Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7: Avast! hat Win32:Somoto gefunden

Windows 7: Avast! hat Win32:Somoto gefunden


Log-Analyse und Auswertung: Windows 7: Avast! hat Win32:Somoto gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 09.07.2014, 16:53   #1
Angie.12
 
Windows 7: Avast! hat Win32:Somoto gefunden - Standard

Windows 7: Avast! hat Win32:Somoto gefunden


Hallo! Am 7.7.14 hat sich mein Computer plötzlicherweise von alleine heruntergefahren. Als dies ein zweites Mal passiert ist, habe ich gelesen, dass Windows das aus Sicherheitsgründen selbst gemacht hat. Daraufhin habe ich Avast! eine Überprüfung machen lassen und es hat so einiges gefunden. Daraufhin habe ich mit Avast! noch einen BootScan gemacht und er hat weitere Viren gefunden. Die Viren befinden sich aber noch im Quarantäneordner. Leider gibt es nurnoch diese Log-Datei von diesem Tag:

Code:
ATTFilter
File: C:\Users\user\AppData\Local\FilesFrog Update Checker\update_checker.exe
Reference: JOB:C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
Value: C:\Users\user\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
Result (2/14): 23: 1 2147483674


File: C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
Reference: HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Value: {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Result (2/14): 6: 1 2147483674


File: C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
Reference: HKLM:SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Value: 
Result (2/14): 2: 1 0
ich habe heute noch die anderen Scans drüber laufen lassen:

Defogger:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:04 on 09/07/2014 (user)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-07-2014
Ran by user (administrator) on USER-PC on 09-07-2014 16:07:31
Running from C:\Users\user\Desktop
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(SPAMfighter ApS) C:\Program Files\Fighters\SPAMfighter\sfus.exe
(SPAMfighter ApS) C:\Program Files\Fighters\FighterSuiteService.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\SweetIM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE12\GrooveMonitor.exe
(SPAMfighter ApS) C:\Program Files\Fighters\Tray\FightersTray.exe
(SPAMfighter ApS) C:\Program Files\Fighters\SPAMfighter\sfagent.exe
(Inbox.com, Inc.) C:\Program Files\Inbox Toolbar\Inbox.exe
(Crawler, LLC) C:\Program Files\SiteRanker\SiteRankTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE12\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
() C:\Users\user\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SweetIM] => C:\Program Files\SweetIM\Messenger\SweetIM.exe [111928 2010-10-13] (SweetIM Technologies Ltd.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [CommonToolkitTray] => C:\Program Files\Fighters\Tray\FightersTray.exe [1405544 2012-11-13] (SPAMfighter ApS)
HKLM\...\Run: [sfagent] => C:\Program Files\Fighters\SPAMfighter\sfagent.exe [1460768 2013-01-15] (SPAMfighter ApS)
HKLM\...\Run: [InboxToolbar] => C:\Program Files\Inbox Toolbar\Inbox.exe [1380312 2013-12-13] (Inbox.com, Inc.)
HKLM\...\Run: [SiteRanker] => C:\Program Files\SiteRanker\SiteRankTray.exe [1076696 2014-04-11] (Crawler, LLC)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-05] (AVAST Software)
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5626136 2014-06-05] (SUPERAntiSpyware)
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-14] (Adobe Systems Incorporated)
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {12a380eb-6e12-11df-8135-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {24fbc566-ec1d-11e1-9ac1-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {2c674389-14a0-11e2-a820-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {32f8d648-2ef2-11e2-b67f-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {34bcb6ab-1d0a-11e3-b038-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {3706a923-7b22-11e2-a859-40618604b0a5} - J:\laucher.exe
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {40694b99-aba7-11e1-8444-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {4cda2f9f-cda7-11e2-a2db-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {4de99d8d-9d80-11e1-82ba-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {757d6007-a953-11e1-83cb-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {7f68d8d2-3556-11e3-ac9b-40618604b0a5} - J:\iStudio.exe
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {80da234f-7945-11df-813a-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {980a7623-f3c5-11e0-af92-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {aaeeb8a7-dab7-11df-ba36-40618604b0a5} - I:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {ab67aa39-091b-11e0-807f-40618604b0a5} - I:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {b38d659b-6458-11e2-9253-40618604b0a5} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3119117300-1333165164-2282811473-1000\...\MountPoints2: {dbd45f3a-9a47-11df-82ca-40618604b0a5} - I:\LaunchU3.exe -a
AppInit_DLLs: c:\progra~1\movies~1\safety~1\safety~2.dll => c:\progra~1\movies~1\safety~1\safety~2.dll File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\OFFICE12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\safetynut\x64\safetycrt.dll
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-102&v=a11465-240&t=4
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x605BFB24EC3DCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
URLSearchHook: HKCU - SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
URLSearchHook: HKCU - (No Name) - {6844d7d2-99a7-4bb2-84b6-e1b865860cc4} -  No File
SearchScopes: HKLM - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2189224
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=102&systemid=473&v=a11465-240&apn_uid=9751643236134151&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2189224
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
SearchScopes: HKCU - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2189224
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=102&systemid=473&v=a11465-240&apn_uid=9751643236134151&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2189224
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6R8wtUhkJG&i=26
SearchScopes: HKCU - {D5C9B5D9-11FE-4563-8C7A-8261A720414D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ATU&o=14670&src=crm&q={searchTerms}&locale=de_US&apn_ptnrs=T8&apn_dtid=YYYYYYYYAT&apn_uid=aef807ee-0aa6-43d0-91df-462f3da46bf6&apn_sauid=9F3E3B09-2C3B-48DE-B468-1EA86A466BA2
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
BHO: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files\SiteRanker\SiteRank.dll (Crawler, LLC)
BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKCU - SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKCU - No Name - {6844D7D2-99A7-4BB2-84B6-E1B865860CC4} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://www.google.at/
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=102&systemid=473&v=a11465-240&apn_dtid=BND101&apn_ptnrs=AG1&apn_uid=9751643236134151&o=APN10640&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\inbox-suchen.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DealPly Shopping - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\amo@dealplyshopping.com [2013-05-07]
FF Extension: AppGraffiti - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\AppGraffiti@AppGraffiti.com [2014-04-11]
FF Extension: Babylon - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\ffxtlbr@babylon.com [2012-03-23]
FF Extension: Delta Toolbar - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\ffxtlbr@delta.com [2013-05-07]
FF Extension: incredibar.com - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\ffxtlbr@incredibar.com [2012-06-19]
FF Extension: PricePeep - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\pricepeep@getpricepeep.com [2013-05-07]
FF Extension: QuickShare Widget - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\{039e8069-7430-44ee-9a01-d35d8d80f284} [2013-05-07]
FF Extension: MAX DE Atube  - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\{6844d7d2-99a7-4bb2-84b6-e1b865860cc4} [2014-07-03]
FF Extension: Picjoke Informer - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\picjokeinformer@picjoke.net.xpi [2011-11-18]
FF Extension: PricePeep - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\pricepeep@getpricepeep.com.xpi [2013-04-30]
FF Extension: GMX MailCheck - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\toolbar@gmx.net.xpi [2012-05-05]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-10]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hm7775u7.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2011-05-09]
FF Extension: Kaspersky URL Advisor - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2014-06-18]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-18]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files\SiteRanker\firefox
FF Extension: SiteRanker - C:\Program Files\SiteRanker\firefox [2013-10-08]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-23]

Chrome: 
=======
CHR Extension: (AppGraffiti - Free Facebook Layouts) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\angobeimajilfhlcpeiccndaifchnppl [2013-05-17]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-01]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-01]
CHR Extension: (DealPly Brazil) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma [2013-05-07]
CHR Extension: (PricePeep) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb [2013-05-07]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-23]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-01]
CHR HKLM\...\Chrome\Extension: [angobeimajilfhlcpeiccndaifchnppl] - C:\Program Files\AppGraffiti\Chrome\graff_chr.crx [2013-01-30]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2013-01-30]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-23]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-23] (AVAST Software)
R2 SPAMfighter Update Service; C:\Program Files\Fighters\SPAMfighter\sfus.exe [216608 2013-01-15] (SPAMfighter ApS)
R2 Suite Service; C:\Program Files\Fighters\FighterSuiteService.exe [1270376 2012-11-12] (SPAMfighter ApS)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-06-23] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-06-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-06-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-06-23] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-06-23] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 NTGUARD; \??\C:\Program Files\A1 Internetschutz\bin\NTGUARD.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-09 16:07 - 2014-07-09 16:07 - 00024730 _____ () C:\Users\user\Desktop\FRST.txt
2014-07-09 16:07 - 2014-07-09 16:07 - 00000000 ____D () C:\FRST
2014-07-09 16:05 - 2014-07-09 16:06 - 01074688 _____ (Farbar) C:\Users\user\Desktop\FRST.exe
2014-07-09 16:04 - 2014-07-09 16:04 - 00000470 _____ () C:\Users\user\Desktop\defogger_disable.log
2014-07-09 16:04 - 2014-07-09 16:04 - 00000000 _____ () C:\Users\user\defogger_reenable
2014-07-09 15:57 - 2014-07-09 15:57 - 00050477 _____ () C:\Users\user\Desktop\Defogger.exe
2014-07-08 22:15 - 2014-07-08 22:15 - 00143600 _____ () C:\Windows\Minidump\070814-46519-01.dmp
2014-07-07 13:52 - 2014-07-08 19:08 - 00000000 ____D () C:\SUPERDelete
2014-07-07 13:50 - 2014-07-07 13:50 - 00001925 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-07-07 13:50 - 2014-07-07 13:50 - 00000000 ____D () C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com
2014-07-07 13:50 - 2014-07-07 13:50 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-07 13:50 - 2014-07-07 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-07 13:50 - 2014-07-07 13:50 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-07 13:49 - 2014-07-07 13:49 - 19987744 _____ (SUPERAntiSpyware) C:\Users\user\Downloads\SUPERAntiSpyware.exe
2014-07-07 13:46 - 2014-07-07 13:46 - 00139872 _____ () C:\Windows\Minidump\070714-15802-01.dmp
2014-06-27 13:01 - 2014-06-27 16:03 - 00000000 ____D () C:\Users\user\Desktop\König
2014-06-23 07:13 - 2014-06-23 07:13 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-23 07:13 - 2014-06-23 07:13 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-23 07:13 - 2014-06-23 07:13 - 00002083 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-23 07:13 - 2014-06-23 07:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\AVAST Software
2014-06-23 07:13 - 2014-06-23 07:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-23 07:13 - 2014-06-23 07:12 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403500406693
2014-06-23 07:13 - 2014-06-23 07:12 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-23 07:12 - 2014-06-23 07:13 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-23 07:12 - 2014-06-23 07:12 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403500406693
2014-06-23 07:12 - 2014-06-23 07:12 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-23 07:12 - 2014-06-23 07:12 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-23 07:12 - 2014-06-23 07:12 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-23 07:12 - 2014-06-23 07:12 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-23 07:12 - 2014-06-23 07:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-23 07:12 - 2014-06-23 07:12 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-23 07:12 - 2014-06-23 07:12 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-23 07:09 - 2014-06-23 07:10 - 94714880 _____ (AVAST Software) C:\Users\user\Downloads\avast_free_antivirus_setup_21514.exe
2014-06-18 08:06 - 2014-06-18 08:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-12 07:05 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 07:05 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 07:05 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 07:05 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 07:05 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 07:05 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 07:05 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 07:05 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 07:05 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 07:05 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 07:05 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 07:05 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 07:05 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 07:05 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 07:05 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 07:05 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 07:05 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 07:05 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 07:05 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 07:05 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 07:05 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 07:05 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 07:05 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 07:05 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 07:05 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 07:05 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 07:05 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 07:05 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 07:05 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 07:05 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 07:05 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 07:05 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 07:04 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 07:04 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 07:04 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 07:04 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 07:04 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

==================== One Month Modified Files and Folders =======

2014-07-09 16:07 - 2014-07-09 16:07 - 00024730 _____ () C:\Users\user\Desktop\FRST.txt
2014-07-09 16:07 - 2014-07-09 16:07 - 00000000 ____D () C:\FRST
2014-07-09 16:06 - 2014-07-09 16:05 - 01074688 _____ (Farbar) C:\Users\user\Desktop\FRST.exe
2014-07-09 16:04 - 2014-07-09 16:04 - 00000470 _____ () C:\Users\user\Desktop\defogger_disable.log
2014-07-09 16:04 - 2014-07-09 16:04 - 00000000 _____ () C:\Users\user\defogger_reenable
2014-07-09 15:57 - 2014-07-09 15:57 - 00050477 _____ () C:\Users\user\Desktop\Defogger.exe
2014-07-09 15:51 - 2010-05-03 13:32 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-09 15:44 - 2012-04-14 09:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-09 15:38 - 2010-05-03 18:21 - 01683471 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 15:30 - 2012-04-03 08:05 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-09 13:59 - 2009-07-14 06:34 - 00018800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-09 13:59 - 2009-07-14 06:34 - 00018800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-09 08:56 - 2014-05-03 08:46 - 00000000 ____D () C:\Users\user\AppData\Roaming\DropboxMaster
2014-07-09 08:56 - 2013-12-03 11:29 - 00000000 ___RD () C:\Users\user\Dropbox
2014-07-09 08:56 - 2013-12-03 11:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-07-09 08:10 - 2013-10-21 14:53 - 00136136 _____ () C:\Windows\setupact.log
2014-07-09 08:10 - 2012-04-03 08:05 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-09 08:10 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-08 22:32 - 2011-10-10 16:17 - 00073728 ___SH () C:\Users\user\Thumbs.db
2014-07-08 22:15 - 2014-07-08 22:15 - 00143600 _____ () C:\Windows\Minidump\070814-46519-01.dmp
2014-07-08 22:15 - 2013-11-06 14:12 - 469777904 _____ () C:\Windows\MEMORY.DMP
2014-07-08 22:15 - 2010-12-24 10:25 - 00000000 ____D () C:\Windows\Minidump
2014-07-08 20:03 - 2013-10-22 11:46 - 00483132 _____ () C:\Windows\PFRO.log
2014-07-08 19:08 - 2014-07-07 13:52 - 00000000 ____D () C:\SUPERDelete
2014-07-08 18:09 - 2011-08-19 13:41 - 00000000 ____D () C:\Program Files\Zylom Games
2014-07-08 18:07 - 2011-09-14 14:19 - 00000000 ____D () C:\ProgramData\Trymedia
2014-07-08 18:04 - 2011-05-04 15:07 - 00000000 ____D () C:\Users\user\AppData\Local\Conduit
2014-07-08 18:03 - 2014-01-09 09:02 - 00000000 ____D () C:\Users\user\AppData\Local\WebPlayer
2014-07-08 17:42 - 2010-08-25 07:30 - 05113344 ___SH () C:\Users\user\Desktop\Thumbs.db
2014-07-08 15:31 - 2010-06-16 07:20 - 00000000 ____D () C:\Users\user\Desktop\Linedance
2014-07-07 14:45 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-07-07 14:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-07-07 13:57 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-07-07 13:53 - 2010-11-03 19:54 - 00000000 ____D () C:\ProgramData\Fighters
2014-07-07 13:50 - 2014-07-07 13:50 - 00001925 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-07-07 13:50 - 2014-07-07 13:50 - 00000000 ____D () C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com
2014-07-07 13:50 - 2014-07-07 13:50 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-07 13:50 - 2014-07-07 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-07 13:50 - 2014-07-07 13:50 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-07 13:49 - 2014-07-07 13:49 - 19987744 _____ (SUPERAntiSpyware) C:\Users\user\Downloads\SUPERAntiSpyware.exe
2014-07-07 13:46 - 2014-07-07 13:46 - 00139872 _____ () C:\Windows\Minidump\070714-15802-01.dmp
2014-07-07 07:58 - 2013-02-15 16:02 - 00000000 ____D () C:\Program Files\SiteRanker
2014-07-03 15:48 - 2013-10-04 17:02 - 00000000 ____D () C:\Users\user\Desktop\Neuer Ordner
2014-07-01 08:25 - 2010-10-29 07:41 - 00000000 ____D () C:\Users\user\Documents\Telebanking privat
2014-06-27 16:03 - 2014-06-27 13:01 - 00000000 ____D () C:\Users\user\Desktop\König
2014-06-26 18:41 - 2010-12-24 09:41 - 00000000 ____D () C:\Users\user\AppData\Roaming\vlc
2014-06-24 15:39 - 2012-06-18 17:23 - 00000000 ____D () C:\Users\user\Documents\Angelika
2014-06-24 15:39 - 2010-10-11 07:36 - 00000000 ____D () C:\Users\user\Documents\Sandra
2014-06-24 07:54 - 2012-08-31 08:33 - 00000000 ____D () C:\Users\user\Documents\Martina
2014-06-23 07:13 - 2014-06-23 07:13 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-23 07:13 - 2014-06-23 07:13 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-23 07:13 - 2014-06-23 07:13 - 00002083 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-23 07:13 - 2014-06-23 07:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\AVAST Software
2014-06-23 07:13 - 2014-06-23 07:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-23 07:13 - 2014-06-23 07:12 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-23 07:12 - 2014-06-23 07:13 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403500406693
2014-06-23 07:12 - 2014-06-23 07:13 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-23 07:12 - 2014-06-23 07:12 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403500406693
2014-06-23 07:12 - 2014-06-23 07:12 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-23 07:12 - 2014-06-23 07:12 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-23 07:12 - 2014-06-23 07:12 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-23 07:12 - 2014-06-23 07:12 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-23 07:12 - 2014-06-23 07:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-23 07:12 - 2014-06-23 07:12 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-23 07:12 - 2014-06-23 07:12 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-23 07:11 - 2012-02-02 12:52 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-23 07:10 - 2014-06-23 07:09 - 94714880 _____ (AVAST Software) C:\Users\user\Downloads\avast_free_antivirus_setup_21514.exe
2014-06-19 10:24 - 2012-05-04 08:21 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-18 08:06 - 2014-06-18 08:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-13 13:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-13 07:37 - 2012-04-03 08:10 - 00002081 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-13 06:53 - 2014-05-06 21:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 18:13 - 2010-05-27 12:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 18:12 - 2013-08-14 18:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 18:10 - 2010-05-25 17:44 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\user\AppData\Local\Temp\Delta.exe
C:\Users\user\AppData\Local\Temp\DeltaTB.exe
C:\Users\user\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmp7euk.dll
C:\Users\user\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe
C:\Users\user\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe
C:\Users\user\AppData\Local\Temp\MybabylonTB.exe
C:\Users\user\AppData\Local\Temp\rad4B190.tmp_update.exe
C:\Users\user\AppData\Local\Temp\tbMAX_.dll
C:\Users\user\AppData\Local\Temp\WSSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 12:23

==================== End Of Log ============================
Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-07-2014
Ran by user at 2014-07-09 16:08:14
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
AppGraffiti (HKLM\...\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1) (Version: 1.0.0.33 - Omega Partners Ltd)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2018 - Avast Software)
Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Connect Label Design software (HKLM\...\Connect Label Design software) (Version:  - )
Corel Applications (HKLM\...\Corel Applications) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GMX MediaCenter 1.6.2863.0 (HKCU\...\GMX Application {sync-000021}) (Version: 1.6.2863.0 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HERMA Label Designer plus 1.1 (HKLM\...\{7DA64485-2CEE-4F7B-84AB-B287236703B6}) (Version: 1.00.0000 - HERMA GmbH)
Inbox Toolbar (HKLM\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 2.0.0.55 - Inbox.com, Inc.)
Internet Software (HKLM\...\Internet Software) (Version: 8.0.0.40 - A1 Telekom Austria AG)
Internet Software (Version: 8.0.0.40 - A1 Telekom Austria AG) Hidden
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KONICA MINOLTA PageScope Box Operator 3.2.04000 (HKLM\...\{2F892D3E-3F96-4518-B715-F8D5A6E256DF}) (Version: 3.2.04000 - KONICA MINOLTA)
Medienmanager 1.3.0 (HKLM\...\8781-9705-0578-2960) (Version: 1.3.0 - A1 Telekom Austria AG)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2000 Disc 2 (HKLM\...\{00040407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PrintMaster Gold 4.00 (HKLM\...\PrintMaster Gold 4.00) (Version:  - )
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Servicecenter (HKLM\...\Servicecenter) (Version: 1.0.0.8 - A1 Telekom Austria AG)
Servicecenter (Version: 1.0.0.8 - A1 Telekom Austria AG) Hidden
SierraHome Print Artist 8 (HKLM\...\Print Artist 8) (Version:  - )
SiteRanker (HKLM\...\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1) (Version: 1.0.0.29 - Crawler, LLC)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Socialbox (HKLM\...\com.socialbox.socialbox) (Version: 2.114.2 - Zoosk, Inc.)
Socialbox (Version: 2.114.2 - Zoosk, Inc.) Hidden
SPAMfighter (HKLM\...\SPAMfighter) (Version: 7.6.14 - Spamfighter ApS)
SPAMfighter (Version: 7.6.14 - Spamfighter ApS) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.23 - Piriform)
SweetIM for Messenger 3.3 (HKLM\...\{1D301950-EA2F-4882-9AA0-49467756842A}) (Version: 3.3.0007 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetIM Toolbar for Internet Explorer 3.9 (HKLM\...\{F93D2591-8201-4692-BD8D-67A0BFAC9C14}) (Version: 3.9.0009 - SweetIM Technologies Ltd.) <==== ATTENTION
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 1.1.9 (HKLM\...\VLC media player) (Version: 1.1.9 - VideoLAN)

==================== Restore Points  =========================

21-06-2014 07:06:13 Windows Update
23-06-2014 05:02:53 avast! antivirus system restore point
23-06-2014 05:12:06 avast! antivirus system restore point
23-06-2014 05:16:19 Windows-Sicherung
25-06-2014 05:04:15 Windows Update
30-06-2014 06:09:53 Windows-Sicherung
01-07-2014 06:05:17 Windows Update
05-07-2014 07:10:53 Windows Defender Checkpoint
07-07-2014 06:08:21 Windows-Sicherung
08-07-2014 15:59:22 Removed Apple Software Update
08-07-2014 16:00:56 Removed Apple Application Support
08-07-2014 16:03:57 Removed Fusion Booster 2.0
08-07-2014 16:07:38 Removed SweetIM for Messenger 3.3
08-07-2014 16:08:37 Removed SweetIM for Messenger 3.3
08-07-2014 16:09:57 Avery Wizard 3.1 wurde entfernt.

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {013677C7-2565-4A00-A162-D3E9E595122E} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\user\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION
Task: {0CD2CE35-16CB-4D52-80C8-22AACE5C8EE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-03] (Google Inc.)
Task: {0D7FA0E4-4419-4B74-B251-4CE5AB5E0291} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-23] (AVAST Software)
Task: {6208C104-BE88-410B-BA9A-3F629B74045C} - System32\Tasks\{400746A2-58DE-4B25-8D6B-FF032BBAD316} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {64BAEC2B-C36B-4217-8222-74C210EE7120} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-03] (Google Inc.)
Task: {BBAEAE3C-B1F1-4F60-9AAF-6CB5D78BFA7A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {BE7D0EE4-29B1-4C79-9626-CD0475A964A3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {F04C08E9-E650-4933-AF68-9C502B4F65BD} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-08 15:19 - 2014-07-08 15:19 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070800\algo.dll
2014-07-09 08:55 - 2014-07-09 08:55 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070801\algo.dll
2014-07-09 12:56 - 2014-07-09 12:56 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070900\algo.dll
2009-10-01 06:07 - 2010-06-11 09:12 - 00011264 _____ () C:\Windows\System32\KOAZ8J_L.DLL
2009-08-10 08:50 - 2010-06-11 09:12 - 00868352 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\KOAZ8J_O.DLL
2007-08-21 17:57 - 2007-08-21 17:57 - 00053248 _____ () C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\MCharSet.dll
2007-08-21 17:57 - 2007-08-21 17:57 - 00126976 _____ () C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\KMENC.dll
2007-08-21 17:57 - 2007-08-21 17:57 - 00061440 _____ () C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\KMAESLib.dll
2013-01-15 19:02 - 2013-01-15 19:02 - 00541216 _____ () C:\Program Files\Fighters\SPAMfighter\sfsg.dll
2013-01-15 19:02 - 2013-01-15 19:02 - 00966688 _____ () C:\Program Files\Fighters\SPAMfighter\sfse.dll
2014-06-23 07:12 - 2014-06-23 07:12 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-09 08:11 - 2014-07-09 08:11 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmp7euk.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-18 08:06 - 2014-06-18 08:06 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-07-09 15:57 - 2014-07-09 15:57 - 00050477 _____ () C:\Users\user\Desktop\Defogger.exe

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2014 00:25:02 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (07/08/2014 08:33:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba10
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000578e
ID des fehlerhaften Prozesses: 0x3c8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3

Error: (07/08/2014 00:23:48 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (07/07/2014 08:13:19 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"

Error: (07/05/2014 09:10:53 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {87f05910-1a75-421f-bc8c-5d60b24f5190}

Error: (07/04/2014 08:17:45 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (07/01/2014 10:06:39 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (07/01/2014 08:48:25 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (06/30/2014 00:46:36 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (06/30/2014 08:14:36 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"


System errors:
=============
Error: (07/09/2014 08:10:31 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (07/09/2014 08:10:31 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (07/08/2014 10:29:43 PM) (Source: Microsoft-Windows-Application-Experience) (EventID: 205) (User: NT-AUTORITÄT)
Description: Der Dienst "Programmkompatibilitäts-Assistent" konnte Phase 2 nicht initialisieren.

Error: (07/08/2014 10:15:36 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000008e (0xc0000005, 0x9481d205, 0xa9233c10, 0x00000000)C:\Windows\MEMORY.DMP070814-46519-01

Error: (07/08/2014 10:15:30 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (07/08/2014 10:15:30 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (07/08/2014 10:15:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎07.‎2014 um 22:12:54 unerwartet heruntergefahren.

Error: (07/08/2014 08:34:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/08/2014 08:34:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Enumeratordienst für tragbare Geräte" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/08/2014 08:34:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (03/31/2014 00:27:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6676.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4694 seconds with 3780 seconds of active time.  This session ended with a crash.

Error: (07/10/2012 05:59:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 35035 seconds with 780 seconds of active time.  This session ended with a crash.

Error: (06/21/2012 06:58:24 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/20/2012 03:01:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 28 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/04/2012 07:05:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/05/2012 09:37:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/23/2012 06:59:00 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/15/2010 09:58:23 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 22 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/15/2010 09:57:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3781 seconds with 540 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 50%
Total physical RAM: 3071.24 MB
Available physical RAM: 1508.92 MB
Total Pagefile: 6140.77 MB
Available Pagefile: 4411.53 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:118.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 28A0FB93)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================
und Gmer: (hat aber erst im abgesichertem Modus funktioniert)
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-09 17:11:46
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\0000005c WDC_WD32 rev.01.0 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\user\AppData\Local\Temp\kxldapob.sys


---- Kernel code sections - GMER 2.1 ----

.text  ntkrnlpa.exe!ZwRollbackEnlistment + 142D  85082A15 1 Byte  [06]
.text  ntkrnlpa.exe!KiDispatchInterrupt + 5A2    850BC212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- EOF - GMER 2.1 ----
Ich weiß jetzt noch nicht, ob die Viren weg sind. Der PC läuft normal, aber ich habe gestern noch einen Scan laufen lassen und es hat wieder etwas gefunden. Wieder von Win32:Somoto-J (PUP)

Danke für die Hilfe schon im Voraus!

 

Themen zu Windows 7: Avast! hat Win32:Somoto gefunden
conduit.search, conduit.search entfernen, log-datei, win32/bundled.toolbar.ask, win32/bundled.toolbar.ask.d, win32/bundled.toolbar.ask.f, win32/bundled.toolbar.google.d, win32/bundled.toolbar.google.e, win32/conduit.searchprotect.n, win32/dealply.e, win32/dealply.j, win32/installcore.a, win32/keygen.ao, win32/soft32downloader.c, win32/somoto.a, win32/somoto.d, win32/toolbar.babylon.f, win32/toolbar.conduit.b, win32/toolbar.conduit.y, win32/toolbar.inbox.h, win32/toolbar.montiera.a, win32/toolbar.perion.a, win32/toolbar.perion.g, win32/toolbar.searchsuite.c, win32/toolbar.searchsuite.m, win64/24x7help.a, ändern


« SergeLeLama.vbs im autostart und verschiedene nicht zu beendende Prozesse | Netbook fährt extrem langsam hoch und auch die Programme laden langsam »


Ähnliche Themen: Windows 7: Avast! hat Win32:Somoto gefunden


  1. Windows 7, Avast hat Win32: Trojan-gen gefunden.
    Plagegeister aller Art und deren Bekämpfung - 24.06.2015 (22)
  2. PUA Somoto.Gen2 von Avira gefunden - Windows 8
    Log-Analyse und Auswertung - 21.03.2015 (28)
  3. Win32: Malware-gen / Win32: Trojan-gen bei Routinescan mit AVAST gefunden! Fehlalarm?
    Plagegeister aller Art und deren Bekämpfung - 17.02.2015 (5)
  4. Win32:rootkit-gen [RtK] durch Avast gefunden.
    Plagegeister aller Art und deren Bekämpfung - 05.02.2015 (5)
  5. APPL/Somoto.hzis mit Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.10.2014 (9)
  6. PUP.Optional.Somoto gefunden
    Log-Analyse und Auswertung - 04.06.2014 (3)
  7. Win 8.1: Avast meldet Iframe-inf, JS: Agent-CYP und Somoto-J
    Log-Analyse und Auswertung - 05.05.2014 (7)
  8. Bootscan Avast Virus Names Win32:Somoto-J gefunden
    Log-Analyse und Auswertung - 18.03.2014 (12)
  9. Mit Avast bei Boot-Scan viele Somoto-C,J,F / Maleware GEN gefunden!
    Plagegeister aller Art und deren Bekämpfung - 06.12.2013 (14)
  10. Win32:rootkit-gen [Rtk] von avast! gefunden - Wie werde ich den wieder los?
    Log-Analyse und Auswertung - 19.11.2013 (9)
  11. Zuerst avast Warnung wegen win32:evo-gen susp, dann hat Malwarebytes 2 infizierte Dateien gefunden
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (9)
  12. XingHaoLyrics; WIN32 Somoto - B/J [PUP]; etc
    Log-Analyse und Auswertung - 26.07.2013 (15)
  13. win32:evo-gen durch Avast gefunden! Alle Internetseiten von Google gesperrt!
    Plagegeister aller Art und deren Bekämpfung - 15.02.2013 (13)
  14. Malwarebytes hat ausgehenden port 8 blockiert - avast hat im win temp Ordner Win32:Downloader-MIU gefunden
    Log-Analyse und Auswertung - 23.12.2012 (14)
  15. Win32:Rootkit-gen (rtk) von Avast gefunden...was ist zu tun?
    Plagegeister aller Art und deren Bekämpfung - 30.10.2011 (36)
  16. AVast hat Win32:Trojan-gen{other} gefunden. Bitte um Hilfe
    Log-Analyse und Auswertung - 01.07.2008 (12)
  17. Win32:TratBHO von Avast gefunden
    Plagegeister aller Art und deren Bekämpfung - 08.01.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Avast! hat Win32:Somoto gefunden - Hallo! Am 7.7.14 hat sich mein Computer plötzlicherweise von alleine heruntergefahren. Als dies ein zweites Mal passiert ist, habe ich gelesen, dass Windows das aus Sicherheitsgründen selbst gemacht hat. Daraufhin - Windows 7: Avast! hat Win32:Somoto gefunden...
Archiv
Du betrachtest: Windows 7: Avast! hat Win32:Somoto gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131