Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.12.2014, 14:02   #1
nini555
 
Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Hallo liebe Forenmitglieder,
ich weiß, das Problem wurde gerade erst besprochen aber da ich leider bei dem Tread nicht direkt Antworten konnte muss ich leider einen Neuen aufmachen.
Leider habe ich mir letzte Woche auch einen Programm geladen und da zu noch ein paar unerwünschte dazu bekommen. Damit ich die gleich wieder los werde habe ich diese mit Revo Uninstaler gleich wieder löschen wollen.
Das Ergebnis war leider, das der Bildschirm/Desktop seit dem schwarz ist und ich nur noch das Fenster vom Arbeitsplatz geöffnet habe.
Mein erster Verdacht war, dass ich vielleicht etwas von Windows mit gelöscht haben könnte. Daher habe ich zu erst das System wieder zurücksetzten lassen, dann Windows versucht zu reperieren auch über CD. Hat leider nichts geholfen.
Dan habe ich den Tread hier gefunden und fleißig mit gemacht soweit ich es als unwissendes Wessen hinbekommen habe.
Geholfen hat es leider auch nicht, daher frage ich nun euch doch noch direkt um Hilfe an.


Also die erste Meldung von FRST sah wie folgt aus:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014
Ran by Nini (administrator) on JANINE-PC on 07-12-2014 09:42:34
Running from E:\
Loaded Profile: Nini (Available profiles: Janine & UpdatusUser & Nini & Administrator & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762224 2009-06-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe [851632 2014-07-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\...\MountPoints2: {7c691095-9f5c-11e2-8bba-001fd0946bf9} - E:\pushinst.exe
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\...\MountPoints2: {983e5de1-bf15-11de-a9df-c0648ec021b2} - E:\LaunchU3.exe -a
Startup: C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\Janine\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-507852487-1521238306-3764321456-1004] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-507852487-1521238306-3764321456-1004] => http=127.0.0.1:49173;https=127.0.0.1:49173
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFB04E8402B7DCE01
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-507852487-1521238306-3764321456-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Feven Pro 1.2 -> {11111111-1111-1111-1111-110511161182} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> c:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: TrustMediaViewerV1alpha5271 -> {de489fd6-d184-4eb2-b980-d3e8f71c6e45} -> C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha5271\ie\TrustMediaViewerV1alpha5271x64.dll ()
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: BlockAndSurf -> {C29E789C-DCB6-4B82-88C0-D5046D2C8FF6} -> C:\Program Files (x86)\di8BlockAndSurf\175.dll No File
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 07 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\user.js
FF Extension: Adblock Plus - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-05]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-08-10]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-08-10]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta2061.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta2061\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha501.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha501\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha216.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha216\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha329.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha329\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha4611.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4611\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home63.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home63\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode1096.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode1096\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release5650.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release5650\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha5271.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha5271\ff
FF Extension: Trust Media Viewer - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha5271\ff [2014-06-28]
FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla FireFox\extensions\termtutor@termtutor.com
FF HKU\S-1-5-21-507852487-1521238306-3764321456-1004\...\Firefox\Extensions: [{39207FA9-632F-58D1-AE46-2F7C370FBF59}] - C:\Program Files (x86)\di8BlockAndSurf\175.xpi
FF Extension: No Name - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com [Not Found]
FF Extension: No Name - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com [Not Found]
FF Extension: No Name - C:\Program Files\Nightly\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Google Docs) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-11]
CHR Extension: (Google Drive) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-11]
CHR Extension: (Adblock Plus) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-05]
CHR Extension: (Google-Suche) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-11]
CHR Extension: (Trust Media Viewer) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\inleambckaaohcdcbmhnbklmakeccnei [2014-06-28]
CHR Extension: (BlockAndSurf) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\jlkgbgijaaodbhoacnechcehepdfganc [2014-07-15]
CHR Extension: (Google Wallet) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Google Mail) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [bcpbcngonbobipkhkdkfffkgpmnmeola] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release5650\ch\RichMediaViewV1release5650.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bgnnkhlplihnikcljmlfleknmajpdieg] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta2061\ch\VideoPlayerV3beta2061.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bjhjcbjpdohojlfpalfnediiibbdkabh] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode1096\ch\MediaBuzzV1mode1096.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dopemniaeocfenlpnoannaefnhfcjcgi] - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Extensions\searchswitch.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ejgjpkdliopkjhenfaioejboibiagbcc] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha216\ch\MediaViewerV1alpha216.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gmpcjdhphhdfnflcgpgeneojihpojidm] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4611\ch\MediaViewV1alpha4611.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [goodaalebnjpdnjgbjpbbllmmphdbgmi] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha329\ch\MediaViewV1alpha329.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [inleambckaaohcdcbmhnbklmakeccnei] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha5271\ch\TrustMediaViewerV1alpha5271.crx [2014-06-26]
CHR HKLM-x32\...\Chrome\Extension: [lehbeodgjfnoeiaonejbbdeebmmknjlj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home63\ch\MediaWatchV1home63.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S4 LicCtrlService; C:\Windows\runservice.exe [2560 2011-07-17] () [File not signed]
S4 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-05-25] ()
S4 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [430888 2014-08-08] ()
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [311968 2013-03-25] ()
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\DRIVERS\BrUsbSer.sys [19584 2006-09-02] (Brother Industries Ltd.) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2013-03-17] ()
S3 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-15] (CACE Technologies, Inc.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S1 ttnfd; system32\drivers\ttnfd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 09:42 - 2014-12-07 09:42 - 00000000 ____D () C:\FRST
2014-12-06 14:01 - 2014-12-06 14:01 - 00006144 ____N () C:\bootex.log
2014-12-06 14:01 - 2014-12-06 14:01 - 00003560 ____N () C:\bootsqm.dat
2014-12-06 11:10 - 2014-12-06 11:10 - 00000000 ____D () C:\OETemp
2014-12-06 10:13 - 2014-12-06 10:13 - 00003318 _____ () C:\Users\Nini\Desktop\Windows-Kompatibilitätsbericht.htm
2014-12-06 08:50 - 2014-12-06 10:20 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-12-06 08:50 - 2014-12-06 10:20 - 00001908 _____ () C:\Windows\diagerr.xml
2014-11-29 16:19 - 2014-12-06 09:09 - 00000338 _____ () C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2014-11-29 16:19 - 2014-11-30 19:46 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2014-11-29 16:19 - 2014-11-29 16:19 - 00004324 _____ () C:\Windows\System32\Tasks\RocketTab Update Task
2014-11-29 16:19 - 2014-11-29 16:19 - 00003538 _____ () C:\Windows\System32\Tasks\RocketTab
2014-11-29 16:19 - 2014-11-29 16:19 - 00002718 _____ () C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator
2014-11-29 16:18 - 2014-11-30 00:47 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-11-29 16:18 - 2014-11-29 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
2014-11-23 14:12 - 2014-11-23 14:12 - 00349944 _____ () C:\Users\Nini\Downloads\Nicht bestätigt 867825.crdownload
2014-11-19 22:16 - 2014-11-19 22:16 - 00049525 _____ () C:\Users\Nini\Downloads\Liste- Schulen - Tag der offenen Tür (2)
2014-11-10 19:29 - 2014-11-10 19:29 - 00049525 _____ () C:\Users\Nini\Downloads\Liste- Schulen - Tag der offenen Tür (1)
2014-11-10 19:25 - 2014-11-10 19:25 - 00049525 _____ () C:\Users\Nini\Downloads\Liste- Schulen - Tag der offenen Tür
2014-11-08 09:58 - 2014-12-06 11:06 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-11-08 09:58 - 2014-11-08 09:58 - 00000000 ____D () C:\ProgramData\374311380
2014-11-08 09:56 - 2014-11-08 09:56 - 00000000 ____D () C:\Users\Nini\Documents\Optimizer Pro
2014-11-08 09:51 - 2014-12-06 10:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla FireFox
2014-11-08 08:59 - 2014-12-06 11:09 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-11-08 08:59 - 2014-11-29 16:50 - 00000125 ___SH () C:\ProgramData\.zreglib


==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 09:40 - 2013-04-04 19:27 - 00000000 ____D () C:\Users\Nini\AppData\Roaming\vlc
2014-12-07 09:03 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 09:03 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 08:56 - 2014-01-29 16:11 - 00002096 __RSH () C:\ProgramData\ntuser.pol
2014-12-06 15:32 - 2013-08-15 08:15 - 00000000 ____D () C:\Users\Nini\AppData\Local\TubeBox
2014-12-06 15:32 - 2013-01-12 10:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-06 15:32 - 2013-01-12 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freetec
2014-12-06 15:22 - 2009-10-22 11:48 - 01786125 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 15:20 - 2013-11-12 20:07 - 00001264 _____ () C:\Users\Nini\Desktop\Revo Uninstaller.lnk
2014-12-06 15:20 - 2013-01-12 10:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-06 10:54 - 2013-08-15 07:34 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-06 10:54 - 2010-03-08 06:07 - 00869324 _____ () C:\Windows\PFRO.log
2014-12-06 10:51 - 2013-08-15 07:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-06 10:51 - 2012-09-08 06:18 - 00000000 ____D () C:\ProgramData\Avira
2014-12-06 10:21 - 2013-04-03 14:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 10:21 - 2011-07-17 07:06 - 00000609 ___SH () C:\Windows\SysWOW64\mmf.sys
2014-12-06 10:21 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 10:21 - 2009-07-14 05:51 - 00001197 _____ () C:\Windows\setupact.log
2014-12-06 09:36 - 2013-04-03 14:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-06 08:50 - 2009-07-14 05:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-06 08:39 - 2009-07-14 18:58 - 00653928 _____ () C:\Windows\system32\perfh007.dat
2014-12-06 08:39 - 2009-07-14 18:58 - 00129800 _____ () C:\Windows\system32\perfc007.dat
2014-12-06 08:39 - 2009-07-14 06:13 - 01498506 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-01 16:14 - 2013-04-04 19:27 - 00000000 ____D () C:\Users\Nini\AppData\Roaming\dvdcss
2014-11-30 00:53 - 2009-10-22 11:54 - 00000000 __SHD () C:\Recovery
2014-11-30 00:48 - 2013-04-02 20:00 - 00000000 ____D () C:\Users\Nini
2014-11-30 00:47 - 2013-04-02 15:02 - 00000000 ____D () C:\Users\Gast
2014-11-30 00:47 - 2013-03-25 13:11 - 00000000 ____D () C:\Users\Administrator
2014-11-30 00:47 - 2011-11-08 10:15 - 00000000 ____D () C:\Program Files (x86)\JLC's Software
2014-11-30 00:47 - 2010-11-22 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-11-30 00:47 - 2010-11-22 11:53 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-11-30 00:47 - 2009-10-22 11:54 - 00000000 ____D () C:\Users\Janine
2014-11-30 00:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-25 23:39 - 2014-03-11 17:14 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-19 22:39 - 2010-04-02 13:42 - 00000034 _____ () C:\Windows\cdplayer.ini
2014-11-15 11:31 - 2013-04-03 14:02 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 11:31 - 2013-04-03 14:02 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-08 09:58 - 2014-07-08 18:29 - 00000000 ____D () C:\ProgramData\SlySoft

Some content of TEMP:
====================
C:\Users\Janine\AppData\Local\Temp\AskSLib.dll
C:\Users\Janine\AppData\Local\Temp\drm_dyndata_7380009.dll
C:\Users\Janine\AppData\Local\Temp\drm_dyndata_7390004.dll
C:\Users\Janine\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Janine\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Janine\AppData\Local\Temp\wajam_install.exe
C:\Users\Janine\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Nini\AppData\Local\Temp\3P9LLoading.EXE
C:\Users\Nini\AppData\Local\Temp\avgnt.exe
C:\Users\Nini\AppData\Local\Temp\DownloadManager.exe
C:\Users\Nini\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Nini\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Nini\AppData\Local\Temp\htmlayout.dll
C:\Users\Nini\AppData\Local\Temp\Player_Setup(1).exe
C:\Users\Nini\AppData\Local\Temp\PreExe_ID_13296.exe
C:\Users\Nini\AppData\Local\Temp\Quarantine.exe
C:\Users\Nini\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Nini\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Nini\AppData\Local\Temp\SecurityUtility.exe
C:\Users\Nini\AppData\Local\Temp\Setup(1).exe
C:\Users\Nini\AppData\Local\Temp\Setup.exe
C:\Users\Nini\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Nini\AppData\Local\Temp\System.Data.SQLiteea1b056f-d1e3-4476-b0b2-a3fd3cf497df.dll
C:\Users\Nini\AppData\Local\Temp\tmp90E8.exe
C:\Users\Nini\AppData\Local\Temp\toolbar377900.exe
C:\Users\Nini\AppData\Local\Temp\toolbar378944.exe
C:\Users\Nini\AppData\Local\Temp\toolbar455739.exe
C:\Users\Nini\AppData\Local\Temp\uninstall-updater1453169.exe
C:\Users\Nini\AppData\Local\Temp\uninstall.exe
C:\Users\Nini\AppData\Local\Temp\uninstall1472504.exe
C:\Users\Nini\AppData\Local\Temp\uninstall1472597.exe
C:\Users\Nini\AppData\Local\Temp\uninstall1515164.exe
C:\Users\Nini\AppData\Local\Temp\uninstall1525700.exe
C:\Users\Nini\AppData\Local\Temp\uninstall1525747.exe
C:\Users\Nini\AppData\Local\Temp\vp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-06 09:08

==================== End Of Log ============================





Diese Komische Speed UP Programm hat mir das Uninstalprogramm leider nicht angezeigt, daher habe ich es so versucht zu löschen. Mit wenig Erfolg wie es scheint.

Die Ausgabe von AdwCleaner sah wie folgt aus:

# AdwCleaner v4.104 - Bericht erstellt am 07/12/2014 um 10:38:14
# Aktualisiert 05/12/2014 von Xplode
# Database : 2014-12-01.1 [Local]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Nini - JANINE-PC
# Gestartet von : E:\AdwCleaner_4.104.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : pcsuservice

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
Ordner Gelöscht : C:\Program Files (x86)\pc speed up
Ordner Gelöscht : C:\Users\Nini\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Ordner Gelöscht : C:\Users\Nini\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkgbgijaaodbhoacnechcehepdfganc
[/!\] Nicht Gelöscht ( Junction ) : C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkgbgijaaodbhoacnechcehepdfganc
Datei Gelöscht : C:\Users\Nini\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Windows\System32\drivers\webinstr.sys
Datei Gelöscht : C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\user.js
Datei Gelöscht : C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage
Datei Gelöscht : C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : PC SpeedUp Service Deactivator
Task Gelöscht : RocketTab Update Task
Task Gelöscht : RocketTab

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{39207FA9-632F-58D1-AE46-2F7C370FBF59}]
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKCU\Software\Boost
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Speedchecker Limited
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Boost
Schlüssel Gelöscht : HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : HKLM\SOFTWARE\TermTutor
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16421


-\\ Mozilla Firefox v20.0.1 (de)

[mnz40fks.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[mnz40fks.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
[mnz40fks.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v39.0.2171.71


*************************

AdwCleaner[R0].txt - [34257 octets] - [31/07/2014 12:50:04]
AdwCleaner[R1].txt - [10544 octets] - [07/12/2014 10:08:48]
AdwCleaner[R2].txt - [7595 octets] - [07/12/2014 10:35:54]
AdwCleaner[S0].txt - [30521 octets] - [31/07/2014 12:51:21]
AdwCleaner[S1].txt - [7129 octets] - [07/12/2014 10:38:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7189 octets] ##########






Junkeware Removal hat mir das folgende ausgegeben:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Professional x64
Ran by Nini on 07.12.2014 at 10:42:19,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update greygray
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util greygray
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9"



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.12.2014 at 10:45:13,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




MBAM habe ich zwar gemacht aber die Txt. Datei vergessen zu speichen. Schuldigung.


Danach sah das FRST wie folgt aus:


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01
Ran by Nini (administrator) on JANINE-PC on 07-12-2014 11:29:25
Running from E:\
Loaded Profile: Nini (Available profiles: Janine & UpdatusUser & Nini & Administrator & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762224 2009-06-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe [851632 2014-07-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S1].txt
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\...\MountPoints2: {7c691095-9f5c-11e2-8bba-001fd0946bf9} - E:\pushinst.exe
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\...\MountPoints2: {983e5de1-bf15-11de-a9df-c0648ec021b2} - E:\LaunchU3.exe -a
Startup: C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\Janine\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-507852487-1521238306-3764321456-1004] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-507852487-1521238306-3764321456-1004] => http=127.0.0.1:49173;https=127.0.0.1:49173
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFB04E8402B7DCE01
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-507852487-1521238306-3764321456-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> c:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 07 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-05]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-08-10]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-08-10]
FF Extension: No Name - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com [Not Found]
FF Extension: No Name - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com [Not Found]
FF Extension: No Name - C:\Program Files\Nightly\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Google Docs) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-11]
CHR Extension: (Google Drive) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-11]
CHR Extension: (Adblock Plus) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-05]
CHR Extension: (Google-Suche) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-11]
CHR Extension: (Trust Media Viewer) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\inleambckaaohcdcbmhnbklmakeccnei [2014-06-28]
CHR Extension: (Google Wallet) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Google Mail) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [bcpbcngonbobipkhkdkfffkgpmnmeola] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release5650\ch\RichMediaViewV1release5650.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bgnnkhlplihnikcljmlfleknmajpdieg] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta2061\ch\VideoPlayerV3beta2061.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bjhjcbjpdohojlfpalfnediiibbdkabh] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode1096\ch\MediaBuzzV1mode1096.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dopemniaeocfenlpnoannaefnhfcjcgi] - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Extensions\searchswitch.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ejgjpkdliopkjhenfaioejboibiagbcc] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha216\ch\MediaViewerV1alpha216.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gmpcjdhphhdfnflcgpgeneojihpojidm] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4611\ch\MediaViewV1alpha4611.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [goodaalebnjpdnjgbjpbbllmmphdbgmi] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha329\ch\MediaViewV1alpha329.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [inleambckaaohcdcbmhnbklmakeccnei] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha5271\ch\TrustMediaViewerV1alpha5271.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lehbeodgjfnoeiaonejbbdeebmmknjlj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home63\ch\MediaWatchV1home63.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

S4 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
S4 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S4 LicCtrlService; C:\Windows\runservice.exe [2560 2011-07-17] ()
S4 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-05-25] ()
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [311968 2013-03-25] ()
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2013-03-17] ()
S3 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-15] (CACE Technologies, Inc.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 11:28 - 2014-12-07 11:29 - 00000000 ____D () C:\FRST
2014-12-07 11:24 - 2014-12-07 11:24 - 00000492 _____ () C:\DelFix.txt
2014-12-07 10:42 - 2014-12-07 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-12-07 10:31 - 2014-12-07 11:25 - 00000000 ____D () C:\Users\Nini\rechner wieder Her
2014-12-07 10:10 - 2014-12-07 10:34 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-07 10:09 - 2014-12-07 10:09 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-07 10:09 - 2014-12-07 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-12-07 10:09 - 2014-12-07 10:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-07 10:09 - 2014-12-07 10:09 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-12-07 10:09 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-07 10:09 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-07 10:09 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-06 14:01 - 2014-12-06 14:01 - 00003560 ____N () C:\bootsqm.dat
2014-12-06 11:10 - 2014-12-06 11:10 - 00000000 ____D () C:\OETemp
2014-12-06 10:13 - 2014-12-06 10:13 - 00003318 _____ () C:\Users\Nini\Desktop\Windows-Kompatibilitätsbericht.htm
2014-12-06 08:50 - 2014-12-06 10:20 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-12-06 08:50 - 2014-12-06 10:20 - 00001908 _____ () C:\Windows\diagerr.xml
2014-11-08 09:58 - 2014-12-06 11:06 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-11-08 09:51 - 2014-12-06 10:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla FireFox
2014-11-08 08:59 - 2014-12-06 11:09 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-11-08 08:59 - 2014-11-29 16:50 - 00000125 ___SH () C:\ProgramData\.zreglib

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 11:23 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 11:23 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 11:17 - 2013-04-03 14:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 11:16 - 2014-01-29 16:11 - 00002096 __RSH () C:\ProgramData\ntuser.pol
2014-12-07 11:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 10:39 - 2010-03-08 06:07 - 00905658 _____ () C:\Windows\PFRO.log
2014-12-07 10:37 - 2013-04-03 14:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 10:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-12-07 10:31 - 2013-04-02 20:00 - 00000000 ____D () C:\Users\Nini
2014-12-07 09:40 - 2013-04-04 19:27 - 00000000 ____D () C:\Users\Nini\AppData\Roaming\vlc
2014-12-06 15:32 - 2013-08-15 08:15 - 00000000 ____D () C:\Users\Nini\AppData\Local\TubeBox
2014-12-06 15:32 - 2013-01-12 10:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-06 15:32 - 2013-01-12 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freetec
2014-12-06 15:22 - 2009-10-22 11:48 - 01786125 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 15:20 - 2013-11-12 20:07 - 00001264 _____ () C:\Users\Nini\Desktop\Revo Uninstaller.lnk
2014-12-06 15:20 - 2013-01-12 10:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-06 10:54 - 2013-08-15 07:34 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-06 10:51 - 2013-08-15 07:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-06 10:51 - 2012-09-08 06:18 - 00000000 ____D () C:\ProgramData\Avira
2014-12-06 10:21 - 2011-07-17 07:06 - 00000609 ___SH () C:\Windows\SysWOW64\mmf.sys
2014-12-06 10:21 - 2009-07-14 05:51 - 00001197 _____ () C:\Windows\setupact.log
2014-12-06 08:50 - 2009-07-14 05:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-06 08:39 - 2009-07-14 18:58 - 00653928 _____ () C:\Windows\system32\perfh007.dat
2014-12-06 08:39 - 2009-07-14 18:58 - 00129800 _____ () C:\Windows\system32\perfc007.dat
2014-12-06 08:39 - 2009-07-14 06:13 - 01498506 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-01 16:14 - 2013-04-04 19:27 - 00000000 ____D () C:\Users\Nini\AppData\Roaming\dvdcss
2014-11-30 00:53 - 2009-10-22 11:54 - 00000000 __SHD () C:\Recovery
2014-11-30 00:47 - 2013-04-02 15:02 - 00000000 ____D () C:\Users\Gast
2014-11-30 00:47 - 2013-03-25 13:11 - 00000000 ____D () C:\Users\Administrator
2014-11-30 00:47 - 2011-11-08 10:15 - 00000000 ____D () C:\Program Files (x86)\JLC's Software
2014-11-30 00:47 - 2010-11-22 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-11-30 00:47 - 2010-11-22 11:53 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-11-30 00:47 - 2009-10-22 11:54 - 00000000 ____D () C:\Users\Janine
2014-11-30 00:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-25 23:39 - 2014-03-11 17:14 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-19 22:39 - 2010-04-02 13:42 - 00000034 _____ () C:\Windows\cdplayer.ini
2014-11-15 11:31 - 2013-04-03 14:02 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 11:31 - 2013-04-03 14:02 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-08 09:58 - 2014-07-08 18:29 - 00000000 ____D () C:\ProgramData\SlySoft

Some content of TEMP:
====================
C:\Users\Janine\AppData\Local\Temp\AskSLib.dll
C:\Users\Janine\AppData\Local\Temp\drm_dyndata_7380009.dll
C:\Users\Janine\AppData\Local\Temp\drm_dyndata_7390004.dll
C:\Users\Janine\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Janine\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Janine\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Nini\AppData\Local\Temp\avgnt.exe
C:\Users\Nini\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Nini\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Nini\AppData\Local\Temp\htmlayout.dll
C:\Users\Nini\AppData\Local\Temp\Player_Setup(1).exe
C:\Users\Nini\AppData\Local\Temp\Quarantine.exe
C:\Users\Nini\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Nini\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Nini\AppData\Local\Temp\Setup(1).exe
C:\Users\Nini\AppData\Local\Temp\Setup.exe
C:\Users\Nini\AppData\Local\Temp\sqlite3.dll
C:\Users\Nini\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Nini\AppData\Local\Temp\System.Data.SQLiteea1b056f-d1e3-4476-b0b2-a3fd3cf497df.dll
C:\Users\Nini\AppData\Local\Temp\tmp90E8.exe
C:\Users\Nini\AppData\Local\Temp\uninstall1472504.exe
C:\Users\Nini\AppData\Local\Temp\uninstall1525700.exe
C:\Users\Nini\AppData\Local\Temp\uninstall1525747.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-12-06 09:08

==================== End Of Log ============================




Zu guter Letzt noch der Auszug aus Delfix.
Das ESET Online Scanne Programm konnte ich leider nicht nutzen. Dazu muss ich Online gehen und die Internetverbindung funktioniert leider zur Zeit auch nicht. Wobei ich nicht weiß ob ich durch meine Klickerrei hier das erst verursacht habe. Zumindest habe ich letzte Woche noch Ton gehabt, jetzt leider nicht mehr.

So jetzt noch der Auszug von Delfix.
# DelFix v10.8 - Datei am 07/12/2014 um 13:53:02 erstellt
# Aktualisiert am 29/07/2014 von Xplode
# Benutzer : Nini - JANINE-PC
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)

~ Aktiviere die Benutzerkontensteuerung ... OK

~ Entferne die Bereinigungsprogramme ...

Gelöscht : C:\FRST

~ Erstelle ein Backup der Registrierungsdatenbank ... OK

~ Lösche die Wiederherstellungspunkte ...


Ein neuer Wiederherstellungspunkt wurde erstellt !

~ Stelle die Systemeinstellungen wieder her ... OK

########## - EOF - ##########



Das wars erst mal. Wie gesagt geholfen hat es bisher nicht. Falls Ihr noch eine Idee habt würde ich mich freuen und bedank mich schon mal im Vorraus.

Alt 07.12.2014, 14:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Addition.txt von FRST fehlt noch.
__________________

__________________

Alt 07.12.2014, 16:50   #3
nini555
 
Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



O.K.
erst einmal Danke für die schnelle Antwort.
Hier noch die Additional.



Code:
ATTFilter
#Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 01
Ran by Nini at 2014-12-07 11:29:45
Running from E:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis*Disk*Director*Home (HKLM-x32\...\{9CCC78EF-027E-40E0-9B61-39932C65E3FE}) (Version: 11.0.216 - Acronis)
ADI USB ADSL LAN Adapter (HKLM-x32\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version:  - )
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber Deutschland)
Audiograbber Lame-MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar Platform (x32 Version: 6.3.2291.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Free Video Dub version 2.0.21.822 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.822 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
IsoBuster 2.8 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8 - Smart Projects)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java(TM) 6 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JLC's Internet TV (HKLM-x32\...\JLC's Internet TV) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media Buzz (HKLM-x32\...\MediaBuzzV1mode1096) (Version: 1.1 - Media Buzz) <==== ATTENTION
Media Player (HKLM-x32\...\MediaPlayerV1alpha501) (Version: 1.1 - Media Player) <==== ATTENTION
Media View (HKLM-x32\...\MediaViewV1alpha329) (Version: 1.1 - Media View) <==== ATTENTION
Media View (HKLM-x32\...\MediaViewV1alpha4611) (Version: 1.1 - Media View) <==== ATTENTION
Media Viewer (HKLM-x32\...\MediaViewerV1alpha216) (Version: 1.1 - Media Viewer) <==== ATTENTION
Media Watch (HKLM-x32\...\MediaWatchV1home63) (Version: 1.1 - Media Watch) <==== ATTENTION
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (HKLM-x32\...\POWERPOINT) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0a1 - Mozilla)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSI Kombustor(BETA) v0.7.0 (HKLM-x32\...\MSI Kombustor(BETA)_is1) (Version:  - MSI)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBee 2.3 (HKLM-x32\...\MusicBee) (Version: 2.3 - Steven Mayall)
NVIDIA Grafiktreiber 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 275.33 - NVIDIA Corporation)
NVIDIA Update 1.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.3.5 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rich Media View (HKLM-x32\...\RichMediaViewV1release5650) (Version: 1.1 - Rich Media View) <==== ATTENTION
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Video Player (HKLM-x32\...\Video Player) (Version: 1.1 - Video Player) <==== ATTENTION
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-507852487-1521238306-3764321456-1004_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2011-02-16 23:03 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1C020B8D-BE13-49D6-BEBD-F0FA5C94B7DC} - System32\Tasks\Sun Microsystems-Online-Aktualisierungsprogramm => c:\Program Files\Java\jre6\bin\jusched.exe [2012-09-30] (Sun Microsystems, Inc.)
Task: {24F51262-6055-4DEA-B698-86DBCCC26D0D} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2004-04-17] (InstallShield Software Corporation)
Task: {32F10DA7-958A-4A5D-B60A-82BD68D7FBFD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06] (Adobe Systems Incorporated)
Task: {47C76D72-82E0-4B17-A5B9-32C53D7E7F32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03] (Google Inc.)
Task: {71F0BB36-37F4-4754-9694-9117059A0030} - System32\Tasks\{B8BD125C-F190-4768-8AC3-AC2F158113DF} => C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
Task: {80671ADD-1850-4478-AC52-F2945BA83E24} - System32\Tasks\{C4151EC2-2D9F-49EE-B833-435FE3A9BE51} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {9F9953F9-C4CA-4D65-A9D6-BACB897E0048} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {B2444B34-3D98-465C-9635-61E9DEC79E1A} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {B73DFC78-837A-4C4D-B9AF-48A85A8A7C30} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16] (InstallShield Software Corporation)
Task: {B7BE6DF8-5F57-4F20-A284-FCDF235DFD78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03] (Google Inc.)
Task: {FE3AF70D-09C3-4FE0-BC8D-7617984B7487} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-13 16:14 - 2009-12-12 15:12 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeActiveFileMonitor8.0 => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: AppMgmt => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: CscService => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: LicCtrlService => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: OS Selector => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PCSUService => 2
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: SeaPort => 2
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 3
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 2
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^forteManager.lnk => C:\Windows\pss\forteManager.lnk.CommonStartup
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

========================= Accounts: ==========================

Administrator (S-1-5-21-507852487-1521238306-3764321456-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-507852487-1521238306-3764321456-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-507852487-1521238306-3764321456-1002 - Limited - Enabled)
Janine (S-1-5-21-507852487-1521238306-3764321456-1000 - Administrator - Disabled) => C:\Users\Janine
Nini (S-1-5-21-507852487-1521238306-3764321456-1004 - Administrator - Enabled) => C:\Users\Nini
UpdatusUser (S-1-5-21-507852487-1521238306-3764321456-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2014 11:27:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/07/2014 11:17:38 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/07/2014 11:03:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (12/07/2014 11:16:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/07/2014 11:16:50 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (12/07/2014 11:16:50 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.

Error: (12/07/2014 11:16:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎12.‎2014 um 11:15:07 unerwartet heruntergefahren.

Error: (12/07/2014 11:11:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/07/2014 11:11:09 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (12/07/2014 11:11:09 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.

Error: (12/07/2014 11:08:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/07/2014 11:08:01 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (12/07/2014 11:08:01 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.


Microsoft Office Sessions:
=========================
Error: (08/18/2014 06:16:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/18/2014 06:15:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/18/2014 06:14:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/09/2011 08:25:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 971 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (02/09/2011 07:44:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 84016 seconds with 2940 seconds of active time.  This session ended with a crash.

Error: (02/08/2011 08:24:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 789882 seconds with 8100 seconds of active time.  This session ended with a crash.

Error: (02/21/2010 05:15:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 902 seconds with 540 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz
Percentage of memory in use: 15%
Total physical RAM: 4094.49 MB
Available physical RAM: 3469.32 MB
Total Pagefile: 10233.69 MB
Available Pagefile: 9605.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.07 GB) (Free:273.77 GB) NTFS
Drive e: (USB DISK) (Removable) (Total:0.24 GB) (Free:0.24 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: DBE50493)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 248 MB) (Disk ID: BBCAABDE)
Partition 1: (Active) - (Size=248 MB) - (Type=06)

==================== End Of Log ============================#
         
__________________

Alt 08.12.2014, 16:26   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Media Buzz

    Media Player

    Media View

    Media View

    Media Viewer

    Media Watch

    Rich Media View

    Video Player


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.12.2014, 18:42   #5
nini555
 
Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Danke, Danke Danke.
Ich habe wieder einen Desktop und auch wieder Netz. Ich fühl mich wieder wie ein Mensch!
Einfach supper Hilfe und bin voll Happy.


Der Vollständigkeit halber kommt hier auch der Auszug aus ComboFix.

Combofix Logfile:
Code:
ATTFilter
ComboFix 14-12-10.03 - Nini 10.12.2014  19:09:39.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4094.3440 [GMT 1:00]
ausgeführt von:: E:\ComboFix.exe
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\5189442B94.sys
c:\users\Janine\Favorites\Essen Geburtstag.docx
c:\users\Nini\AppData\Local\Microsoft\Windows\Temporary Internet Files\Adanak_iels
c:\windows\PFRO.log
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
-------\Service_npf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-11-10 bis 2014-12-10  ))))))))))))))))))))))))))))))
.
.
2014-12-10 18:20 . 2014-12-10 18:20	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-12-10 18:20 . 2014-12-10 18:20	--------	d-----w-	c:\users\Janine\AppData\Local\temp
2014-12-10 18:20 . 2014-12-10 18:23	--------	d-----w-	c:\users\Nini\AppData\Local\temp
2014-12-10 18:20 . 2014-12-10 18:20	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-12-10 18:20 . 2014-12-10 18:20	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-12-10 18:20 . 2014-12-10 18:20	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2014-12-07 17:35 . 2014-12-07 17:35	--------	d-----w-	c:\users\Nini\AppData\Local\VirtualStore
2014-12-07 10:47 . 2014-12-07 10:47	--------	d-----w-	C:\$WINDOWS.~BT
2014-12-07 09:42 . 2014-12-07 12:53	--------	d-----w-	c:\windows\ERUNT
2014-12-07 09:31 . 2014-12-07 10:31	--------	d-----w-	c:\users\Nini\rechner wieder Her
2014-12-07 09:10 . 2014-12-07 09:34	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-07 09:09 . 2014-12-07 09:09	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-12-07 09:09 . 2014-12-07 09:09	--------	d-----w-	c:\programdata\Malwarebytes
2014-12-07 09:09 . 2014-11-21 05:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-12-07 09:09 . 2014-11-21 05:14	93400	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-12-07 09:09 . 2014-11-21 05:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-12-06 10:10 . 2014-12-06 10:10	--------	d-----w-	C:\OETemp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-10 18:23 . 2014-12-10 18:23	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{79177974-F281-43BF-AA16-314904920864}\offreg.dll
2014-03-07 09:03	3109520	--sha-w-	c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03	98960	--sha-w-	c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03	550032	--sha-w-	c:\windows\SysWOW64\avformat-lav-55.dll
2009-09-27 07:39	415744	--sh--w-	c:\windows\SysWOW64\avisynth.dll
2014-03-07 09:03	59536	--sha-w-	c:\windows\SysWOW64\avresample-lav-1.dll
2005-07-14 10:31	32256	--sh--w-	c:\windows\SysWOW64\AVSredirect.dll
2014-03-07 09:03	181392	--sha-w-	c:\windows\SysWOW64\avutil-lav-52.dll
2004-02-22 08:11	764416	--sh--w-	c:\windows\SysWOW64\devil.dll
2014-03-07 09:03	122512	--sha-w-	c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03	203408	--sha-w-	c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03	313520	--sha-w-	c:\windows\SysWOW64\HLvideo.dll
2004-01-24 22:00	70656	--sh--w-	c:\windows\SysWOW64\i420vfw.dll
2014-03-07 09:03	109712	--sha-w-	c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26	112128	--sha-w-	c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03	118416	--sha-w-	c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00	107520	--sha-w-	c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54	188416	--sha-w-	c:\windows\SysWOW64\winDCE32.dll
2004-01-24 22:00	70656	--sh--w-	c:\windows\SysWOW64\yv12vfw.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
.
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
R4 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
R4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R4 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE;c:\program files\FRITZ!DSL\IGDCTRL.EXE [x]
R4 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe;c:\windows\runservice.exe [x]
R4 OS Selector;Acronis OS Selector Activator;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-25 22:37	1087304	----a-w-	c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03 13:02]
.
2014-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03 13:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VX1000"="c:\windows\vVX1000.exe" [2009-06-30 762224]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:49173;https=127.0.0.1:49173
uSearchAssistant = hxxp://www.google.com
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-Avira Systray - c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F3F0046F119EFA4F]
"1"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,c2,97,86,6a,a5,82,f8,
   d5,42,54,3b,7e,24,3e,19,f8
"2"=hex:f1,df,16,de,80,08,0e,2a,d1,38,b5,6f,94,ca,dc,d2,b3,e8,d2,40,6c,6f,61,
   5e,d2,5e,7f,21,14,b5,b2,29
"3"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,c2,97,86,6a,a5,82,f8,
   d5,f2,55,76,c8,bc,53,92,25,3f,d1,b6,bc,00,35,73,43,96,90,79,f6,5b,97,35,47,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F3F0046F119EFA4F\58BBB2CAA762B86BF8228F8849EB5144]
"1"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
   b0,50,94,16,01,b2,17,1a,42
"2"=hex:84,00,a2,e9,a5,84,bc,35
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
   1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
   51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
   b0,53,74,ea,24,5b,d9,02,83
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,dd,5f,b3,ed,0b,f3,84,
   77,45,a9,de,2e,a4,95,f6,88,d1,8e,cf,5a,45,90,66,fc,23,93,03,59,55,2d,c6,bd,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:70,56,26,33,e3,20,f8,ab
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-12-10  19:26:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-12-10 18:26
.
Vor Suchlauf: 13 Verzeichnis(se), 304.828.002.304 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 308.457.660.416 Bytes frei
.
- - End Of File - - 23A73B607F72071072D88EA93EF98E01
         
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
[/CODE]


Alt 11.12.2014, 18:54   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2

Alt 14.12.2014, 14:08   #7
nini555
 
Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Hallo erst mal.
Wie gesagt der Desktop ist schon mal wieder da.
Die Programme hatte ich ja bereits instaliert und wie empfohlen hänge ich auch noch einmal die txt. Dateien an.
Adw Cleaner
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.105 - Bericht erstellt am 14/12/2014 um 11:55:44
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-08.2 [Local]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Nini - JANINE-PC
# Gestartet von : F:\Programme\AdwCleaner_4.105.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88C20E16-1EB7-40CE-820C-6CFCB41B1D2F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41634761-D0BA-4C1A-9AC2-04AEE9511370}
Schlüssel Gelöscht : HKLM\SOFTWARE\VideoPlayerV3

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16421


-\\ Mozilla Firefox v20.0.1 (de)


-\\ Google Chrome v39.0.2171.71


*************************

AdwCleaner[R0].txt - [371 octets] - [14/12/2014 11:09:54]
AdwCleaner[R1].txt - [2015 octets] - [14/12/2014 11:38:44]
AdwCleaner[S0].txt - [1928 octets] - [14/12/2014 11:55:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1988 octets] ##########
         
--- --- ---


Malewear
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 14.12.2014
Suchlauf-Zeit: 11:21:17
Logdatei: Malwarebytes Anti-Malware neu.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.11.20.06
Rootkit Datenbank: v2014.11.18.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Nini

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 497335
Verstrichene Zeit: 15 Min, 5 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

JRT
Code:
ATTFilter
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Professional x64
Ran by Nini on 14.12.2014 at 13:39:04,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.12.2014 at 13:42:51,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         


FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01
Ran by Nini (administrator) on JANINE-PC on 14-12-2014 14:08:30
Running from F:\Programme
Loaded Profiles: UpdatusUser & Nini (Available profiles: Janine & UpdatusUser & Nini & Administrator & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762224 2009-06-30] (Microsoft Corporation)
Startup: C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\Janine\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-507852487-1521238306-3764321456-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-507852487-1521238306-3764321456-1004] => http=127.0.0.1:49173;https=127.0.0.1:49173
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFB04E8402B7DCE01
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-507852487-1521238306-3764321456-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> c:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 07 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-05]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-08-10]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-08-10]
FF Extension: No Name - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com [Not Found]
FF Extension: No Name - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com [Not Found]
FF Extension: No Name - C:\Program Files\Nightly\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Google Docs) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-11]
CHR Extension: (Google Drive) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-11]
CHR Extension: (Adblock Plus) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-05]
CHR Extension: (Google-Suche) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-11]
CHR Extension: (Google Wallet) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Google Mail) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [bcpbcngonbobipkhkdkfffkgpmnmeola] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release5650\ch\RichMediaViewV1release5650.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bgnnkhlplihnikcljmlfleknmajpdieg] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta2061\ch\VideoPlayerV3beta2061.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bjhjcbjpdohojlfpalfnediiibbdkabh] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode1096\ch\MediaBuzzV1mode1096.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dopemniaeocfenlpnoannaefnhfcjcgi] - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\Default\Extensions\searchswitch.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ejgjpkdliopkjhenfaioejboibiagbcc] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha216\ch\MediaViewerV1alpha216.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gmpcjdhphhdfnflcgpgeneojihpojidm] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4611\ch\MediaViewV1alpha4611.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [goodaalebnjpdnjgbjpbbllmmphdbgmi] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha329\ch\MediaViewV1alpha329.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [inleambckaaohcdcbmhnbklmakeccnei] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha5271\ch\TrustMediaViewerV1alpha5271.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lehbeodgjfnoeiaonejbbdeebmmknjlj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home63\ch\MediaWatchV1home63.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S4 LicCtrlService; C:\Windows\runservice.exe [2560 2011-07-17] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-05-25] ()
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
S4 Avira.OE.ServiceHost; "C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [311968 2013-03-25] ()
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\DRIVERS\BrUsbSer.sys [19584 2006-09-02] (Brother Industries Ltd.) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2013-03-17] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-14 14:08 - 2014-12-14 14:08 - 00000000 ____D () C:\FRST
2014-12-11 18:48 - 2014-12-11 18:48 - 00000000 ____D () C:\$WINDOWS.~BT
2014-12-11 16:53 - 2014-12-14 11:56 - 00000676 _____ () C:\Windows\PFRO.log
2014-12-10 19:05 - 2014-12-10 19:24 - 00000000 ____D () C:\Windows\erdnt
2014-12-07 19:42 - 2014-12-07 19:46 - 00000000 _____ () C:\Recovery.txt
2014-12-07 18:35 - 2014-12-07 18:35 - 00000000 ____D () C:\Users\Nini\AppData\Local\VirtualStore
2014-12-07 11:24 - 2014-12-14 14:06 - 00001131 _____ () C:\DelFix.txt
2014-12-07 10:42 - 2014-12-07 13:53 - 00000000 ____D () C:\Windows\ERUNT
2014-12-07 10:31 - 2014-12-14 14:07 - 00000000 ____D () C:\Users\Nini\rechner wieder Her
2014-12-07 10:10 - 2014-12-14 11:57 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-07 10:09 - 2014-12-14 11:20 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-07 10:09 - 2014-12-14 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-07 10:09 - 2014-12-14 11:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-07 10:09 - 2014-12-07 10:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-07 10:09 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-07 10:09 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-07 10:09 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-06 11:10 - 2014-12-06 11:10 - 00000000 ____D () C:\OETemp
2014-12-06 08:50 - 2014-12-11 18:49 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-12-06 08:50 - 2014-12-11 18:49 - 00001908 _____ () C:\Windows\diagerr.xml

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-14 13:36 - 2013-04-03 14:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-14 12:04 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-14 12:04 - 2009-07-14 05:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-14 12:00 - 2009-10-22 11:48 - 01918287 _____ () C:\Windows\WindowsUpdate.log
2014-12-14 11:57 - 2013-04-03 14:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-14 11:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-14 11:56 - 2009-07-14 05:51 - 00003045 _____ () C:\Windows\setupact.log
2014-12-14 11:10 - 2009-07-14 18:58 - 00653928 _____ () C:\Windows\system32\perfh007.dat
2014-12-14 11:10 - 2009-07-14 18:58 - 00129800 _____ () C:\Windows\system32\perfc007.dat
2014-12-14 11:10 - 2009-07-14 06:13 - 01498506 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-13 17:15 - 2013-04-04 19:27 - 00000000 ____D () C:\Users\Nini\AppData\Roaming\dvdcss
2014-12-13 16:16 - 2013-04-04 19:27 - 00000000 ____D () C:\Users\Nini\AppData\Roaming\vlc
2014-12-11 18:47 - 2009-07-14 05:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-10 19:22 - 2014-01-29 16:11 - 00002096 __RSH () C:\ProgramData\ntuser.pol
2014-12-10 19:22 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-10 19:21 - 2009-07-14 03:34 - 64225280 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-12-10 19:21 - 2009-07-14 03:34 - 38535168 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-12-10 19:21 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-12-10 19:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-12-10 19:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-12-07 10:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-12-07 10:31 - 2013-04-02 20:00 - 00000000 ____D () C:\Users\Nini
2014-12-06 15:32 - 2013-08-15 08:15 - 00000000 ____D () C:\Users\Nini\AppData\Local\TubeBox
2014-12-06 15:32 - 2013-01-12 10:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-06 15:32 - 2013-01-12 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freetec
2014-12-06 15:20 - 2013-11-12 20:07 - 00001264 _____ () C:\Users\Nini\Desktop\Revo Uninstaller.lnk
2014-12-06 15:20 - 2013-01-12 10:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-06 10:51 - 2013-08-15 07:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-06 10:51 - 2012-09-08 06:18 - 00000000 ____D () C:\ProgramData\Avira
2014-12-06 10:21 - 2011-07-17 07:06 - 00000609 ___SH () C:\Windows\SysWOW64\mmf.sys
2014-12-06 10:19 - 2014-11-08 09:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla FireFox
2014-11-30 00:53 - 2009-10-22 11:54 - 00000000 ____D () C:\Recovery
2014-11-30 00:47 - 2013-04-02 15:02 - 00000000 ____D () C:\Users\Gast
2014-11-30 00:47 - 2013-03-25 13:11 - 00000000 ____D () C:\Users\Administrator
2014-11-30 00:47 - 2011-11-08 10:15 - 00000000 ____D () C:\Program Files (x86)\JLC's Software
2014-11-30 00:47 - 2010-11-22 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-11-30 00:47 - 2010-11-22 11:53 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-11-30 00:47 - 2009-10-22 11:54 - 00000000 ____D () C:\Users\Janine
2014-11-30 00:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-29 16:50 - 2014-11-08 08:59 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-11-25 23:39 - 2014-03-11 17:14 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-19 22:39 - 2010-04-02 13:42 - 00000034 _____ () C:\Windows\cdplayer.ini
2014-11-15 11:31 - 2013-04-03 14:02 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 11:31 - 2013-04-03 14:02 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Nini\AppData\Local\temp\Quarantine.exe
C:\Users\Nini\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-06 09:08

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

das Additional


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 01
Ran by Nini at 2014-12-14 14:09:11
Running from F:\Programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis*Disk*Director*Home (HKLM-x32\...\{9CCC78EF-027E-40E0-9B61-39932C65E3FE}) (Version: 11.0.216 - Acronis)
ADI USB ADSL LAN Adapter (HKLM-x32\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version:  - )
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber Deutschland)
Audiograbber Lame-MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar Platform (x32 Version: 6.3.2291.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Free Video Dub version 2.0.21.822 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.822 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
IsoBuster 2.8 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8 - Smart Projects)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java(TM) 6 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JLC's Internet TV (HKLM-x32\...\JLC's Internet TV) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (HKLM-x32\...\POWERPOINT) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0a1 - Mozilla)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSI Kombustor(BETA) v0.7.0 (HKLM-x32\...\MSI Kombustor(BETA)_is1) (Version:  - MSI)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBee 2.3 (HKLM-x32\...\MusicBee) (Version: 2.3 - Steven Mayall)
NVIDIA Grafiktreiber 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 275.33 - NVIDIA Corporation)
NVIDIA Update 1.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.3.5 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-507852487-1521238306-3764321456-1004_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-10 19:22 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1C020B8D-BE13-49D6-BEBD-F0FA5C94B7DC} - System32\Tasks\Sun Microsystems-Online-Aktualisierungsprogramm => c:\Program Files\Java\jre6\bin\jusched.exe [2012-09-30] (Sun Microsystems, Inc.)
Task: {24F51262-6055-4DEA-B698-86DBCCC26D0D} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2004-04-17] (InstallShield Software Corporation)
Task: {32F10DA7-958A-4A5D-B60A-82BD68D7FBFD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06] (Adobe Systems Incorporated)
Task: {47C76D72-82E0-4B17-A5B9-32C53D7E7F32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03] (Google Inc.)
Task: {71F0BB36-37F4-4754-9694-9117059A0030} - System32\Tasks\{B8BD125C-F190-4768-8AC3-AC2F158113DF} => C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
Task: {80671ADD-1850-4478-AC52-F2945BA83E24} - System32\Tasks\{C4151EC2-2D9F-49EE-B833-435FE3A9BE51} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {9F9953F9-C4CA-4D65-A9D6-BACB897E0048} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {B2444B34-3D98-465C-9635-61E9DEC79E1A} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {B73DFC78-837A-4C4D-B9AF-48A85A8A7C30} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16] (InstallShield Software Corporation)
Task: {B7BE6DF8-5F57-4F20-A284-FCDF235DFD78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03] (Google Inc.)
Task: {FE3AF70D-09C3-4FE0-BC8D-7617984B7487} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-06 14:52 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2014-01-03 07:59 - 2014-02-10 18:04 - 00430080 _____ () C:\Windows\mod_frst.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeActiveFileMonitor8.0 => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: AppMgmt => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: CscService => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: LicCtrlService => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: OS Selector => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PCSUService => 2
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: SeaPort => 2
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 3
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 2
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^forteManager.lnk => C:\Windows\pss\forteManager.lnk.CommonStartup
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

========================= Accounts: ==========================

Administrator (S-1-5-21-507852487-1521238306-3764321456-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-507852487-1521238306-3764321456-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-507852487-1521238306-3764321456-1002 - Limited - Enabled)
Janine (S-1-5-21-507852487-1521238306-3764321456-1000 - Administrator - Disabled) => C:\Users\Janine
Nini (S-1-5-21-507852487-1521238306-3764321456-1004 - Administrator - Enabled) => C:\Users\Nini
UpdatusUser (S-1-5-21-507852487-1521238306-3764321456-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/14/2014 02:09:12 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (12/14/2014 02:09:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (12/14/2014 02:06:55 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = F:\Programme\delfix_10.8.exe ; Beschreibung = Ende der Bereinigung; Fehler = 0x80042302).

Error: (12/14/2014 02:06:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "GetProviderMgmtInterface" ist ein unerwarteter Fehler aufgetreten. hr = 0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten.
.

Error: (12/14/2014 02:06:55 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (12/14/2014 02:06:55 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (12/14/2014 02:06:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {232cdce1-96a7-4a39-92d2-a7ed6a13c43b}

Error: (12/14/2014 02:06:55 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {232cdce1-96a7-4a39-92d2-a7ed6a13c43b}

Error: (12/14/2014 02:06:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {277e59df-37de-4fdb-92dc-2899284c0895}

Error: (12/14/2014 02:06:55 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {277e59df-37de-4fdb-92dc-2899284c0895}


System errors:
=============
Error: (12/14/2014 02:07:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (12/14/2014 02:07:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (12/14/2014 02:07:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (12/14/2014 02:07:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (12/14/2014 02:07:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (12/14/2014 02:07:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (12/14/2014 02:07:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (12/14/2014 02:07:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (12/14/2014 02:07:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (12/14/2014 02:07:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


Microsoft Office Sessions:
=========================
Error: (08/18/2014 06:16:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/18/2014 06:15:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/18/2014 06:14:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/09/2011 08:25:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 971 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (02/09/2011 07:44:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 84016 seconds with 2940 seconds of active time.  This session ended with a crash.

Error: (02/08/2011 08:24:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 789882 seconds with 8100 seconds of active time.  This session ended with a crash.

Error: (02/21/2010 05:15:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 902 seconds with 540 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-12-10 19:19:54.984
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-10 19:19:54.953
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz
Percentage of memory in use: 23%
Total physical RAM: 4094.49 MB
Available physical RAM: 3131.15 MB
Total Pagefile: 10233.69 MB
Available Pagefile: 9118.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.07 GB) (Free:287.4 GB) NTFS
Drive f: (USB DISK) (Removable) (Total:0.24 GB) (Free:0.21 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: DBE50493)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 248 MB) (Disk ID: BBCAABDE)
Partition 1: (Active) - (Size=248 MB) - (Type=06)

==================== End Of Log ============================
         


Die Meldung mit dem Internet war dagegen etwas verfrüht.
Den Ton habe ich mittlerweile dank einem anderen Treade von hier wieder bekommen. Das lag an ein paar deaktivierten Diensten.
Leider meldetdas System mir einen Fehler 711 RASV.
Vielleicht habt ihr ja da auch einen Tipp.
Die Dienste habe ich schon versucht zu aktivieren.
Liebe Grüße

Alt 14.12.2014, 19:50   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Zitat:
Leider meldetdas System mir einen Fehler 711 RASV.
Wann? Wo?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.12.2014, 20:45   #9
nini555
 
Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Einen schönen guten Abend,
also nach dem Starten, meldet mir das System unten Rechts es wäre keine Verbindung zm Netzwerk vorhanden.
Die Problembehebung selbst meldet mir, dass es das Problem nicht identifizieren kann.
In der Systemsteuerung zeigt er mir auch kein Netzwerk an.
Da mein Vater über W-Lan den Laptop betreibt und auch das Handy Wlan anzeigt muss es also aktiv sein, sonst könnte ich hier kaum was schreiben.
Beim einrichten in der Systemsteuer zeigt er mir den Fehler 711 an.

Wenn ich Google Chrome starte öffnet sich zwar die Startseite von Google jedoch bekomme ich die Fehlermeldung, dass die Seite nicht verfügbar ist. Chrome liegt dabei noch einige Hilfestellungen unter anderem, dass man unter den Einstellungen von Chrome bei dem Proxyserver Einstellung eine Änderung vornehmen soll/könnte.
Mir wird dabei die Breitbandverbindung angezeigt, wenn ich mir die Eigenschafften anschaue bzw. ändern möchte erhalte ich wieder diese Fehlermeldung (ausführlicher).
RAS Verbindungsverwaltung kann nicht gestartet werden. Fehler 711. Der RAS-Vebindungsverwaltungsdienst konnte nicht rechtzeitig gestartet werden.

In einem forumsbeitrag habe ich gelesen, dass man hierbei über Starte die Dienste aufrufen kann und den entsprechenden Dienst auf Automatisch setzten soll.
Mir zeigt das System zweie an, einmal Routing und RAS sowie RAS-Verbindungsverwaltung beide habe ich wie empfohlen von Deaktiviert auf Automatisch gestellt.
Die Fehlermeldung bleibt jedoch bestehen.

LG Nini

Alt 15.12.2014, 18:32   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
  • Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
  • Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.12.2014, 05:23   #11
nini555
 
Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Lieber Schrauber,
herzlichen Dank, auch der Fehler ist behoben.
Damit hast du mir dieses Jahr vermutlich das schönste Weihnachtsgeschenk gemacht.
Ich wünsch dir ein schönes Fest und guten Rutsch und sag nochmals ganz herzlich Danke.
LG Nini

Alt 18.12.2014, 20:05   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Dann machen wir noch schnell KOntrollscans


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.12.2014, 14:47   #13
nini555
 
Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Gut mache ich.
Ich glaube aber ich habe mir beim laden des Scanners gleich wieder was eingefangen. Zumindest hat er 13 Fehler gemeldet.

ESET Online Scanner
Code:
ATTFilter
 ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=37b1e308eddc5d49a86bbd96df228ed1
# engine=21635
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-12-19 10:10:12
# local_time=2014-12-19 11:10:12 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 30313 170656862 0 0
# scanned=779210
# found=18
# cleaned=16
# scan_time=16700
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0"
sh=F01099E4422FDED0661CF4A526DA68E5E68A3DDD ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AskToolbar\avira.cab"
sh=8024D29FA23B457A440120D6357B105DE3447FFA ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.BH potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Download\Adobe Photoshop 8.0\Adobe Photoshop Elements 8.0\Adobe.Photoshop.Elements.v8.0.Multilingual.ESD.ISO-CORE.iso"
sh=349CA9FEC7DF5635B9853DB15BC50F9C8C329A1D ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.BH potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Download\Adobe Photoshop 8.0\Adobe.Premiere.Elements.v8.0\Adobe.Premiere.Elements.v8.0.Multilingual.ESD.ISO-CORE.iso"
sh=B19CC197BF0BEDECD6794B4EE06E4B6C64788C09 ft=1 fh=d6ef2b1c4c8e2162 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Downloadarchiv\isobuster27_all_lang.exe"
sh=3CDB0690A360AE9C725D642E890D16005AD72D30 ft=1 fh=db21275f6a7eaec5 vn="Variante von MSIL/NewPlayer.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\VideoPlayer\VAFChecker.exe"
sh=E88952A7C68BC64AD84A88AB73A4DAFBDAB80580 ft=1 fh=bc7fcb22b92a1d08 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Default\AppData\Local\AskToolbar\Downloaded Program Files\AviraBrowserSecurity.dll"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Nini\AppData\Local\temp\10851772.Uninstall\uninstaller.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Nini\AppData\Local\temp\is765589038\5D4B7A38_stp\uninstaller.exe"
sh=1E92E1AF2BAD67A74F161C0FFD164AD9EC5F0A41 ft=1 fh=0d113439e5e230ad vn="Variante von Win32/InstallCore.UF evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Nini\Downloads\FileOpenerSetup.exe"
sh=0394AB95AC762A9623404BEA528B5047E4935645 ft=0 fh=0000000000000000 vn="Win32/HackKMS.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Nini\Hörbuch\Office_Professional_Plus_2010_(x86)-(German).rar"
sh=8024D29FA23B457A440120D6357B105DE3447FFA ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.BH potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Nini\nini\Adobe Photoshop 8.0\Adobe Photoshop Elements 8.0\Adobe.Photoshop.Elements.v8.0.Multilingual.ESD.ISO-CORE.iso"
sh=349CA9FEC7DF5635B9853DB15BC50F9C8C329A1D ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.BH potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Nini\nini\Adobe Photoshop 8.0\Adobe.Premiere.Elements.v8.0\Adobe.Premiere.Elements.v8.0.Multilingual.ESD.ISO-CORE.iso"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=A70EFAB5F2D2D83AD2B7E0304169C73F6D0EC700 ft=1 fh=011924ad9c4ebdbf vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=E49B25E89541B5DBCE1777046B0240B6AAD84864 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\Installer\2088d.msi"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0"
sh=F01099E4422FDED0661CF4A526DA68E5E68A3DDD ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\AskToolbar\avira.cab"
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=37b1e308eddc5d49a86bbd96df228ed1
# engine=21644
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-20 11:42:32
# local_time=2014-12-20 12:42:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 12587 170705602 0 0
# scanned=265752
# found=0
# cleaned=0
# scan_time=3426
         


Beim Security Check kam nur die eine Zeile raus
Code:
ATTFilter
  UNSUPPORTED OPERATING SYSTEM! ABORTED!
         
LG Nini

Sorry das FRST vergessen mit zu liefern.
Wird promt nachgeholt.

FRST.txt.

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Nini (administrator) on JANINE-PC on 20-12-2014 15:42:15
Running from F:\Programme
Loaded Profiles: UpdatusUser & Nini (Available profiles: Janine & UpdatusUser & Nini & Administrator & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762224 2009-06-30] (Microsoft Corporation)
Startup: C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\Janine\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-507852487-1521238306-3764321456-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_51_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtDzyyEyC0B0Fzy0F0F0DyCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0E0Ezy0CtDyD0CtG0BtCyEzztGtA0A0CzytG0FyD0A0CtGyDtDyEyEyByCtBtCyEyC0AyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0EtD0ByBtBtCtAtG0CzytByCtGyE0AyEzytGzztA0C0FtGyBtBtAtC0Azy0DtBtD0CtBtC2Q&cr=1229899044&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_51_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtDzyyEyC0B0Fzy0F0F0DyCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0E0Ezy0CtDyD0CtG0BtCyEzztGtA0A0CzytG0FyD0A0CtGyDtDyEyEyByCtBtCyEyC0AyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0EtD0ByBtBtCtAtG0CzytByCtGyE0AyEzytGzztA0C0FtGyBtBtAtC0Azy0DtBtD0CtBtC2Q&cr=1229899044&ir=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-507852487-1521238306-3764321456-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-507852487-1521238306-3764321456-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-507852487-1521238306-3764321456-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> c:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 07 C:\Program Files\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-05]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-08-10]
FF Extension: No Name - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com [Not Found]
FF Extension: No Name - C:\Users\Nini\AppData\Roaming\Mozilla\Firefox\Profiles\rb99wklk.default-1388954994189\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com [Not Found]
FF Extension: No Name - C:\Program Files\Nightly\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR HomePage: Default -> hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_51_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtDzyyEyC0B0Fzy0F0F0DyCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0E0Ezy0CtDyD0CtG0BtCyEzztGtA0A0CzytG0FyD0A0CtGyDtDyEyEyByCtBtCyEyC0AyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0EtD0ByBtBtCtAtG0CzytByCtGyE0AyEzytGzztA0C0FtGyBtBtAtC0Azy0DtBtD0CtBtC2Q&cr=1229899044&ir=
CHR StartupUrls: Default -> "hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_51_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtDzyyEyC0B0Fzy0F0F0DyCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0E0Ezy0CtDyD0CtG0BtCyEzztGtA0A0CzytG0FyD0A0CtGyDtDyEyEyByCtBtCyEyC0AyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0EtD0ByBtBtCtAtG0CzytByCtGyE0AyEzytGzztA0C0FtGyBtBtAtC0Azy0DtBtD0CtBtC2Q&cr=1229899044&ir="
CHR DefaultSearchKeyword: Default -> vosteran.com
CHR DefaultSearchURL: Default -> hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_51_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtDzyyEyC0B0Fzy0F0F0DyCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0E0Ezy0CtDyD0CtG0BtCyEzztGtA0A0CzytG0FyD0A0CtGyDtDyEyEyByCtBtCyEyC0AyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0EtD0ByBtBtCtAtG0CzytByCtGyE0AyEzytGzztA0C0FtGyBtBtAtC0Azy0DtBtD0CtBtC2Q&cr=1229899044&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Google Docs) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-11]
CHR Extension: (Google Drive) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-11]
CHR Extension: (Adblock Plus) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-05]
CHR Extension: (Google-Suche) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-11]
CHR Extension: (Google Wallet) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Google Mail) - C:\Users\Nini\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [bcpbcngonbobipkhkdkfffkgpmnmeola] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release5650\ch\RichMediaViewV1release5650.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bgnnkhlplihnikcljmlfleknmajpdieg] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta2061\ch\VideoPlayerV3beta2061.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bjhjcbjpdohojlfpalfnediiibbdkabh] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode1096\ch\MediaBuzzV1mode1096.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ejgjpkdliopkjhenfaioejboibiagbcc] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha216\ch\MediaViewerV1alpha216.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gmpcjdhphhdfnflcgpgeneojihpojidm] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4611\ch\MediaViewV1alpha4611.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [goodaalebnjpdnjgbjpbbllmmphdbgmi] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha329\ch\MediaViewV1alpha329.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [inleambckaaohcdcbmhnbklmakeccnei] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha5271\ch\TrustMediaViewerV1alpha5271.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lehbeodgjfnoeiaonejbbdeebmmknjlj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home63\ch\MediaWatchV1home63.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S4 LicCtrlService; C:\Windows\runservice.exe [2560 2011-07-17] () [File not signed]
S4 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-05-25] ()
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
S4 Avira.OE.ServiceHost; "C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [311968 2013-03-25] ()
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\DRIVERS\BrUsbSer.sys [19584 2006-09-02] (Brother Industries Ltd.) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2013-03-17] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 08:16 - 2014-12-20 08:16 - 01559108 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-12-20 07:51 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-12-20 07:23 - 2014-12-20 07:51 - 00016063 _____ () C:\Windows\IE11_main.log
2014-12-20 03:33 - 2014-12-20 03:33 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-12-20 03:33 - 2014-12-20 03:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-12-20 03:02 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-12-20 03:02 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-12-20 03:02 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-12-20 03:02 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-12-20 03:02 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-12-20 03:02 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-12-20 03:01 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-20 03:01 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-19 18:27 - 2014-12-20 11:09 - 00000000 ____D () C:\ProgramData\Norton
2014-12-19 18:25 - 2014-12-19 18:25 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-19 18:22 - 2014-12-20 11:36 - 00000000 ____D () C:\Users\Nini\AppData\Roaming\DigitalSites
2014-12-19 15:28 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-19 15:28 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-19 15:28 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-19 15:28 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-19 15:27 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-19 15:27 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-19 15:27 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-19 15:27 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-16 22:52 - 2014-12-16 22:52 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JANINE-PC-Microsoft-Windows-7-Professional-(64-bit).dat
2014-12-16 22:52 - 2014-12-16 22:52 - 00000000 ____D () C:\RegBackup
2014-12-15 17:06 - 2014-12-15 17:06 - 00000000 ____D () C:\Users\Nini\Desktop\Neuer Ordner
2014-12-14 14:08 - 2014-12-20 15:42 - 00000000 ____D () C:\FRST
2014-12-11 18:48 - 2014-12-11 18:48 - 00000000 ____D () C:\$WINDOWS.~BT
2014-12-11 16:53 - 2014-12-20 11:09 - 00574504 _____ () C:\Windows\PFRO.log
2014-12-10 19:05 - 2014-12-10 19:24 - 00000000 ____D () C:\Windows\erdnt
2014-12-07 18:35 - 2014-12-07 18:35 - 00000000 ____D () C:\Users\Nini\AppData\Local\VirtualStore
2014-12-07 11:24 - 2014-12-14 14:06 - 00001131 _____ () C:\DelFix.txt
2014-12-07 10:42 - 2014-12-07 13:53 - 00000000 ____D () C:\Windows\ERUNT
2014-12-07 10:31 - 2014-12-14 14:07 - 00000000 ____D () C:\Users\Nini\rechner wieder Her
2014-12-07 10:09 - 2014-12-07 10:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-06 11:10 - 2014-12-06 11:10 - 00000000 ____D () C:\OETemp
2014-12-06 08:50 - 2014-12-11 18:49 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-12-06 08:50 - 2014-12-11 18:49 - 00001908 _____ () C:\Windows\diagerr.xml

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 15:42 - 2009-10-22 11:48 - 02016653 _____ () C:\Windows\WindowsUpdate.log
2014-12-20 15:36 - 2013-04-03 14:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-20 14:39 - 2013-04-04 19:27 - 00000000 ____D () C:\Users\Nini\AppData\Roaming\vlc
2014-12-20 13:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-20 11:41 - 2011-11-08 10:15 - 00000000 ____D () C:\Program Files (x86)\JLC's Software
2014-12-20 11:36 - 2013-04-03 14:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-20 11:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-20 11:15 - 2009-07-14 05:45 - 00021616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-20 11:15 - 2009-07-14 05:45 - 00021616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-20 11:09 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-20 11:09 - 2009-07-14 05:51 - 00003717 _____ () C:\Windows\setupact.log
2014-12-20 11:05 - 2011-07-18 16:26 - 00000000 ____D () C:\Users\Nini\Janine
2014-12-20 09:17 - 2009-07-14 05:45 - 00325264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-20 09:16 - 2012-01-01 09:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-20 09:16 - 2012-01-01 09:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-20 09:13 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-20 09:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-12-20 09:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-12-20 09:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-12-20 09:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-12-20 09:12 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-20 09:12 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-20 09:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-12-20 09:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-12-20 09:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-20 08:16 - 2009-07-14 18:58 - 00684980 _____ () C:\Windows\system32\perfh007.dat
2014-12-20 08:16 - 2009-07-14 18:58 - 00144812 _____ () C:\Windows\system32\perfc007.dat
2014-12-20 08:16 - 2009-07-14 06:13 - 01613086 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 06:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-20 04:35 - 2010-01-07 13:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-20 03:31 - 2010-01-07 13:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-12-20 03:28 - 2012-01-01 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-19 22:55 - 2013-03-19 16:48 - 00000000 ____D () C:\Users\Nini\Hörbuch
2014-12-19 22:47 - 2013-11-12 19:43 - 00000000 ____D () C:\Program Files (x86)\VideoPlayer
2014-12-19 22:47 - 2009-10-23 11:03 - 00000000 ____D () C:\Downloadarchiv
2014-12-19 16:25 - 2013-04-04 19:27 - 00000000 ____D () C:\Users\Nini\AppData\Roaming\dvdcss
2014-12-17 15:38 - 2014-03-11 17:14 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-17 15:13 - 2013-04-02 20:00 - 00000000 ____D () C:\Users\Nini
2014-12-16 23:42 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\CSC
2014-12-16 23:10 - 2009-07-14 03:34 - 00000541 _____ () C:\Windows\win.ini
2014-12-11 18:47 - 2009-07-14 05:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-10 19:22 - 2014-01-29 16:11 - 00002096 __RSH () C:\ProgramData\ntuser.pol
2014-12-10 19:22 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-10 19:22 - 2009-07-14 03:34 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_468
2014-12-10 19:21 - 2009-07-14 03:34 - 64225280 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-12-10 19:21 - 2009-07-14 03:34 - 38535168 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-12-10 19:21 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-12-10 19:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-12-10 19:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-12-07 10:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-12-06 15:32 - 2013-08-15 08:15 - 00000000 ____D () C:\Users\Nini\AppData\Local\TubeBox
2014-12-06 15:32 - 2013-01-12 10:55 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-06 15:32 - 2013-01-12 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freetec
2014-12-06 15:20 - 2013-11-12 20:07 - 00001264 _____ () C:\Users\Nini\Desktop\Revo Uninstaller.lnk
2014-12-06 15:20 - 2013-01-12 10:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-06 10:51 - 2013-08-15 07:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-06 10:51 - 2012-09-08 06:18 - 00000000 ____D () C:\ProgramData\Avira
2014-12-06 10:21 - 2011-07-17 07:06 - 00000609 ___SH () C:\Windows\SysWOW64\mmf.sys
2014-12-06 10:19 - 2014-11-08 09:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla FireFox
2014-11-30 00:53 - 2009-10-22 11:54 - 00000000 ____D () C:\Recovery
2014-11-30 00:47 - 2013-04-02 15:02 - 00000000 ____D () C:\Users\Gast
2014-11-30 00:47 - 2013-03-25 13:11 - 00000000 ____D () C:\Users\Administrator
2014-11-30 00:47 - 2010-11-22 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-11-30 00:47 - 2010-11-22 11:53 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-11-30 00:47 - 2009-10-22 11:54 - 00000000 ____D () C:\Users\Janine
2014-11-30 00:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-29 16:50 - 2014-11-08 08:59 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-11-24 14:04 - 2009-10-27 14:24 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 17:23

==================== End Of Log ============================
         
--- --- ---

--- --- ---




und die Addition
Code:
ATTFilter
 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Nini at 2014-12-20 15:42:39
Running from F:\Programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis*Disk*Director*Home (HKLM-x32\...\{9CCC78EF-027E-40E0-9B61-39932C65E3FE}) (Version: 11.0.216 - Acronis)
ADI USB ADSL LAN Adapter (HKLM-x32\...\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}) (Version:  - )
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber Deutschland)
Audiograbber Lame-MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Free Video Dub version 2.0.21.822 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.822 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
IsoBuster 2.8 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8 - Smart Projects)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java(TM) 6 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (HKLM-x32\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0a1 - Mozilla)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSI Kombustor(BETA) v0.7.0 (HKLM-x32\...\MSI Kombustor(BETA)_is1) (Version:  - MSI)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBee 2.3 (HKLM-x32\...\MusicBee) (Version: 2.3 - Steven Mayall)
NVIDIA Grafiktreiber 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 275.33 - NVIDIA Corporation)
NVIDIA Update 1.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.3.5 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_EXCEL_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_POWERPOINT_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_WORD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-507852487-1521238306-3764321456-1004_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

19-12-2014 15:27:22 Windows Update
19-12-2014 15:44:18 Windows Update
20-12-2014 03:01:09 Windows Update
20-12-2014 09:56:16 Removed Microsoft Silverlight
20-12-2014 11:06:13 Microsoft Visual C++ 2005 Redistributable (x64) wird entfernt
20-12-2014 11:40:45 Revo Uninstaller's restore point - JLC's Internet TV
20-12-2014 11:42:48 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.0.4.1028

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-16 23:11 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0827501C-67E0-4ADE-821E-A8AA0DD492FC} - System32\Tasks\{3F0F60CB-1501-4541-9335-1C07FFBEDA16} => pcalua.exe -a C:\Users\Nini\Downloads\AVM_FRITZ!WLAN_Repeater_310_Assistent(1).exe -d C:\Users\Nini\Downloads
Task: {086D064F-97D8-4568-BB8C-9EA2A6465687} - System32\Tasks\{26D7A2F2-8BDA-4AC0-AFFC-04A9CE2010F5} => pcalua.exe -a C:\Users\Nini\Downloads\AVM_FRITZ!WLAN_Repeater_310_Assistent.exe -d C:\Users\Nini\Downloads
Task: {0BDB7ACC-87CC-4321-9D95-45E45C751F50} - System32\Tasks\{1EDFA5BE-C70B-4645-9AB4-7442ECBA27FA} => pcalua.exe -a F:\Systemkram\T-Online_6.0.exe -d F:\Systemkram
Task: {17E7B209-C22F-43C9-B0C7-E775D50EC8ED} - System32\Tasks\{F46BD553-0E09-4F96-8940-C66C1CD3F204} => pcalua.exe -a C:\Users\Nini\Downloads\AVM_FRITZ!WLAN_Repeater_310_Assistent(2).exe -d C:\Users\Nini\Downloads
Task: {1C020B8D-BE13-49D6-BEBD-F0FA5C94B7DC} - System32\Tasks\Sun Microsystems-Online-Aktualisierungsprogramm => c:\Program Files\Java\jre6\bin\jusched.exe [2012-09-30] (Sun Microsystems, Inc.)
Task: {24F51262-6055-4DEA-B698-86DBCCC26D0D} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2004-04-17] (InstallShield Software Corporation)
Task: {32F10DA7-958A-4A5D-B60A-82BD68D7FBFD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06] (Adobe Systems Incorporated)
Task: {47C76D72-82E0-4B17-A5B9-32C53D7E7F32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03] (Google Inc.)
Task: {71F0BB36-37F4-4754-9694-9117059A0030} - System32\Tasks\{B8BD125C-F190-4768-8AC3-AC2F158113DF} => C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
Task: {74286CE3-8C9B-4790-8CFB-B45726B7888A} - System32\Tasks\{5D46F409-7526-4ECE-8782-DA6DA353EC89} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {80671ADD-1850-4478-AC52-F2945BA83E24} - System32\Tasks\{C4151EC2-2D9F-49EE-B833-435FE3A9BE51} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {9F9953F9-C4CA-4D65-A9D6-BACB897E0048} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {A4503C22-A411-46A8-A17B-7CF0DCB6B448} - System32\Tasks\{8B0317B6-A26C-4E4E-8EC1-1D8B75FB4AD2} => pcalua.exe -a "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Task: {B2444B34-3D98-465C-9635-61E9DEC79E1A} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {B73DFC78-837A-4C4D-B9AF-48A85A8A7C30} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16] (InstallShield Software Corporation)
Task: {B7BE6DF8-5F57-4F20-A284-FCDF235DFD78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03] (Google Inc.)
Task: {C0A43BE1-450C-4471-B6A5-69416C263C5C} - System32\Tasks\{14C23022-903C-4886-A159-3CDBBB9AE65E} => pcalua.exe -a D:\Software\Teledat\Setup.exe -d D:\Software\Teledat
Task: {CD3BC894-D451-44C1-9679-BDCDE6208537} - System32\Tasks\{CCB59C68-CE26-4F58-A725-8A50C6E45AF7} => pcalua.exe -a C:\Users\Nini\AppData\Local\Temp\vcredist_x64.exe
Task: {D8C4EB24-562C-452C-BE79-467EDE534720} - System32\Tasks\{0BC5E98B-C7BE-457F-A88E-1CA89570FCFD} => pcalua.exe -a D:\DTAG\Setup.exe -d D:\DTAG
Task: {FE3AF70D-09C3-4FE0-BC8D-7617984B7487} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-06 14:52 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2014-07-08 18:52 - 2013-08-23 12:36 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2009-06-30 21:24 - 2009-06-30 21:24 - 00524128 _____ () C:\Windows\SysWOW64\LcProxy.ax
2014-12-17 15:38 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-17 15:38 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-17 15:38 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-17 15:38 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-17 15:38 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeActiveFileMonitor8.0 => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: AppMgmt => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: CscService => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: LicCtrlService => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: OS Selector => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PCSUService => 2
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: SeaPort => 2
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 3
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 2
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^forteManager.lnk => C:\Windows\pss\forteManager.lnk.CommonStartup
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

========================= Accounts: ==========================

Administrator (S-1-5-21-507852487-1521238306-3764321456-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-507852487-1521238306-3764321456-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-507852487-1521238306-3764321456-1002 - Limited - Enabled)
Janine (S-1-5-21-507852487-1521238306-3764321456-1000 - Administrator - Disabled) => C:\Users\Janine
Nini (S-1-5-21-507852487-1521238306-3764321456-1004 - Administrator - Enabled) => C:\Users\Nini
UpdatusUser (S-1-5-21-507852487-1521238306-3764321456-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/20/2014 11:44:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/20/2014 11:31:33 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (12/20/2014 01:43:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/20/2014 01:43:41 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR2.

Error: (12/20/2014 11:32:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1079

Error: (12/20/2014 11:32:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1079


Microsoft Office Sessions:
=========================
Error: (08/18/2014 06:16:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/18/2014 06:15:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/18/2014 06:14:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/09/2011 08:25:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 971 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (02/09/2011 07:44:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 84016 seconds with 2940 seconds of active time.  This session ended with a crash.

Error: (02/08/2011 08:24:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 789882 seconds with 8100 seconds of active time.  This session ended with a crash.

Error: (02/21/2010 05:15:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 902 seconds with 540 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-12-10 19:19:54.984
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-10 19:19:54.953
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz
Percentage of memory in use: 53%
Total physical RAM: 4094.49 MB
Available physical RAM: 1889.83 MB
Total Pagefile: 10233.69 MB
Available Pagefile: 7967.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.07 GB) (Free:282.22 GB) NTFS
Drive f: (USB DISK) (Removable) (Total:0.24 GB) (Free:0.19 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: DBE50493)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 248 MB) (Disk ID: BBCAABDE)
Partition 1: (Active) - (Size=248 MB) - (Type=06)

==================== End Of Log ============================
         
Danke

Alt 21.12.2014, 07:30   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Standard

Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2



Was besteht jetzt aktuell noch an Problemen mit dem System?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2
adobe, avg, avira, bildschirm, browser, dsl, explorer, frage, google, helper, home, homepage, iexplore.exe, mozilla, problem, programm, registry, rundll, services.exe, software, svchost.exe, system, taskleiste, windows, winlogon.exe



Ähnliche Themen: Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2


  1. Windows 7 schwarzer Bildschirm, keine Taskleiste aber Fenster "Computer" geöffnet
    Plagegeister aller Art und deren Bekämpfung - 27.03.2015 (9)
  2. Windows 7 mit schwarzem Bildschirm ohne Taskleiste
    Log-Analyse und Auswertung - 30.12.2014 (11)
  3. Windows 7 schwarzer Bildschirm, keine Taskleiste aber Fenster "Computer" geöffnet 3
    Plagegeister aller Art und deren Bekämpfung - 23.12.2014 (10)
  4. Windows 7 mit schwarzem Bildschirm ohne Taskleiste
    Plagegeister aller Art und deren Bekämpfung - 07.12.2014 (14)
  5. Windows 7 nach Start nur schwarzer Screen mit Explorer ohne Taskleiste
    Plagegeister aller Art und deren Bekämpfung - 06.12.2014 (3)
  6. Windows 7 - nur Schwarzer Bildschirm, Anmeldung blind möglich aber keine Desktop Symbole oder Taskleiste
    Log-Analyse und Auswertung - 06.11.2014 (15)
  7. Windows 7: Plötzliche Geräusche von Werbung im Hintergrund ohne zugehöriges Programm in der Taskleiste
    Log-Analyse und Auswertung - 02.04.2014 (3)
  8. videos enden bei schwarzem bildschirm ODER abspielen nur sehr stockend
    Alles rund um Windows - 26.01.2014 (14)
  9. 3sek normaler desktop danach weiß ohne symbole und taskleiste windows32
    Plagegeister aller Art und deren Bekämpfung - 09.11.2013 (3)
  10. Windows 8.1 schwarzer Bildschirm ohne Cursor. Startet nur noch im Debug-Modus
    Alles rund um Windows - 25.10.2013 (0)
  11. Windows Vista: Weißer Bildschirm nach Start (ohne Text)! - abgesicherter Modus geht.
    Log-Analyse und Auswertung - 11.05.2013 (22)
  12. 2x Windows Vista: Weißer Bildschirm nach Start (ohne Text, abgesicherter Modus geht)!
    Mülltonne - 04.05.2013 (1)
  13. Weisser Bildschirm ohne Taskleiste, Taskmanager nicht verfuegbar
    Log-Analyse und Auswertung - 27.09.2012 (38)
  14. Windows aus Sicherheitsgründen blockiert mit schwarzem Bildschirm
    Log-Analyse und Auswertung - 07.04.2012 (33)
  15. Windows Fix Disk - Dateien nicht mehr sichtbar! Desktop mit schwarzem Hintergrund!
    Log-Analyse und Auswertung - 30.04.2011 (18)
  16. XP nach Neustart ohne Desktop & Taskleiste
    Plagegeister aller Art und deren Bekämpfung - 29.11.2006 (1)
  17. Adware, schwarzer Bildschirm + keine Taskleiste mehr
    Plagegeister aller Art und deren Bekämpfung - 11.06.2005 (3)

Zum Thema Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 - Hallo liebe Forenmitglieder, ich weiß, das Problem wurde gerade erst besprochen aber da ich leider bei dem Tread nicht direkt Antworten konnte muss ich leider einen Neuen aufmachen. Leider habe - Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2...
Archiv
Du betrachtest: Windows 7 mit schwarzem Bildschirm ohne Taskleiste 2 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.