2014-06-13 11:39	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-10 16:13 . 2012-11-15 07:02	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 16:13 . 2012-11-15 07:02	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 09:56 . 2013-05-06 09:25	42040	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-06-24 11:30 . 2013-03-20 10:07	117712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-06-03 08:35 . 2013-03-20 10:07	130584	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-05-26 14:40 . 2012-11-17 06:04	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-05-09 06:14 . 2014-05-26 14:37	477184	----a-w-	c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-26 14:37	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-05-08 07:14 . 2014-05-26 14:45	23134208	----a-w-	c:\windows\system32\mshtml.dll
2014-05-08 06:37 . 2014-05-26 14:45	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-08 05:27 . 2014-05-26 14:45	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-08 04:57 . 2014-05-26 14:45	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-04-15 00:34 . 2014-04-15 00:34	1070232	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-04-14 18:13 . 2014-03-16 00:24	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22 . 2014-05-26 14:37	95680	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-26 14:37	155072	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-26 14:37	29184	----a-w-	c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-26 14:37	136192	----a-w-	c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-26 14:37	28160	----a-w-	c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-26 14:38	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-26 14:37	31232	----a-w-	c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-26 14:37	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-26 14:37	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KasperskyPasswordManager"="c:\program files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe" [2013-01-29 3176384]
"Timerle"="c:\program files (x86)\Timerle\Timerle.exe" [2006-02-19 160899]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-12-21 1090040]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-06-13 291096]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"DLPSP"="c:\program files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE" [2006-02-22 192512]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-06-24 750160]
"DataCardMonitor"="c:\program files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe" [2013-02-09 253952]
"DVAPTray"="c:\windows\System32\DVAPTray.exe" [2012-06-08 192512]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunServices]
"DLPWD95"="c:\program files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWD95.EXE" [2004-03-11 81920]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Amazon Cloud Drive.appref-ms [2014-7-3 408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ControlCenter.lnk - c:\program files (x86)\T-Home\Eumex 800 V1.30\ControlCenter.exe [2007-2-9 221184]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 AppleODD;Apple ODD;c:\windows\system32\DRIVERS\AppleODD.sys;c:\windows\SYSNATIVE\DRIVERS\AppleODD.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AppleHFS;AppleHFS; [x]
S0 AppleMNT;AppleMNT; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 stcvsm;StorageCraft Volume Snapshot Driver;c:\windows\system32\DRIVERS\stcvsm.sys;c:\windows\SYSNATIVE\DRIVERS\stcvsm.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 sbmount;StorageCraft Image Mount Driver; [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AppleOSSMgr;Apple OS Switch Manager;c:\windows\system32\AppleOSSMgr.exe;c:\windows\SYSNATIVE\AppleOSSMgr.exe [x]
S2 AppleTimeSrv;Apple-Time-Server;c:\windows\system32\AppleTimeSrv.exe;c:\windows\SYSNATIVE\AppleTimeSrv.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DLSDB;Dell Printer Status Database;c:\program files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE;c:\program files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [x]
S2 KeyAgent;KeyAgent;c:\windows\system32\drivers\KeyAgent.sys;c:\windows\SYSNATIVE\drivers\KeyAgent.sys [x]
S2 MacHALDriver;Mac HAL;c:\windows\system32\drivers\MacHALDriver.sys;c:\windows\SYSNATIVE\drivers\MacHALDriver.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 ShadowProtectSvc;ShadowProtect Service;c:\program files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe;c:\program files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 StorageCraft ImageReady;StorageCraft ImageReady;c:\program files (x86)\StorageCraft\ShadowProtect\ImageReady.exe;c:\program files (x86)\StorageCraft\ShadowProtect\ImageReady.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 VSNAPVSS;StorageCraft Shadow Copy Provider;c:\program files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe;c:\program files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe [x]
S2 WOTUpdater;WOT Updater;c:\users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe;c:\users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe [x]
S3 acpials;ALS-Sensorfilter;c:\windows\system32\DRIVERS\acpials.sys;c:\windows\SYSNATIVE\DRIVERS\acpials.sys [x]
S3 AppleBtBc;Apple Broadcom Built-in Bluetooth;c:\windows\system32\DRIVERS\AppleBtBc.sys;c:\windows\SYSNATIVE\DRIVERS\AppleBtBc.sys [x]
S3 applemtm;Apple Multitouch Mouse;c:\windows\system32\DRIVERS\applemtm.sys;c:\windows\SYSNATIVE\DRIVERS\applemtm.sys [x]
S3 applemtp;Apple Multitouch;c:\windows\system32\DRIVERS\applemtp.sys;c:\windows\SYSNATIVE\DRIVERS\applemtp.sys [x]
S3 B57ports;Broadcom Simple Communications Device;c:\windows\system32\DRIVERS\b57ports.sys;c:\windows\SYSNATIVE\DRIVERS\b57ports.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 cecsvad;WiVideo Camera;c:\windows\system32\drivers\cecvad.sys;c:\windows\SYSNATIVE\drivers\cecvad.sys [x]
S3 CirrusFilter;CS420xLowerFilter;c:\windows\system32\DRIVERS\CS420x64.sys;c:\windows\SYSNATIVE\DRIVERS\CS420x64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KeyMagic;USB Keyboard HID Filter;c:\windows\system32\DRIVERS\KeyMagic.sys;c:\windows\SYSNATIVE\DRIVERS\KeyMagic.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys;c:\program files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-15 16:13]
.
2014-07-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-14 00:54]
.
2014-07-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-14 00:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apple_KbdMgr"="c:\program files\Boot Camp\Bootcamp.exe" [2012-06-14 741800]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.179.1
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\
FF - prefs.js: browser.search.selectedEngine - LEO Eng-Deu
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Adobe Photoshop 7.0 - c:\windows\ISUN0407.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-10  19:42:36 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-07-10 17:42
ComboFix2.txt  2014-07-09 20:26
.
Vor Suchlauf: 24 Verzeichnis(se), 144.008.130.560 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 143.946.104.832 Bytes frei
.
- - End Of File - - CBF76E1212869A464CE2735F5415B37D
         
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

Alt 11.07.2014, 13:41   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.07.2014, 14:50   #9
rabe7
 
Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



Hallo Schrauber,

hab ich was falsch gemacht? Ich hab die .txts gepostet, bin aber nicht so bewandert in diesen Sachen.

LG

Martina

Alt 12.07.2014, 07:47   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



irgendwas lief da mit meinem POsting schief.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.07.2014, 21:53   #11
rabe7
 
Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0b0fb1153dbd1a4898e6de03d7d6eae1
# engine=19145
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-12 04:52:11
# local_time=2014-07-12 06:52:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 24899 59108517 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 124837 156813781 0 0
# scanned=480126
# found=8
# cleaned=0
# scan_time=5457
sh=C8F1E3F28152C6C010B7AE8FA4D167E3C388FF0C ft=1 fh=84ff0b58ed098a1d vn="Win32/SweetIM.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll.vir"
sh=E6FE0660D7FAECE6CE032D7236EDA3692041EF05 ft=1 fh=933f44e7296c678a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Desktop\Eigene Dateien von alten PC\Downloads\Alcohol120_trial_1.9.8.7612.exe"
sh=9346681C1520E89D9784338989693E632A4FB7A5 ft=1 fh=bcae0fbc1df73997 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Desktop\Eigene Dateien von alten PC\Downloads\Windows Moviemaker\SoftonicDownloader_fuer_windows-live-movie-maker.exe"
sh=E6FE0660D7FAECE6CE032D7236EDA3692041EF05 ft=1 fh=933f44e7296c678a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Documents\Eigene Dateien von alten PC\Downloads\Alcohol120_trial_1.9.8.7612.exe"
sh=9346681C1520E89D9784338989693E632A4FB7A5 ft=1 fh=bcae0fbc1df73997 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Documents\Eigene Dateien von alten PC\Downloads\Windows Moviemaker\SoftonicDownloader_fuer_windows-live-movie-maker.exe"
sh=AB14E3D37CF5D385768C8481C8274A5327A32B63 ft=1 fh=79f6fbac2bb74baa vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Documents\Eigene Dateien von alten PC\INTERNET DOWNLOADS CELINA\Registry Booster\registrybooster.exe"
sh=1A09EBFF032E902BBBB538FFBD2ED4310CFDA998 ft=1 fh=6cd4e90f07252fe3 vn="Variante von Win32/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\avira-premium-security-suite.exe"
sh=8EE1D4B71F29E7D623AA155C625FA3020BC2C60F ft=1 fh=c1cb6983489b1247 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\HijackThis - CHIP-Installer.exe"
         
Das andere Prog ist noch nicht durch.

LG

Martina

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0b0fb1153dbd1a4898e6de03d7d6eae1
# engine=19145
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-12 04:52:11
# local_time=2014-07-12 06:52:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 24899 59108517 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 124837 156813781 0 0
# scanned=480126
# found=8
# cleaned=0
# scan_time=5457
sh=C8F1E3F28152C6C010B7AE8FA4D167E3C388FF0C ft=1 fh=84ff0b58ed098a1d vn="Win32/SweetIM.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll.vir"
sh=E6FE0660D7FAECE6CE032D7236EDA3692041EF05 ft=1 fh=933f44e7296c678a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Desktop\Eigene Dateien von alten PC\Downloads\Alcohol120_trial_1.9.8.7612.exe"
sh=9346681C1520E89D9784338989693E632A4FB7A5 ft=1 fh=bcae0fbc1df73997 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Desktop\Eigene Dateien von alten PC\Downloads\Windows Moviemaker\SoftonicDownloader_fuer_windows-live-movie-maker.exe"
sh=E6FE0660D7FAECE6CE032D7236EDA3692041EF05 ft=1 fh=933f44e7296c678a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Documents\Eigene Dateien von alten PC\Downloads\Alcohol120_trial_1.9.8.7612.exe"
sh=9346681C1520E89D9784338989693E632A4FB7A5 ft=1 fh=bcae0fbc1df73997 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Documents\Eigene Dateien von alten PC\Downloads\Windows Moviemaker\SoftonicDownloader_fuer_windows-live-movie-maker.exe"
sh=AB14E3D37CF5D385768C8481C8274A5327A32B63 ft=1 fh=79f6fbac2bb74baa vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Documents\Eigene Dateien von alten PC\INTERNET DOWNLOADS CELINA\Registry Booster\registrybooster.exe"
sh=1A09EBFF032E902BBBB538FFBD2ED4310CFDA998 ft=1 fh=6cd4e90f07252fe3 vn="Variante von Win32/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\avira-premium-security-suite.exe"
sh=8EE1D4B71F29E7D623AA155C625FA3020BC2C60F ft=1 fh=c1cb6983489b1247 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\HijackThis - CHIP-Installer.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.85  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Moo0 Disk Cleaner 1.23  
 Java 7 Update 55  
 Java version out of Date! 
 Adobe Flash Player 14.0.0.145  
 Adobe Reader XI  
 Mozilla Firefox (30.0) 
 Mozilla Thunderbird (24.6.0) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Kaspersky Lab Kaspersky Password Manager stpass.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by User (administrator) on USER-PC on 12-07-2014 19:15:50
Running from C:\Users\User\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
() C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe
(Dell Inc.) C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
(StorageCraft Technology Corporation) C:\Program Files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(StorageCraft Technology Corporation) C:\Program Files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe
(JFSoftware) C:\Program Files (x86)\Timerle\Timerle.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(T-Com) C:\Program Files (x86)\T-Home\Eumex 800 V1.30\ControlCenter.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dell Inc.) C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
() C:\Windows\SysWOW64\DVAPTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Moo0) C:\Program Files (x86)\Moo0\SystemMonitor 1.76\SystemMonitor.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\User\Downloads\SecurityCheck(1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [741800 2012-06-14] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2012-06-13] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DLPSP] => C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE [192512 2006-02-23] (Dell Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\T-Mobile\web'n'walk Manager\DataCardMonitor.exe [253952 2013-02-09] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [DVAPTray] => C:\Windows\SysWOW64\DVAPTray.exe [192512 2012-06-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [KasperskyPasswordManager] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe [3176384 2013-01-29] (Kaspersky Lab)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [Timerle] => C:\Program Files (x86)\Timerle\Timerle.exe [160899 2006-02-19] (JFSoftware)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KasperskyPasswordManager] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe [3176384 2013-01-29] (Kaspersky Lab)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Timerle] => C:\Program Files (x86)\Timerle\Timerle.exe [160899 2006-02-19] (JFSoftware)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-3783384763-327156978-2262831219-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ControlCenter.lnk
ShortcutTarget: ControlCenter.lnk -> C:\Program Files (x86)\T-Home\Eumex 800 V1.30\ControlCenter.exe (T-Com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC00FBF6E22FFCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WOT - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\User\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina
FF DefaultSearchEngine: LEO Eng-Deu
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @kaspersky.com/Password Manager - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\npkpmAutofill.dll (Kaspersky Lab)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: anonymoX - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\client@anonymox.net.xpi [2013-05-12]
FF Extension: Ghostery - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\firefox@ghostery.com.xpi [2013-08-02]
FF Extension: Self-Destructing Cookies - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2014-01-12]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\mkk4idk3.Tina\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-21]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-22]
FF HKCU\...\Firefox\Extensions: [{72CA2996-F580-47DF-98FF-0B853D09CEC8}] - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill
FF Extension: Password Manager Autofill Engine - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill [2012-11-15]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKCU\...\Thunderbird\Extensions: [{72CA2996-F580-47DF-98FF-0B853D09CEC8}] - C:\Users\User\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\User\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-22] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224680 2012-06-14] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DLPWD; C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE [90112 2005-11-10] (Dell Inc.) [File not signed]
R2 DLSDB; C:\Program Files (x86)\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [135168 2005-08-25] (Dell Inc.) [File not signed]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
R2 ShadowProtectSvc; C:\Program Files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [4586760 2013-05-10] (StorageCraft Technology Corporation)
R2 StorageCraft ImageReady; C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe [4408000 2013-05-10] ()
R2 VSNAPVSS; C:\Program Files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe [94984 2013-05-10] (StorageCraft Technology Corporation)
R2 WOTUpdater; C:\Users\User\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [File not signed]

==================== Drivers (Whitelisted) ====================

R3 applemtm; C:\Windows\System32\DRIVERS\applemtm.sys [12288 2010-12-22] (Apple Inc.)
R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [38912 2010-12-22] (Apple Inc.)
S3 AppleODD; C:\Windows\System32\DRIVERS\AppleODD.sys [8704 2010-10-11] (Apple Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 B57ports; C:\Windows\System32\DRIVERS\b57ports.sys [44544 2012-06-13] (Broadcom Corporation)
R3 cecsvad; C:\Windows\System32\drivers\cecvad.sys [23040 2011-12-08] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
R1 sbmount; C:\Windows\System32\Drivers\sbmount.sys [117000 2013-05-10] (StorageCraft Technology Corporation)
R0 stcvsm; C:\Windows\System32\DRIVERS\stcvsm.sys [283400 2013-05-10] (StorageCraft Technology Corporation)
S1 tcpipBM; C:\Windows\SysWow64\Drivers\tcpipBM.sys [18816 2008-05-08] (Bytemobile, Inc.) [File not signed]
R3 WinRing0_1_2_0; C:\Program Files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-12 19:14 - 2014-07-12 19:14 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-07-12 19:08 - 2014-07-12 19:08 - 00854390 _____ () C:\Users\User\Downloads\SecurityCheck.exe
2014-07-12 19:08 - 2014-07-12 19:08 - 00854390 _____ () C:\Users\User\Downloads\SecurityCheck(1).exe
2014-07-12 16:30 - 2014-07-12 16:30 - 02347384 _____ (ESET) C:\Users\User\esetsmartinstaller_deu.exe
2014-07-11 08:20 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-11 08:20 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-11 08:20 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-11 08:20 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-11 08:20 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-11 08:20 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-11 08:20 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-11 08:20 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-11 08:20 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-11 08:20 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-11 08:20 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-11 08:20 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-11 08:20 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-11 08:20 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-11 08:20 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-11 08:20 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-11 08:20 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-11 08:20 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-11 08:20 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-11 08:20 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-11 08:20 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-11 08:20 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-11 08:20 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-11 08:20 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-11 08:20 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-11 08:20 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-11 08:20 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-11 08:20 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-11 08:20 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-11 08:20 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-11 08:20 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-11 08:20 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-11 08:20 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-11 08:20 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-11 08:20 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-11 08:20 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-11 08:20 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-11 08:20 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-11 08:20 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-11 08:20 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-11 08:20 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-11 08:20 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-11 08:20 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-11 08:20 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-11 08:20 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-11 08:20 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-11 08:20 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-11 08:20 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-11 08:20 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-11 08:20 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-11 08:20 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-11 08:20 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-11 08:20 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-11 08:20 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-11 08:20 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-11 08:20 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-11 08:18 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-11 08:18 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-11 08:18 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-11 08:18 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-11 08:18 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-11 08:18 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-11 08:18 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-11 08:18 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-11 08:18 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-11 08:18 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-11 08:18 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-11 08:18 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-11 08:18 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-11 08:18 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-11 08:18 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-11 08:18 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-11 08:18 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-11 08:18 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-11 08:18 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-11 08:18 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-11 08:18 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-11 08:18 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-11 08:18 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-11 08:18 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-07-11 08:18 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-11 08:18 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-11 08:18 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-11 08:18 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-11 08:18 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-11 08:18 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-11 08:18 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-07-11 08:18 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-07-11 08:18 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-07-11 08:18 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-07-11 08:17 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-11 08:17 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-11 08:17 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-11 08:17 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-07-11 08:17 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-07-10 19:42 - 2014-07-10 19:42 - 00024317 _____ () C:\ComboFix.txt
2014-07-10 19:24 - 2014-07-10 19:24 - 00000941 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-10 19:17 - 2014-07-10 19:17 - 00000000 ____D () C:\Windows\ERUNT
2014-07-10 19:16 - 2014-07-10 19:16 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-07-10 18:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-10 18:50 - 2014-07-10 18:54 - 00000000 ____D () C:\AdwCleaner
2014-07-10 18:10 - 2014-07-10 18:10 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe
2014-07-10 18:02 - 2014-07-10 18:02 - 00006851 _____ () C:\Users\User\Desktop\mbam 2017-07-10.txt
2014-07-10 17:46 - 2014-07-12 19:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-10 17:46 - 2014-07-10 18:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 17:19 - 2014-07-12 18:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-10 17:18 - 2014-07-10 17:18 - 00001070 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-10 17:18 - 2014-07-10 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-10 17:18 - 2014-07-10 17:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-10 17:18 - 2014-07-10 17:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-10 17:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-10 17:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-10 17:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-10 17:15 - 2014-07-10 17:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-09 22:19 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-09 22:19 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-09 22:19 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-09 22:19 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-09 22:19 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-09 22:19 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-09 22:19 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-09 22:19 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-09 22:09 - 2014-07-10 17:48 - 00001413 _____ () C:\Users\User\Desktop\ComboFix - Verknüpfung.lnk
2014-07-09 21:58 - 2014-07-10 19:42 - 00000000 ____D () C:\Qoobox
2014-07-09 21:58 - 2014-07-09 22:25 - 00000000 ____D () C:\Windows\erdnt
2014-07-09 21:57 - 2014-07-10 19:29 - 05217324 ____R (Swearware) C:\Users\User\Downloads\ComboFix.exe
2014-07-08 19:42 - 2014-07-12 19:15 - 00020230 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-08 19:42 - 2014-07-12 19:15 - 00000000 ____D () C:\FRST
2014-07-08 19:42 - 2014-07-08 19:43 - 00046725 _____ () C:\Users\User\Downloads\Addition.txt
2014-07-08 19:40 - 2014-07-12 19:14 - 02084864 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-08 14:10 - 2014-07-08 14:10 - 00000000 ____D () C:\Users\User\Documents\Hijackthis Logiles
2014-07-08 14:06 - 2014-07-08 14:07 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\HijackThis - CHIP-Installer.exe
2014-07-03 00:04 - 2014-07-03 00:05 - 00000000 ____D () C:\Users\User\Documents\Waschmittel
2014-06-29 11:01 - 2014-06-29 11:01 - 32826224 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeDownload.exe
2014-06-22 10:57 - 2014-06-22 10:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-20 10:41 - 2014-06-20 10:42 - 00000000 ____D () C:\Users\User\Documents\Eumex
2014-06-20 10:30 - 2014-06-20 10:30 - 00000000 ____D () C:\Users\User\AppData\Local\T-Home
2014-06-20 10:26 - 2014-06-20 10:26 - 00000046 _____ () C:\Windows\hmview.ini
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eumex 800 V1.30
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\Program Files (x86)\T-Home
2014-06-16 18:13 - 2014-06-22 09:56 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-06-14 02:55 - 2014-07-12 18:00 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA.job
2014-06-14 02:55 - 2014-07-12 03:00 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core.job
2014-06-14 02:55 - 2014-06-14 02:55 - 00003898 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA
2014-06-14 02:55 - 2014-06-14 02:55 - 00003530 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core
2014-06-14 02:55 - 2014-06-14 02:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\NVIDIA
2014-06-14 02:54 - 2014-06-14 02:55 - 00000000 ____D () C:\Users\User\AppData\Local\Facebook

==================== One Month Modified Files and Folders =======

2014-07-12 19:16 - 2014-07-08 19:42 - 00020230 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-12 19:15 - 2014-07-08 19:42 - 00000000 ____D () C:\FRST
2014-07-12 19:14 - 2014-07-12 19:14 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-07-12 19:14 - 2014-07-08 19:40 - 02084864 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-12 19:13 - 2014-07-10 17:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-12 19:08 - 2014-07-12 19:08 - 00854390 _____ () C:\Users\User\Downloads\SecurityCheck.exe
2014-07-12 19:08 - 2014-07-12 19:08 - 00854390 _____ () C:\Users\User\Downloads\SecurityCheck(1).exe
2014-07-12 18:58 - 2012-11-15 09:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-07-12 18:57 - 2014-07-10 17:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 18:31 - 2012-11-12 14:44 - 01393949 _____ () C:\Windows\WindowsUpdate.log
2014-07-12 18:00 - 2014-06-14 02:55 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA.job
2014-07-12 17:17 - 2011-04-12 09:43 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-07-12 17:17 - 2011-04-12 09:43 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-07-12 17:17 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 16:30 - 2014-07-12 16:30 - 02347384 _____ (ESET) C:\Users\User\esetsmartinstaller_deu.exe
2014-07-12 04:58 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-12 04:58 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-12 03:00 - 2014-06-14 02:55 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core.job
2014-07-11 08:34 - 2013-12-26 12:06 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-07-11 08:32 - 2012-11-12 16:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-11 08:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-11 08:32 - 2009-07-14 06:51 - 00107837 _____ () C:\Windows\setupact.log
2014-07-11 08:30 - 2009-07-14 06:45 - 00466512 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 08:29 - 2014-05-26 16:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 08:29 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 08:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 08:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 08:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-11 08:26 - 2012-11-12 17:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-11 08:24 - 2013-07-26 05:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 08:02 - 2013-12-26 12:06 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-07-10 19:42 - 2014-07-10 19:42 - 00024317 _____ () C:\ComboFix.txt
2014-07-10 19:42 - 2014-07-09 21:58 - 00000000 ____D () C:\Qoobox
2014-07-10 19:41 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-10 19:39 - 2010-11-21 05:47 - 00367620 _____ () C:\Windows\PFRO.log
2014-07-10 19:29 - 2014-07-09 21:57 - 05217324 ____R (Swearware) C:\Users\User\Downloads\ComboFix.exe
2014-07-10 19:24 - 2014-07-10 19:24 - 00000941 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-10 19:17 - 2014-07-10 19:17 - 00000000 ____D () C:\Windows\ERUNT
2014-07-10 19:16 - 2014-07-10 19:16 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-07-10 18:54 - 2014-07-10 18:50 - 00000000 ____D () C:\AdwCleaner
2014-07-10 18:13 - 2014-07-10 17:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 18:13 - 2012-11-15 09:02 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 18:13 - 2012-11-15 09:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 18:10 - 2014-07-10 18:10 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe
2014-07-10 18:02 - 2014-07-10 18:02 - 00006851 _____ () C:\Users\User\Desktop\mbam 2017-07-10.txt
2014-07-10 17:48 - 2014-07-09 22:09 - 00001413 _____ () C:\Users\User\Desktop\ComboFix - Verknüpfung.lnk
2014-07-10 17:18 - 2014-07-10 17:18 - 00001070 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-10 17:18 - 2014-07-10 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-10 17:18 - 2014-07-10 17:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-10 17:18 - 2014-07-10 17:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-10 17:17 - 2014-07-10 17:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-10 11:56 - 2013-05-06 11:25 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-10 00:00 - 2012-11-15 09:26 - 00000000 ___SD () C:\Users\User\Documents\Passwords Database
2014-07-09 22:34 - 2013-02-11 21:05 - 00000000 ____D () C:\Users\User\Documents\Bugs
2014-07-09 22:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-09 22:25 - 2014-07-09 21:58 - 00000000 ____D () C:\Windows\erdnt
2014-07-09 22:12 - 2013-07-01 04:57 - 00000000 ____D () C:\Users\User\Documents\Rezepte Kochen Getränke
2014-07-09 12:11 - 2013-02-09 21:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\HCM Updater
2014-07-08 19:43 - 2014-07-08 19:42 - 00046725 _____ () C:\Users\User\Downloads\Addition.txt
2014-07-08 14:10 - 2014-07-08 14:10 - 00000000 ____D () C:\Users\User\Documents\Hijackthis Logiles
2014-07-08 14:07 - 2014-07-08 14:06 - 00961360 _____ (Chip Digital GmbH) C:\Users\User\Downloads\HijackThis - CHIP-Installer.exe
2014-07-07 09:13 - 2012-12-28 10:44 - 00000000 ____D () C:\HVBefin
2014-07-04 16:47 - 2014-02-02 21:07 - 00340480 ___SH () C:\Users\User\Desktop\Thumbs.db
2014-07-03 00:05 - 2014-07-03 00:04 - 00000000 ____D () C:\Users\User\Documents\Waschmittel
2014-06-30 04:09 - 2014-07-11 08:18 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-11 08:18 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 11:01 - 2014-06-29 11:01 - 32826224 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeDownload.exe
2014-06-28 07:17 - 2012-12-15 00:29 - 00000000 ____D () C:\Users\User\Documents\pi
2014-06-26 17:40 - 2012-11-17 08:04 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-24 19:30 - 2013-04-21 15:40 - 00184832 ___SH () C:\Users\User\Documents\Thumbs.db
2014-06-24 13:30 - 2013-03-20 12:07 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-23 20:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-23 07:38 - 2012-11-14 18:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-22 10:57 - 2014-06-22 10:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 09:56 - 2014-06-16 18:13 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-06-20 22:14 - 2014-07-11 08:20 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-11 08:20 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 10:42 - 2014-06-20 10:41 - 00000000 ____D () C:\Users\User\Documents\Eumex
2014-06-20 10:30 - 2014-06-20 10:30 - 00000000 ____D () C:\Users\User\AppData\Local\T-Home
2014-06-20 10:26 - 2014-06-20 10:26 - 00000046 _____ () C:\Windows\hmview.ini
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eumex 800 V1.30
2014-06-20 10:26 - 2014-06-20 10:26 - 00000000 ____D () C:\Program Files (x86)\T-Home
2014-06-20 10:26 - 2012-11-12 16:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-19 10:26 - 2012-11-15 08:40 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-19 03:39 - 2014-07-11 08:20 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-11 08:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-11 08:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-11 08:20 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-11 08:20 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-11 08:20 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-11 08:20 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-11 08:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-11 08:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-11 08:20 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-11 08:20 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-11 08:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-11 08:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-11 08:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-11 08:20 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-11 08:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-11 08:20 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-11 08:20 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-11 08:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-11 08:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-11 08:20 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-11 08:20 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-11 08:20 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-11 08:20 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-11 08:20 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-11 08:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-11 08:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-11 08:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-11 08:20 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-11 08:20 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-11 08:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-11 08:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-11 08:20 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-11 08:20 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-11 08:20 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-11 08:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-11 08:20 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-11 08:20 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-11 08:20 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-11 08:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-11 08:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-11 08:20 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-11 08:20 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-11 08:20 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-11 08:20 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-11 08:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-11 08:20 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-11 08:20 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-11 08:20 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-11 08:20 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-11 08:20 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-11 08:20 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-11 08:20 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-11 08:20 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 04:18 - 2014-07-11 08:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-11 08:18 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-11 08:18 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-14 02:55 - 2014-06-14 02:55 - 00003898 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000UA
2014-06-14 02:55 - 2014-06-14 02:55 - 00003530 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3783384763-327156978-2262831219-1000Core
2014-06-14 02:55 - 2014-06-14 02:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\NVIDIA
2014-06-14 02:55 - 2014-06-14 02:54 - 00000000 ____D () C:\Users\User\AppData\Local\Facebook
2014-06-13 13:39 - 2014-06-11 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-13 12:17 - 2014-06-01 08:17 - 00000000 ____D () C:\Users\User\Documents\Christian Sander

Files to move or delete:
====================
C:\Users\User\esetsmartinstaller_deu.exe


Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-09 16:15

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Results of screen317's Security Check version 0.99.85
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Moo0 Disk Cleaner 1.23
Java 7 Update 55
Java version out of Date!
Adobe Flash Player 14.0.0.145
Adobe Reader XI
Mozilla Firefox (30.0)
Mozilla Thunderbird (24.6.0)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes Anti-Malware mbamscheduler.exe
Kaspersky Lab Kaspersky Password Manager stpass.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

Alt 13.07.2014, 15:07   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Standard

Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.



Java updaten

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.
acrobat update, internet, internet explorer, kaspersky, macbook pro, monitor, object, photoshop, problem, pup.optional.softonic.a, security, software, win32/domaiq.a, win32/downloadsponsor.a, win32/softonicdownloader.a, win32/sweetim.k, win32/toolbar.conduit.b, windows



Ähnliche Themen: Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um.


  1. Windows ist unstabil und verhält sich komisch
    Plagegeister aller Art und deren Bekämpfung - 08.08.2015 (7)
  2. Windows 7: PC verhält sich komisch update.exe
    Log-Analyse und Auswertung - 17.05.2015 (38)
  3. Windows7: Seiten springen auf Werbung um, Seiten nich zu öffnen oder schließen "Tr.Drop.Rotbrow.K.1 " und 8 weitere Viren in Quarantäne"
    Log-Analyse und Auswertung - 21.03.2015 (9)
  4. PC verhält sich komisch, langsam, Phishing Mail mit PW erhalten
    Plagegeister aller Art und deren Bekämpfung - 07.12.2013 (11)
  5. Links werden umgeleitet, nervige werbungen eingeblendet. Seiten springen auf Lycos
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (7)
  6. Rechner verhält sich komisch - Virus, Trojaner,...?
    Plagegeister aller Art und deren Bekämpfung - 10.04.2013 (15)
  7. PC verhält sich komisch - Informationen dringen nach außen
    Log-Analyse und Auswertung - 23.11.2011 (25)
  8. Pc verhält sich komisch. Viren/Maleware/Trojaner verdacht
    Log-Analyse und Auswertung - 19.09.2011 (9)
  9. Ständig springen meine Seiten auf Facebook und posten irgendwas
    Plagegeister aller Art und deren Bekämpfung - 23.07.2011 (15)
  10. Computer verhält sich weiterhin komisch,nach bereinigung mit Ad-Aware.
    Plagegeister aller Art und deren Bekämpfung - 10.03.2011 (16)
  11. BitDefender kein Update, Web-Fehlleitung, Windows verhält sich komisch
    Plagegeister aller Art und deren Bekämpfung - 27.02.2009 (10)
  12. Pc verhält sich komisch
    Log-Analyse und Auswertung - 31.01.2009 (1)
  13. Mein PC *verhält* sich komisch
    Plagegeister aller Art und deren Bekämpfung - 05.09.2008 (1)
  14. Pc verhält sich komisch ... Verdacht auf Viren, Spy oder Adware ... Hilfe
    Log-Analyse und Auswertung - 28.05.2008 (7)
  15. Rechner verhält sich komisch! Verdacht auf Trojaner!
    Log-Analyse und Auswertung - 23.01.2007 (9)
  16. Security seiten springen auf
    Log-Analyse und Auswertung - 17.10.2006 (2)
  17. System verhält sich komisch -> Log auswerten?
    Log-Analyse und Auswertung - 26.05.2005 (3)

Zum Thema Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. - Hallo Trojanerboard, mein MacBook Pro; Bootamp, Win7, verhält sich seltsam, - normalerweise ist es absolut still (außer bei extremen Temperaturen im Urlaub), jetzt lüftet es auch mal länger über Stunden. - Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um....
Archiv
Du betrachtest: Mauszeiger verhält sich plötzlich komisch unter win 7, offene Seiten springen um. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.