Unerwünschte Werbeleisten im Chrome Browser, öffnen sich ständig neu beim wechseln der Seite

AnjaM · 10.06.2013, 20:26

Hallo,

Ihr leistet hier eine tolle Arbeit und ich hoffe Ihr könnt auch mir helfen. Ich nutze Windows 7 und gehe über den Chrome Browser ins Internet. Seit einiger Zeit plage ich mich mit nervigen Werbefenstern rum. Auf der linken Seite im Browser (von mir aus gesehen) geht ein längliches Fenster auf in dem steht "Related Searches: gefolgt von einer Aufzählung diverser Links wie z.B. Free Virus &Spyware Scans.
Unten am Bildschirm blendet sich zeitgleich eine Werbeleiste ein und häufig erscheint mitten auf dem Bildschirm (z.B. unter Bildern u Texten) ein kleineres Werbefenster. Alle Fenster können geschlossen werden, sind aber sofort wieder da sobald ich eine Seite wechsel.

Hinzu kommt, das mein PC derzeit jeden Tag ein Windows Update machen möchte. In der Systemsteuerung habe ich unter letztes Update vom 01.06. Windows Visual C+ stehen.
MCAffee findet nichts

.

Viele Grüße sendet Euch
Anja

schrauber · 10.06.2013, 20:34

Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Scan.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

AnjaM · 10.06.2013, 21:10

sorry musste erstmal schauen wie ich mein Name unkenntlich mache.

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-06-2013 03
Ran by XXX (administrator) on 10-06-2013 22:26:44
Running from C:\Users\XXX\Downloads
Windows 7 Home Premium (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\system32\dmwu.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Acer\Mobility Center\MobilityService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Windows\System32\jmdp\stij.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files\McAfee Online Backup\MOBKbackup.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\XXX\Downloads\FRST (3).exe
(Google Inc.) C:\Users\XXX\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [134656 2009-07-27] (Wave Systems Corp.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [515888 2013-02-28] (McAfee, Inc.)
HKLM\...\Run: []  [x]
HKLM\...\Runonce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Windows iLivid Toolbar" [x]
HKLM\...\Runonce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar" [x]
MountPoints2: {11391c0b-a1ca-11e0-9699-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\ubcd\website\index.html
MountPoints2: {138ae9cd-a512-11e0-8554-00040effffff} - F:\preinst.exe
MountPoints2: {2b6fc4cf-42d2-11e1-b066-00040effffff} - I:\preinst.exe
MountPoints2: {544825b7-42df-11e1-a923-00040effffff} - F:\preinst.exe
MountPoints2: {544825c6-42df-11e1-a923-00040effffff} - F:\preinst.exe
MountPoints2: {544825cd-42df-11e1-a923-00040effffff} - F:\preinst.exe
MountPoints2: {f097814e-a321-11e0-b765-806e6f6e6963} - E:\Setup.exe
Lsa: [Authentication Packages] msv1_0 wvauth

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10039&barid={AF2B0B70-BB14-11E2-8E76-001F16F4E175}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search-us.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10039&barid={AF2B0B70-BB14-11E2-8E76-001F16F4E175}
HKLM SearchScopes: DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10039&barid={AF2B0B70-BB14-11E2-8E76-001F16F4E175}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10039&barid={AF2B0B70-BB14-11E2-8E76-001F16F4E175}
HKCU SearchScopes: DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={AF2B0B70-BB14-11E2-8E76-001F16F4E175}&crg=3.1010000.10039&st=23
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://search-us.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&tt=180413_ctrl&babsrc=SP_ss&mntrId=82DD001F16F4E175
SearchScopes: HKCU - {4C6EE3A4-6E8E-4B0F-9CC1-809FD8C6AFBA} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=0F6ED635-FEF9-4CCC-8A84-AE2CF212A93D&apn_sauid=67F8E486-1E56-4765-A02E-BAE8DFCBED21
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={AF2B0B70-BB14-11E2-8E76-001F16F4E175}&crg=3.1010000.10039&st=23
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\XXX\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - Community Smart Bar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\wiwd2hg2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Babylon - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\wiwd2hg2.default\Extensions\ffxtlbr@babylon.com
FF Extension: Complitly - Speed up your search with your personal search suggestions tool - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\wiwd2hg2.default\Extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
FF Extension: No Name - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\wiwd2hg2.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Complitly plugin for chrome) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0
CHR Extension: (SiteAdvisor) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0
CHR Extension: (DealPly) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.5.3.0_0
CHR Extension: (Yontoo) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1
CHR Extension: (Gmail) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1013552 2013-02-27] ()
R2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [95232 2012-12-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [287752 2013-03-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [638976 2013-02-28] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-04-03] (McAfee, Inc.)
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [122880 2009-06-16] (Acer Incorporated)
R2 MOBKbackup; C:\Program Files\McAfee Online Backup\MOBKbackup.exe [229688 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1019904 2009-06-03] (Wave Systems Corp.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] ()

==================== Drivers (Whitelisted) ====================

S3 AVMUNET; C:\Windows\System32\DRIVERS\avmunet.sys [15104 2005-04-18] (AVM GmbH)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147472 2012-05-28] (McAfee, Inc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [66296 2013-04-22] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133992 2013-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [235520 2013-04-03] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [363432 2013-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [566656 2013-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [257496 2013-02-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80592 2013-02-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [212432 2013-04-03] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [54776 2010-04-13] (Mozy, Inc.)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [159776 2009-06-24] (Realtek Semiconductor Corp.)
R2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [200192 2009-07-27] (Wave Systems Corp.)
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [x]
S3 NETFWDSL; system32\DRIVERS\NETFWDSL.SYS [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-10 22:19 - 2013-06-10 22:19 - 01358957 ____A (Farbar) C:\Users\XXX\Downloads\FRST (3).exe
2013-06-10 22:19 - 2013-06-10 22:19 - 01358957 ____A (Farbar) C:\Users\XXX\Downloads\FRST (2).exe
2013-06-10 21:52 - 2013-06-10 21:53 - 01358943 ____A (Farbar) C:\Users\XXX\Downloads\FRST (1).exe
2013-06-10 21:50 - 2013-06-10 22:25 - 00017992 ____A C:\Users\XXX\Downloads\Addition.txt
2013-06-10 21:46 - 2013-06-10 21:46 - 01358943 ____A (Farbar) C:\Users\XXX\Downloads\FRST.exe
2013-06-10 21:46 - 2013-06-10 21:46 - 00000000 ____D C:\FRST
2013-06-10 21:45 - 2013-06-10 21:45 - 00162120 ____A () C:\Users\XXX\Downloads\7ZipSetup (3).exe
2013-06-10 21:39 - 2013-06-10 21:39 - 00162120 ____A () C:\Users\XXX\Downloads\7ZipSetup (2).exe
2013-06-10 21:39 - 2013-06-10 21:39 - 00162120 ____A () C:\Users\XXX\Downloads\7ZipSetup (1).exe
2013-06-10 21:37 - 2013-06-10 21:37 - 00162120 ____A () C:\Users\XXX\Downloads\7ZipSetup.exe
2013-06-10 20:58 - 2013-06-10 20:58 - 00000098 ____A C:\Windows\ZTECDMAInstallInfo.log
2013-06-10 19:22 - 2013-06-10 19:22 - 00000000 ____D C:\Windows\System32\SPReview
2013-06-06 16:42 - 2013-06-06 16:42 - 00000000 ____D C:\Users\XXX\AppData\Roaming\TuneUp Software
2013-06-06 16:40 - 2013-06-06 17:02 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-06 16:40 - 2013-06-06 16:42 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-06 16:36 - 2013-06-06 16:37 - 28211040 ____A (TuneUp Software) C:\Users\XXX\Downloads\TuneUpUtilities2013_de-DE.exe
2013-06-02 22:13 - 2013-06-02 22:18 - 67365038 ____A C:\Users\XXX\Downloads\Anja.m4v (1).zip
2013-06-02 21:50 - 2013-06-02 21:52 - 67365038 ____A C:\Users\XXX\Downloads\Anja.m4v.zip
2013-05-30 19:08 - 2013-05-30 19:08 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Buhl
2013-05-30 18:45 - 2013-05-30 18:45 - 00002045 ____A C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2013.lnk
2013-05-30 18:14 - 2013-05-30 18:28 - 572641008 ____A C:\Users\XXX\Downloads\WISOSteuersoftware2013.exe
2013-05-30 15:35 - 2013-05-30 15:38 - 116601648 ____A C:\Users\XXX\Downloads\WISOSteuer2013Update208285.exe
2013-05-26 19:00 - 2013-05-26 19:03 - 30740950 ____A C:\Users\XXX\Downloads\Bilder Gerd.zip
2013-05-15 00:42 - 2013-05-15 00:42 - 00000000 ____D C:\Users\XXX\AppData\Local\Vast Studios
2013-05-15 00:41 - 2013-05-15 00:41 - 00001487 ____A C:\Users\Public\Desktop\Nightfall Mysteries Der Fluch der Oper.lnk
2013-05-15 00:26 - 2013-05-15 00:32 - 236012624 ____A (INTENIUM GmbH) C:\Users\XXX\Downloads\NightfallMysteriesDerFluchDerOper.exe
2013-05-14 14:31 - 2013-05-14 14:31 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Vast Studios
2013-05-14 14:30 - 2013-05-14 14:30 - 00001583 ____A C:\Users\Public\Desktop\Nightfall Mysteries Die Ashburg-Verschwörung.lnk
2013-05-14 14:15 - 2013-05-14 14:21 - 226481072 ____A (INTENIUM GmbH) C:\Users\XXX\Downloads\NightfallMysteriesDieAshburgVerschwoerung.exe
2013-05-12 17:57 - 2013-05-12 17:57 - 00000000 ____D C:\Users\XXX\AppData\Local\Babylon
2013-05-12 17:56 - 2013-05-12 17:57 - 00812112 ____A (Babylon Ltd.) C:\Users\XXX\Downloads\Babylon10_setup.exe
2013-05-12 17:01 - 2013-05-12 17:01 - 00000000 ____D C:\ProgramData\SweetIM
2013-05-12 17:01 - 2013-05-12 17:01 - 00000000 ____D C:\Program Files\SweetIM
2013-05-12 17:00 - 2013-05-13 17:01 - 00000000 ____D C:\Windows\System32\jmdp
2013-05-12 17:00 - 2013-05-12 17:00 - 00000000 ____D C:\Windows\System32\WNLT
2013-05-12 17:00 - 2013-05-12 17:00 - 00000000 ____D C:\Windows\System32\ARFC
2013-05-12 17:00 - 2013-02-27 13:24 - 01013552 ____A C:\Windows\System32\dmwu.exe
2013-05-12 17:00 - 2013-02-27 13:21 - 00028160 ____A C:\Windows\System32\ImHttpComm.dll
2013-05-12 17:00 - 2011-05-14 01:17 - 00632656 ____A (Microsoft Corporation) C:\Windows\System32\msvcr80.dll
2013-05-12 17:00 - 2011-05-14 01:17 - 00479232 ____A (Microsoft Corporation) C:\Windows\System32\msvcm80.dll
2013-05-12 17:00 - 2011-05-13 16:59 - 00001870 ____A C:\Windows\System32\Microsoft.VC80.CRT.manifest
2013-05-12 16:59 - 2013-05-12 16:59 - 00158168 ____A () C:\Users\XXX\Downloads\CheatEngine62.exe
2013-05-11 00:04 - 2013-04-22 15:46 - 00066296 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\McPvDrv.sys

==================== One Month Modified Files and Folders ========

2013-06-10 22:25 - 2013-06-10 21:50 - 00017992 ____A C:\Users\XXX\Downloads\Addition.txt
2013-06-10 22:20 - 2012-08-22 16:58 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-10 22:19 - 2013-06-10 22:19 - 01358957 ____A (Farbar) C:\Users\XXX\Downloads\FRST (3).exe
2013-06-10 22:19 - 2013-06-10 22:19 - 01358957 ____A (Farbar) C:\Users\XXX\Downloads\FRST (2).exe
2013-06-10 22:06 - 2011-06-28 23:06 - 01883475 ____A C:\Windows\WindowsUpdate.log
2013-06-10 22:05 - 2013-03-05 20:02 - 00000350 ____A C:\Windows\Tasks\HP Photo Creations Communicator.job
2013-06-10 22:05 - 2011-06-30 17:49 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-10 21:53 - 2013-06-10 21:52 - 01358943 ____A (Farbar) C:\Users\XXX\Downloads\FRST (1).exe
2013-06-10 21:46 - 2013-06-10 21:46 - 01358943 ____A (Farbar) C:\Users\XXX\Downloads\FRST.exe
2013-06-10 21:46 - 2013-06-10 21:46 - 00000000 ____D C:\FRST
2013-06-10 21:45 - 2013-06-10 21:45 - 00162120 ____A () C:\Users\XXX\Downloads\7ZipSetup (3).exe
2013-06-10 21:42 - 2009-07-14 06:34 - 00014608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-10 21:42 - 2009-07-14 06:34 - 00014608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-10 21:39 - 2013-06-10 21:39 - 00162120 ____A () C:\Users\XXX\Downloads\7ZipSetup (2).exe
2013-06-10 21:39 - 2013-06-10 21:39 - 00162120 ____A () C:\Users\XXX\Downloads\7ZipSetup (1).exe
2013-06-10 21:37 - 2013-06-10 21:37 - 00162120 ____A () C:\Users\XXX\Downloads\7ZipSetup.exe
2013-06-10 21:35 - 2011-08-20 18:49 - 00001144 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-768512750-2585910193-1057344163-1000UA.job
2013-06-10 21:34 - 2012-12-17 22:42 - 00001848 ____A C:\Users\Public\Desktop\McAfee Total Protection.lnk
2013-06-10 20:58 - 2013-06-10 20:58 - 00000098 ____A C:\Windows\ZTECDMAInstallInfo.log
2013-06-10 20:57 - 2013-04-13 19:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-10 20:52 - 2011-10-29 17:58 - 00000000 ____D C:\Program Files\DEUTSCHLAND SPIELT
2013-06-10 20:49 - 2011-06-30 17:49 - 00000000 ____D C:\Users\XXX\AppData\Local\Google
2013-06-10 20:49 - 2011-06-30 17:49 - 00000000 ____D C:\ProgramData\Google
2013-06-10 20:49 - 2011-06-30 17:49 - 00000000 ____D C:\Program Files\Google
2013-06-10 20:41 - 2012-01-29 21:32 - 00000000 ____D C:\Program Files\Windows iLivid Toolbar
2013-06-10 20:35 - 2011-08-20 18:49 - 00001092 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-768512750-2585910193-1057344163-1000Core.job
2013-06-10 20:05 - 2011-06-30 17:49 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-10 19:31 - 2013-03-05 17:32 - 00000000 ____D C:\Users\XXX\AppData\Roaming\HpUpdate
2013-06-10 19:24 - 2011-06-28 23:54 - 00000000 ____D C:\Users\XXX\AppData\Local\VirtualStore
2013-06-10 19:23 - 2011-06-28 23:42 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-10 19:22 - 2013-06-10 19:22 - 00000000 ____D C:\Windows\System32\SPReview
2013-06-10 19:18 - 2012-12-17 22:41 - 00000000 __RSD C:\Users\XXX\Documents\McAfee-Tresore
2013-06-10 19:16 - 2011-06-29 00:28 - 00000000 ____A C:\Users\XXX\AppData\Local\WavXMapDrive.bat
2013-06-10 19:16 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-10 19:16 - 2009-07-14 06:39 - 00037682 ____A C:\Windows\setupact.log
2013-06-06 19:18 - 2011-07-01 09:16 - 00115140 ____A C:\Windows\PFRO.log
2013-06-06 17:02 - 2013-06-06 16:40 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-06 17:02 - 2011-10-25 18:57 - 00000000 ____D C:\Users\XXX\AppData\Local\Downloaded Installations
2013-06-06 17:02 - 2011-06-29 19:08 - 00000000 ____D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2013-06-06 16:42 - 2013-06-06 16:42 - 00000000 ____D C:\Users\XXX\AppData\Roaming\TuneUp Software
2013-06-06 16:42 - 2013-06-06 16:40 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-06 16:37 - 2013-06-06 16:36 - 28211040 ____A (TuneUp Software) C:\Users\XXX\Downloads\TuneUpUtilities2013_de-DE.exe
2013-06-06 10:36 - 2011-08-20 18:50 - 00002403 ____A C:\Users\XXX\Desktop\Google Chrome.lnk
2013-06-04 18:48 - 2012-12-17 22:41 - 00000000 ____D C:\Program Files\McAfee
2013-06-03 21:24 - 2012-12-17 22:28 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-06-02 22:18 - 2013-06-02 22:13 - 67365038 ____A C:\Users\XXX\Downloads\Anja.m4v (1).zip
2013-06-02 21:52 - 2013-06-02 21:50 - 67365038 ____A C:\Users\XXX\Downloads\Anja.m4v.zip
2013-05-30 19:08 - 2013-05-30 19:08 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Buhl
2013-05-30 19:08 - 2012-03-31 19:20 - 00000000 ____D C:\Users\XXX\Documents\Steuer-Sparbuch
2013-05-30 18:45 - 2013-05-30 18:45 - 00002045 ____A C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2013.lnk
2013-05-30 18:45 - 2012-03-31 19:16 - 00000183 ____A C:\Windows\wiso.ini
2013-05-30 18:45 - 2012-03-31 19:16 - 00000000 ____D C:\Users\XXX\AppData\Local\Buhl
2013-05-30 18:38 - 2012-03-31 19:15 - 00000000 ____D C:\Program Files\WISO
2013-05-30 18:38 - 2011-06-29 00:02 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-05-30 18:28 - 2013-05-30 18:14 - 572641008 ____A C:\Users\XXX\Downloads\WISOSteuersoftware2013.exe
2013-05-30 15:38 - 2013-05-30 15:35 - 116601648 ____A C:\Users\XXX\Downloads\WISOSteuer2013Update208285.exe
2013-05-26 19:03 - 2013-05-26 19:00 - 30740950 ____A C:\Users\XXX\Downloads\Bilder Gerd.zip
2013-05-16 03:06 - 2011-08-29 14:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-16 03:02 - 2012-12-22 04:01 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-15 17:20 - 2012-08-22 16:58 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-05-15 17:20 - 2012-08-22 16:58 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-05-15 00:42 - 2013-05-15 00:42 - 00000000 ____D C:\Users\XXX\AppData\Local\Vast Studios
2013-05-15 00:42 - 2011-10-29 17:59 - 00001093 ____A C:\Users\Public\Desktop\GAME CENTER.lnk
2013-05-15 00:41 - 2013-05-15 00:41 - 00001487 ____A C:\Users\Public\Desktop\Nightfall Mysteries Der Fluch der Oper.lnk
2013-05-15 00:32 - 2013-05-15 00:26 - 236012624 ____A (INTENIUM GmbH) C:\Users\XXX\Downloads\NightfallMysteriesDerFluchDerOper.exe
2013-05-14 14:31 - 2013-05-14 14:31 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Vast Studios
2013-05-14 14:30 - 2013-05-14 14:30 - 00001583 ____A C:\Users\Public\Desktop\Nightfall Mysteries Die Ashburg-Verschwörung.lnk
2013-05-14 14:21 - 2013-05-14 14:15 - 226481072 ____A (INTENIUM GmbH) C:\Users\XXX\Downloads\NightfallMysteriesDieAshburgVerschwoerung.exe
2013-05-13 17:01 - 2013-05-12 17:00 - 00000000 ____D C:\Windows\System32\jmdp
2013-05-12 17:57 - 2013-05-12 17:57 - 00000000 ____D C:\Users\XXX\AppData\Local\Babylon
2013-05-12 17:57 - 2013-05-12 17:56 - 00812112 ____A (Babylon Ltd.) C:\Users\XXX\Downloads\Babylon10_setup.exe
2013-05-12 17:01 - 2013-05-12 17:01 - 00000000 ____D C:\ProgramData\SweetIM
2013-05-12 17:01 - 2013-05-12 17:01 - 00000000 ____D C:\Program Files\SweetIM
2013-05-12 17:00 - 2013-05-12 17:00 - 00000000 ____D C:\Windows\System32\WNLT
2013-05-12 17:00 - 2013-05-12 17:00 - 00000000 ____D C:\Windows\System32\ARFC
2013-05-12 16:59 - 2013-05-12 16:59 - 00158168 ____A () C:\Users\XXX\Downloads\CheatEngine62.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-12-12 16:34] - [2012-09-06 18:48] - 0245616 ____A (Microsoft Corporation) 59F06B4968E58BC83DFC56CA4517960E



LastRegBack: 2013-06-05 17:32

==================== End Of Log ============================

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-06-2013 03
Ran by XXX at 2013-06-10 22:27:42 Run:
Running from C:\Users\XXX\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Acer Mobility Center Plug-In (Version: 3.0.3002)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.02) - Deutsch (Version: 11.0.02)
Amazon MP3-Downloader 1.0.9
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.829.0)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.9.0.0)
Bonjour (Version: 3.0.0.10)
Bundled software uninstaller
Canon Utilities CameraWindow DC 8 (Version: 8.9.0.4)
Canon Utilities ImageBrowser EX (Version: 1.2.1.13)
Complitly
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DEUTSCHLAND SPIELT GAME CENTER (Version: 1.0.0.47)
DHTML Editing Component (Version: 6.02.0001)
Document Manager Lite (Version: 06.09.00.121)
Dr. House (Version: 1.0.0.0)
ElsterFormular (Version: 13.1.1.8531p)
EMBASSY Security Center Lite (Version: 03.09.00.091)
Embassy Trust Suite - Acer Edition (Version: 07.03.00.010)
Geheimnis von Montezuma 3 (Version: 1.0.0.0)
Google Chrome (Version: 27.0.1453.110)
Google Earth Plug-in (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.145)
HP Photo Creations (Version: 1.0.0.11182)
HP Photosmart 5510d series - Grundlegende Software für das Gerät (Version: 25.0.607.0)
HP Photosmart 5510d series Hilfe (Version: 140.0.2.2)
HP Update (Version: 5.003.000.004)
iCloud (Version: 2.1.1.3)
Internet Explorer Toolbar 4.8 by SweetPacks (Version: 4.8.0000)
iTunes (Version: 11.0.1.12)
Jewel Quest Mysteries: The Seventh Gate (Version: 1.0.0.0)
McAfee Online Backup
McAfee Online Backup (Version: 1.16.4.0)
McAfee Total Protection (Version: 12.1.338)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyTomTom 3.2.0.802 (Version: 3.2.0.802)
Nightfall Mysteries: Der Fluch der Oper (Version: 1.0.0.0)
Nightfall Mysteries: Die Ashburg-Verschwörung (Version: 1.0.0.0)
NTRU TCG Software Stack (Version: 2.1.29)
NVIDIA Drivers (Version: 1.5)
PC-Gehalt 2011 (Version: 1.00.0000)
QuickTime (Version: 7.73.80.64)
Realtek High Definition Audio Driver (Version: 6.0.1.5888)
Safari (Version: 5.34.57.2)
Shared C Run-time for x86 (Version: 10.0.0)
Studie zur Verbesserung von HP Photosmart 5510d series Produkten (Version: 25.0.607.0)
sv.net (Version: 12.0)
SweetIM Bundle by SweetPacks (Version: 1.0.0.0)
SweetIM for Messenger 3.7 (Version: 3.7.0007)
SweetPacks Updater (Version: 4.0.0.6)
Terrafarmers (Version: 1.0.0.0)
T-Online 6.0
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
upekmsi (Version: 03.00.00.0000)
Upgrade Kit (Version: 1.00.3002)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VLC media player 2.0.6 (Version: 2.0.6)
Wave Infrastructure Installer (Version: 07.00.21.0000)
Wave Support Software (Version: 05.10.00.046)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
WISO Steuer-Sparbuch 2012 (Version: 19.00.7303)
WISO Steuer-Sparbuch 2013 (Version: 20.07.8283)

==================== Restore Points  =========================

07-06-2013 12:52:07 Windows 7 Service Pack 1
07-06-2013 21:10:42 Windows Update
08-06-2013 13:46:19 Windows Update
10-06-2013 17:20:10 Windows Update
10-06-2013 18:42:09 TuneUp Utilities 2013 wird entfernt
10-06-2013 18:43:48 TuneUp Utilities Language Pack (de-DE) wird entfernt
10-06-2013 18:50:53 Removed Java 7 Update 15
10-06-2013 18:53:33 Removed Java(TM) 6 Update 31
10-06-2013 18:59:13 JavaFX 2.1.1 wird entfernt

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2013 10:26:31 PM) (Source: Application Hang) (User: )
Description: Programm notepad.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 438

Startzeit: 01ce6618a55b08d0

Endzeit: 23

Anwendungspfad: C:\Windows\system32\notepad.exe

Berichts-ID: 000fe391-d20c-11e2-b458-001f16f4e175

Error: (06/10/2013 07:18:54 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {fcd229ff-d387-4ef6-9eb8-ea7a3cfa8ad1}

Error: (06/09/2013 10:06:02 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {6ef2e312-1d17-4c11-97ac-8651bf773016}

Error: (06/08/2013 10:28:20 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {615d9f26-a071-46d3-971d-37ffde23fcd2}

Error: (06/07/2013 02:47:51 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {895d85d1-13f5-47d7-af46-34cc91379226}

Error: (06/06/2013 10:05:48 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StartUpManager.exe, Version: 13.0.3020.2, Zeitstempel: 0x51067a2a
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.17206, Zeitstempel: 0x50e65f4f
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000969b
ID des fehlerhaften Prozesses: 0x1210
Startzeit der fehlerhaften Anwendung: 0xStartUpManager.exe0
Pfad der fehlerhaften Anwendung: StartUpManager.exe1
Pfad des fehlerhaften Moduls: StartUpManager.exe2
Berichtskennung: StartUpManager.exe3

Error: (06/06/2013 07:20:58 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a26affd7-094f-413c-b735-f9c908c149f9}

Error: (06/06/2013 07:18:53 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (06/06/2013 10:13:07 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {59a09f04-2560-4551-858d-a8de64f5acda}

Error: (06/06/2013 10:11:03 AM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM


System errors:
=============
Error: (06/10/2013 09:31:53 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (06/10/2013 07:31:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Windows 7 Service Pack 1 (KB976932)

Error: (06/10/2013 07:16:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (06/10/2013 07:16:32 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?09.?06.?2013 um 23:49:39 unerwartet heruntergefahren.

Error: (06/09/2013 10:03:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (06/08/2013 03:54:40 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst mfecore erreicht.

Error: (06/08/2013 03:54:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Windows 7 Service Pack 1 (KB976932)

Error: (06/08/2013 03:46:03 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (06/08/2013 10:25:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (06/07/2013 11:21:01 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst mfecore erreicht.


Microsoft Office Sessions:
=========================
Error: (06/10/2013 10:26:31 PM) (Source: Application Hang)(User: )
Description: notepad.exe6.1.7600.1638543801ce6618a55b08d023C:\Windows\system32\notepad.exe000fe391-d20c-11e2-b458-001f16f4e175

Error: (06/10/2013 07:18:54 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {fcd229ff-d387-4ef6-9eb8-ea7a3cfa8ad1}

Error: (06/09/2013 10:06:02 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {6ef2e312-1d17-4c11-97ac-8651bf773016}

Error: (06/08/2013 10:28:20 AM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {615d9f26-a071-46d3-971d-37ffde23fcd2}

Error: (06/07/2013 02:47:51 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {895d85d1-13f5-47d7-af46-34cc91379226}

Error: (06/06/2013 10:05:48 PM) (Source: Application Error)(User: )
Description: StartUpManager.exe13.0.3020.251067a2aKERNELBASE.dll6.1.7600.1720650e65f4f0eedfade0000969b121001ce62f0fa444bc0C:\Program Files\TuneUp Utilities 2013\StartUpManager.exeC:\Windows\system32\KERNELBASE.dll7a54e6d0-cee4-11e2-b27a-001f16f4e175

Error: (06/06/2013 07:20:58 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a26affd7-094f-413c-b735-f9c908c149f9}

Error: (06/06/2013 07:18:53 PM) (Source: Wave TCG Client Services)(User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (06/06/2013 10:13:07 AM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {59a09f04-2560-4551-858d-a8de64f5acda}

Error: (06/06/2013 10:11:03 AM) (Source: Wave TCG Client Services)(User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM


==================== Memory info =========================== 

Percentage of memory in use: 73%
Total physical RAM: 3070.55 MB
Available physical RAM: 808.07 MB
Total Pagefile: 6141.1 MB
Available Pagefile: 2732.24 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.77 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:290.08 GB) (Free:144.08 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:290.09 GB) (Free:285.17 GB) NTFS
Drive e: (HP PS5510d) (CDROM) (Total:0.25 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: EC96BE3F)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=290 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=290 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 11.06.2013, 06:46

Hi,

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST Log bitte.

AnjaM · 11.06.2013, 21:23

Code:

ATTFilter

# AdwCleaner v2.303 - Datei am 11/06/2013 um 22:13:56 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium  (32 bits)
# Benutzer : AnjaM - AnjaM-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\AnjaM\Downloads\adwcleaner (1).exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Windows\system32\dmwu.exe
Datei Gelöscht : C:\Windows\system32\ImhxxpComm.dll
Gelöscht mit Neustart : C:\Users\AnjaM\AppData\Roaming\Mozilla\Firefox\Profiles\wiwd2hg2.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]

Datei : C:\Users\AnjaM\AppData\Roaming\Mozilla\Firefox\Profiles\wiwd2hg2.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\AnjaM\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.38] : keyword = "babylon.com",
Gelöscht [l.42] : search_url = "hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&tt=180413_ctrl&babsr[...]

*************************

AdwCleaner[R1].txt - [28944 octets] - [10/06/2013 23:55:12]
AdwCleaner[R2].txt - [1582 octets] - [11/06/2013 22:13:13]
AdwCleaner[S1].txt - [28711 octets] - [10/06/2013 23:55:41]
AdwCleaner[S2].txt - [1493 octets] - [11/06/2013 22:13:56]

########## EOF - C:\AdwCleaner[S2].txt - [1553 octets] ##########

Die Werbefenster sind weg,...freu

Code:

ATTFilter

Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x86
Ran by AnjaM on 11.06.2013 at 22:25:44,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\linkurysmartbar.bandobjectattribute 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4C6EE3A4-6E8E-4B0F-9CC1-809FD8C6AFBA}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Anja Marten\appdata\locallow\datamngr"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.06.2013 at 22:28:45,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-06-2013
Ran by AnjaM (administrator) on 11-06-2013 22:32:15
Running from C:\Users\AnjaM\Downloads
Windows 7 Home Premium (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Acer Incorporated) C:\Acer\Mobility Center\MobilityService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files\McAfee Online Backup\MOBKbackup.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\AnjaM\Downloads\FRST (4).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [134656 2009-07-27] (Wave Systems Corp.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [515888 2013-02-28] (McAfee, Inc.)
HKLM\...\Run: []  [x]
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {11391c0b-a1ca-11e0-9699-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\ubcd\website\index.html
MountPoints2: {138ae9cd-a512-11e0-8554-00040effffff} - F:\preinst.exe
MountPoints2: {2b6fc4cf-42d2-11e1-b066-00040effffff} - I:\preinst.exe
MountPoints2: {544825b7-42df-11e1-a923-00040effffff} - F:\preinst.exe
MountPoints2: {544825c6-42df-11e1-a923-00040effffff} - F:\preinst.exe
MountPoints2: {544825cd-42df-11e1-a923-00040effffff} - F:\preinst.exe
MountPoints2: {f097814e-a321-11e0-b765-806e6f6e6963} - E:\Setup.exe
Lsa: [Authentication Packages] msv1_0 wvauth

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\AnjaM\AppData\Roaming\Mozilla\Firefox\Profiles\wiwd2hg2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\AnjaM\AppData\Roaming\Mozilla\Firefox\Profiles\wiwd2hg2.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Chrome: 
=======
CHR DefaultSearchURL: (Delta Search) - hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&tt=180413_ctrl&babsrc=SP_ss&mntrId=82DD001F16F4E175
CHR DefaultSuggestURL: (Delta Search) -       "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\AnjaM\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Google Docs) - C:\Users\AnjaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\AnjaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\AnjaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\AnjaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (SiteAdvisor) - C:\Users\AnjaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0
CHR Extension: (Gmail) - C:\Users\AnjaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [95232 2012-12-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [287752 2013-03-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [638976 2013-02-28] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-04-03] (McAfee, Inc.)
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [122880 2009-06-16] (Acer Incorporated)
R2 MOBKbackup; C:\Program Files\McAfee Online Backup\MOBKbackup.exe [229688 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [184728 2013-03-05] (McAfee, Inc.)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1019904 2009-06-03] (Wave Systems Corp.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] ()

==================== Drivers (Whitelisted) ====================

S3 AVMUNET; C:\Windows\System32\DRIVERS\avmunet.sys [15104 2005-04-18] (AVM GmbH)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147472 2012-05-28] (McAfee, Inc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [66296 2013-04-22] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133992 2013-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [235520 2013-04-03] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [363432 2013-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [566656 2013-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [257496 2013-02-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80592 2013-02-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [212432 2013-04-03] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [54776 2010-04-13] (Mozy, Inc.)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [159776 2009-06-24] (Realtek Semiconductor Corp.)
R2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [200192 2009-07-27] (Wave Systems Corp.)
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [x]
S3 NETFWDSL; system32\DRIVERS\NETFWDSL.SYS [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-11 22:31 - 2013-06-11 22:31 - 01359167 ____A (Farbar) C:\Users\AnjaM\Downloads\FRST (4).exe
2013-06-11 22:28 - 2013-06-11 22:28 - 00001119 ____A C:\Users\AnjaM\Desktop\JRT.txt
2013-06-11 22:25 - 2013-06-11 22:25 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\AnjaM\Downloads\JRT.exe
2013-06-11 22:25 - 2013-06-11 22:25 - 00000000 ____D C:\Windows\ERUNT
2013-06-11 22:25 - 2013-06-11 22:25 - 00000000 ____D C:\JRT
2013-06-11 22:13 - 2013-06-11 22:14 - 00001622 ____A C:\AdwCleaner[S2].txt
2013-06-11 22:13 - 2013-06-11 22:13 - 00001582 ____A C:\AdwCleaner[R2].txt
2013-06-11 22:12 - 2013-06-11 22:12 - 00648201 ____A C:\Users\AnjaM\Downloads\adwcleaner (1).exe
2013-06-11 22:12 - 2013-06-11 22:12 - 00588992 ____A C:\Users\AnjaM\Downloads\Zipper.exe
2013-06-11 02:19 - 2013-06-11 02:19 - 00000000 ____D C:\Windows\System32\SPReview
2013-06-10 23:56 - 2013-06-11 22:14 - 00000470 ____A C:\Windows\DeleteOnReboot.bat
2013-06-10 23:55 - 2013-06-10 23:57 - 00028711 ____A C:\AdwCleaner[S1].txt
2013-06-10 23:55 - 2013-06-10 23:55 - 00028944 ____A C:\AdwCleaner[R1].txt
2013-06-10 23:54 - 2013-06-10 23:54 - 00648201 ____A C:\Users\AnjaM\Downloads\adwcleaner.exe
2013-06-10 22:19 - 2013-06-10 22:19 - 01358957 ____A (Farbar) C:\Users\AnjaM\Downloads\FRST (3).exe
2013-06-10 22:19 - 2013-06-10 22:19 - 01358957 ____A (Farbar) C:\Users\AnjaM\Downloads\FRST (2).exe
2013-06-10 21:52 - 2013-06-10 21:53 - 01358943 ____A (Farbar) C:\Users\AnjaM\Downloads\FRST (1).exe
2013-06-10 21:50 - 2013-06-10 22:27 - 00017809 ____A C:\Users\AnjaM\Downloads\Addition.txt
2013-06-10 21:46 - 2013-06-10 21:46 - 01358943 ____A (Farbar) C:\Users\AnjaM\Downloads\FRST.exe
2013-06-10 21:46 - 2013-06-10 21:46 - 00000000 ____D C:\FRST
2013-06-10 21:45 - 2013-06-10 21:45 - 00162120 ____A () C:\Users\AnjaM\Downloads\7ZipSetup (3).exe
2013-06-10 21:39 - 2013-06-10 21:39 - 00162120 ____A () C:\Users\AnjaM\Downloads\7ZipSetup (2).exe
2013-06-10 21:39 - 2013-06-10 21:39 - 00162120 ____A () C:\Users\AnjaM\Downloads\7ZipSetup (1).exe
2013-06-10 21:37 - 2013-06-10 21:37 - 00162120 ____A () C:\Users\AnjaM\Downloads\7ZipSetup.exe
2013-06-10 20:58 - 2013-06-10 20:58 - 00000098 ____A C:\Windows\ZTECDMAInstallInfo.log
2013-06-06 16:42 - 2013-06-06 16:42 - 00000000 ____D C:\Users\AnjaM\AppData\Roaming\TuneUp Software
2013-06-06 16:40 - 2013-06-06 17:02 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-06 16:40 - 2013-06-06 16:42 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-06 16:36 - 2013-06-06 16:37 - 28211040 ____A (TuneUp Software) C:\Users\AnjaM\Downloads\TuneUpUtilities2013_de-DE.exe
2013-06-02 22:13 - 2013-06-02 22:18 - 67365038 ____A C:\Users\AnjaM\Downloads\Anja.m4v (1).zip
2013-06-02 21:50 - 2013-06-02 21:52 - 67365038 ____A C:\Users\AnjaM\Downloads\Anja.m4v.zip
2013-05-30 19:08 - 2013-05-30 19:08 - 00000000 ____D C:\Users\AnjaM\AppData\Roaming\Buhl
2013-05-30 18:45 - 2013-05-30 18:45 - 00002045 ____A C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2013.lnk
2013-05-30 18:14 - 2013-05-30 18:28 - 572641008 ____A C:\Users\AnjaM\Downloads\WISOSteuersoftware2013.exe
2013-05-30 15:35 - 2013-05-30 15:38 - 116601648 ____A C:\Users\AnjaM\Downloads\WISOSteuer2013Update208285.exe
2013-05-26 19:00 - 2013-05-26 19:03 - 30740950 ____A C:\Users\AnjaM\Downloads\Bilder Gerd.zip
2013-05-15 00:42 - 2013-05-15 00:42 - 00000000 ____D C:\Users\AnjaM\AppData\Local\Vast Studios
2013-05-15 00:41 - 2013-05-15 00:41 - 00001487 ____A C:\Users\Public\Desktop\Nightfall Mysteries Der Fluch der Oper.lnk
2013-05-15 00:26 - 2013-05-15 00:32 - 236012624 ____A (INTENIUM GmbH) C:\Users\AnjaM\Downloads\NightfallMysteriesDerFluchDerOper.exe
2013-05-14 14:31 - 2013-05-14 14:31 - 00000000 ____D C:\Users\AnjaM\AppData\Roaming\Vast Studios
2013-05-14 14:30 - 2013-05-14 14:30 - 00001583 ____A C:\Users\Public\Desktop\Nightfall Mysteries Die Ashburg-Verschwörung.lnk
2013-05-14 14:15 - 2013-05-14 14:21 - 226481072 ____A (INTENIUM GmbH) C:\Users\AnjaM\Downloads\NightfallMysteriesDieAshburgVerschwoerung.exe
2013-05-12 17:56 - 2013-05-12 17:57 - 00812112 ____A (Babylon Ltd.) C:\Users\AnjaM\Downloads\Babylon10_setup.exe
2013-05-12 17:00 - 2013-05-13 17:01 - 00000000 ____D C:\Windows\System32\jmdp
2013-05-12 17:00 - 2013-05-12 17:00 - 00000000 ____D C:\Windows\System32\ARFC
2013-05-12 17:00 - 2011-05-14 01:17 - 00632656 ____A (Microsoft Corporation) C:\Windows\System32\msvcr80.dll
2013-05-12 17:00 - 2011-05-14 01:17 - 00479232 ____A (Microsoft Corporation) C:\Windows\System32\msvcm80.dll
2013-05-12 17:00 - 2011-05-13 16:59 - 00001870 ____A C:\Windows\System32\Microsoft.VC80.CRT.manifest
2013-05-12 16:59 - 2013-05-12 16:59 - 00158168 ____A () C:\Users\AnjaM\Downloads\CheatEngine62.exe

==================== One Month Modified Files and Folders ========

2013-06-11 22:31 - 2013-06-11 22:31 - 01359167 ____A (Farbar) C:\Users\AnjaM\Downloads\FRST (4).exe
2013-06-11 22:28 - 2013-06-11 22:28 - 00001119 ____A C:\Users\AnjaM\Desktop\JRT.txt
2013-06-11 22:25 - 2013-06-11 22:25 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\AnjaM\Downloads\JRT.exe
2013-06-11 22:25 - 2013-06-11 22:25 - 00000000 ____D C:\Windows\ERUNT
2013-06-11 22:25 - 2013-06-11 22:25 - 00000000 ____D C:\JRT
2013-06-11 22:25 - 2009-07-14 06:34 - 00014608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-11 22:25 - 2009-07-14 06:34 - 00014608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-11 22:23 - 2011-06-28 23:42 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-11 22:22 - 2012-12-17 22:42 - 00001848 ____A C:\Users\Public\Desktop\McAfee Total Protection.lnk
2013-06-11 22:20 - 2012-12-17 22:41 - 00000000 __RSD C:\Users\AnjaM\Documents\McAfee-Tresore
2013-06-11 22:20 - 2012-08-22 16:58 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-11 22:17 - 2011-06-30 17:49 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-11 22:17 - 2011-06-29 00:28 - 00000000 ____A C:\Users\AnjaM\AppData\Local\WavXMapDrive.bat
2013-06-11 22:17 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-11 22:17 - 2009-07-14 06:39 - 00037850 ____A C:\Windows\setupact.log
2013-06-11 22:16 - 2011-06-28 23:06 - 01461564 ____A C:\Windows\WindowsUpdate.log
2013-06-11 22:14 - 2013-06-11 22:13 - 00001622 ____A C:\AdwCleaner[S2].txt
2013-06-11 22:14 - 2013-06-10 23:56 - 00000470 ____A C:\Windows\DeleteOnReboot.bat
2013-06-11 22:13 - 2013-06-11 22:13 - 00001582 ____A C:\AdwCleaner[R2].txt
2013-06-11 22:12 - 2013-06-11 22:12 - 00648201 ____A C:\Users\AnjaM\Downloads\adwcleaner (1).exe
2013-06-11 22:12 - 2013-06-11 22:12 - 00588992 ____A C:\Users\AnjaM\Downloads\Zipper.exe
2013-06-11 22:05 - 2013-03-05 20:02 - 00000350 ____A C:\Windows\Tasks\HP Photo Creations Communicator.job
2013-06-11 22:05 - 2011-06-30 17:49 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-11 21:35 - 2011-08-20 18:49 - 00001144 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-768512750-2585910193-1057344163-1000UA.job
2013-06-11 02:19 - 2013-06-11 02:19 - 00000000 ____D C:\Windows\System32\SPReview
2013-06-10 23:59 - 2011-07-01 09:16 - 00120494 ____A C:\Windows\PFRO.log
2013-06-10 23:59 - 2011-06-30 17:49 - 00000000 ____D C:\Program Files\Google
2013-06-10 23:57 - 2013-06-10 23:55 - 00028711 ____A C:\AdwCleaner[S1].txt
2013-06-10 23:55 - 2013-06-10 23:55 - 00028944 ____A C:\AdwCleaner[R1].txt
2013-06-10 23:54 - 2013-06-10 23:54 - 00648201 ____A C:\Users\AnjaM\Downloads\adwcleaner.exe
2013-06-10 22:27 - 2013-06-10 21:50 - 00017809 ____A C:\Users\AnjaM\Downloads\Addition.txt
2013-06-10 22:19 - 2013-06-10 22:19 - 01358957 ____A (Farbar) C:\Users\AnjaM\Downloads\FRST (3).exe
2013-06-10 22:19 - 2013-06-10 22:19 - 01358957 ____A (Farbar) C:\Users\AnjaM\Downloads\FRST (2).exe
2013-06-10 21:53 - 2013-06-10 21:52 - 01358943 ____A (Farbar) C:\Users\AnjaM\Downloads\FRST (1).exe
2013-06-10 21:46 - 2013-06-10 21:46 - 01358943 ____A (Farbar) C:\Users\AnjaM\Downloads\FRST.exe
2013-06-10 21:46 - 2013-06-10 21:46 - 00000000 ____D C:\FRST
2013-06-10 21:45 - 2013-06-10 21:45 - 00162120 ____A () C:\Users\AnjaM\Downloads\7ZipSetup (3).exe
2013-06-10 21:39 - 2013-06-10 21:39 - 00162120 ____A () C:\Users\AnjaM\Downloads\7ZipSetup (2).exe
2013-06-10 21:39 - 2013-06-10 21:39 - 00162120 ____A () C:\Users\AnjaM\Downloads\7ZipSetup (1).exe
2013-06-10 21:37 - 2013-06-10 21:37 - 00162120 ____A () C:\Users\AnjaM\Downloads\7ZipSetup.exe
2013-06-10 20:58 - 2013-06-10 20:58 - 00000098 ____A C:\Windows\ZTECDMAInstallInfo.log
2013-06-10 20:57 - 2013-04-13 19:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-10 20:52 - 2011-10-29 17:58 - 00000000 ____D C:\Program Files\DEUTSCHLAND SPIELT
2013-06-10 20:49 - 2011-06-30 17:49 - 00000000 ____D C:\Users\AnjaM\AppData\Local\Google
2013-06-10 20:49 - 2011-06-30 17:49 - 00000000 ____D C:\ProgramData\Google
2013-06-10 20:35 - 2011-08-20 18:49 - 00001092 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-768512750-2585910193-1057344163-1000Core.job
2013-06-10 19:31 - 2013-03-05 17:32 - 00000000 ____D C:\Users\AnjaM\AppData\Roaming\HpUpdate
2013-06-10 19:24 - 2011-06-28 23:54 - 00000000 ____D C:\Users\AnjaM\AppData\Local\VirtualStore
2013-06-06 17:02 - 2013-06-06 16:40 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-06 17:02 - 2011-10-25 18:57 - 00000000 ____D C:\Users\AnjaM\AppData\Local\Downloaded Installations
2013-06-06 17:02 - 2011-06-29 19:08 - 00000000 ____D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2013-06-06 16:42 - 2013-06-06 16:42 - 00000000 ____D C:\Users\AnjaM\AppData\Roaming\TuneUp Software
2013-06-06 16:42 - 2013-06-06 16:40 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-06 16:37 - 2013-06-06 16:36 - 28211040 ____A (TuneUp Software) C:\Users\AnjaM\Downloads\TuneUpUtilities2013_de-DE.exe
2013-06-06 10:36 - 2011-08-20 18:50 - 00002403 ____A C:\Users\AnjaM\Desktop\Google Chrome.lnk
2013-06-04 18:48 - 2012-12-17 22:41 - 00000000 ____D C:\Program Files\McAfee
2013-06-03 21:24 - 2012-12-17 22:28 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-06-02 22:18 - 2013-06-02 22:13 - 67365038 ____A C:\Users\AnjaM\Downloads\Anja.m4v (1).zip
2013-06-02 21:52 - 2013-06-02 21:50 - 67365038 ____A C:\Users\AnjaM\Downloads\Anja.m4v.zip
2013-05-30 19:08 - 2013-05-30 19:08 - 00000000 ____D C:\Users\AnjaM\AppData\Roaming\Buhl
2013-05-30 19:08 - 2012-03-31 19:20 - 00000000 ____D C:\Users\AnjaM\Documents\Steuer-Sparbuch
2013-05-30 18:45 - 2013-05-30 18:45 - 00002045 ____A C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2013.lnk
2013-05-30 18:45 - 2012-03-31 19:16 - 00000183 ____A C:\Windows\wiso.ini
2013-05-30 18:45 - 2012-03-31 19:16 - 00000000 ____D C:\Users\AnjaM\AppData\Local\Buhl
2013-05-30 18:38 - 2012-03-31 19:15 - 00000000 ____D C:\Program Files\WISO
2013-05-30 18:38 - 2011-06-29 00:02 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-05-30 18:28 - 2013-05-30 18:14 - 572641008 ____A C:\Users\AnjaM\Downloads\WISOSteuersoftware2013.exe
2013-05-30 15:38 - 2013-05-30 15:35 - 116601648 ____A C:\Users\AnjaM\Downloads\WISOSteuer2013Update208285.exe
2013-05-26 19:03 - 2013-05-26 19:00 - 30740950 ____A C:\Users\AnjaM\Downloads\Bilder Gerd.zip
2013-05-16 03:06 - 2011-08-29 14:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-16 03:02 - 2012-12-22 04:01 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-15 17:20 - 2012-08-22 16:58 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-05-15 17:20 - 2012-08-22 16:58 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-05-15 00:42 - 2013-05-15 00:42 - 00000000 ____D C:\Users\AnjaM\AppData\Local\Vast Studios
2013-05-15 00:42 - 2011-10-29 17:59 - 00001093 ____A C:\Users\Public\Desktop\GAME CENTER.lnk
2013-05-15 00:41 - 2013-05-15 00:41 - 00001487 ____A C:\Users\Public\Desktop\Nightfall Mysteries Der Fluch der Oper.lnk
2013-05-15 00:32 - 2013-05-15 00:26 - 236012624 ____A (INTENIUM GmbH) C:\Users\AnjaM\Downloads\NightfallMysteriesDerFluchDerOper.exe
2013-05-14 14:31 - 2013-05-14 14:31 - 00000000 ____D C:\Users\AnjaM\AppData\Roaming\Vast Studios
2013-05-14 14:30 - 2013-05-14 14:30 - 00001583 ____A C:\Users\Public\Desktop\Nightfall Mysteries Die Ashburg-Verschwörung.lnk
2013-05-14 14:21 - 2013-05-14 14:15 - 226481072 ____A (INTENIUM GmbH) C:\Users\AnjaM\Downloads\NightfallMysteriesDieAshburgVerschwoerung.exe
2013-05-13 17:01 - 2013-05-12 17:00 - 00000000 ____D C:\Windows\System32\jmdp
2013-05-12 17:57 - 2013-05-12 17:56 - 00812112 ____A (Babylon Ltd.) C:\Users\AnjaM\Downloads\Babylon10_setup.exe
2013-05-12 17:00 - 2013-05-12 17:00 - 00000000 ____D C:\Windows\System32\ARFC
2013-05-12 16:59 - 2013-05-12 16:59 - 00158168 ____A () C:\Users\AnjaM\Downloads\CheatEngine62.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-12-12 16:34] - [2012-09-06 18:48] - 0245616 ____A (Microsoft Corporation) 59F06B4968E58BC83DFC56CA4517960E



LastRegBack: 2013-06-05 17:32

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-06-2013
Ran by AnjaM at 2013-06-11 22:33:19 Run:
Running from C:\Users\AnjaM\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Acer Mobility Center Plug-In (Version: 3.0.3002)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.02) - Deutsch (Version: 11.0.02)
Amazon MP3-Downloader 1.0.9
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.829.0)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.9.0.0)
Bonjour (Version: 3.0.0.10)
Canon Utilities CameraWindow DC 8 (Version: 8.9.0.4)
Canon Utilities ImageBrowser EX (Version: 1.2.1.13)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DEUTSCHLAND SPIELT GAME CENTER (Version: 1.0.0.47)
DHTML Editing Component (Version: 6.02.0001)
Document Manager Lite (Version: 06.09.00.121)
Dr. House (Version: 1.0.0.0)
ElsterFormular (Version: 13.1.1.8531p)
EMBASSY Security Center Lite (Version: 03.09.00.091)
Embassy Trust Suite - Acer Edition (Version: 07.03.00.010)
Geheimnis von Montezuma 3 (Version: 1.0.0.0)
Google Chrome (Version: 27.0.1453.110)
Google Earth Plug-in (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.145)
HP Photo Creations (Version: 1.0.0.11182)
HP Photosmart 5510d series - Grundlegende Software für das Gerät (Version: 25.0.607.0)
HP Photosmart 5510d series Hilfe (Version: 140.0.2.2)
HP Update (Version: 5.003.000.004)
iCloud (Version: 2.1.1.3)
iTunes (Version: 11.0.1.12)
Jewel Quest Mysteries: The Seventh Gate (Version: 1.0.0.0)
McAfee Online Backup
McAfee Online Backup (Version: 1.16.4.0)
McAfee Total Protection (Version: 12.1.338)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyTomTom 3.2.0.802 (Version: 3.2.0.802)
Nightfall Mysteries: Der Fluch der Oper (Version: 1.0.0.0)
Nightfall Mysteries: Die Ashburg-Verschwörung (Version: 1.0.0.0)
NTRU TCG Software Stack (Version: 2.1.29)
NVIDIA Drivers (Version: 1.5)
PC-Gehalt 2011 (Version: 1.00.0000)
QuickTime (Version: 7.73.80.64)
Realtek High Definition Audio Driver (Version: 6.0.1.5888)
Safari (Version: 5.34.57.2)
Shared C Run-time for x86 (Version: 10.0.0)
Studie zur Verbesserung von HP Photosmart 5510d series Produkten (Version: 25.0.607.0)
sv.net (Version: 12.0)
Terrafarmers (Version: 1.0.0.0)
T-Online 6.0
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
upekmsi (Version: 03.00.00.0000)
Upgrade Kit (Version: 1.00.3002)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VLC media player 2.0.6 (Version: 2.0.6)
Wave Infrastructure Installer (Version: 07.00.21.0000)
Wave Support Software (Version: 05.10.00.046)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
WISO Steuer-Sparbuch 2012 (Version: 19.00.7303)
WISO Steuer-Sparbuch 2013 (Version: 20.07.8283)

==================== Restore Points  =========================

07-06-2013 12:52:07 Windows 7 Service Pack 1
07-06-2013 21:10:42 Windows Update
08-06-2013 13:46:19 Windows Update
10-06-2013 17:20:10 Windows Update
10-06-2013 18:42:09 TuneUp Utilities 2013 wird entfernt
10-06-2013 18:43:48 TuneUp Utilities Language Pack (de-DE) wird entfernt
10-06-2013 18:50:53 Removed Java 7 Update 15
10-06-2013 18:53:33 Removed Java(TM) 6 Update 31
10-06-2013 18:59:13 JavaFX 2.1.1 wird entfernt
11-06-2013 00:18:49 Windows Update
Could not list Restore Points.


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 3070.55 MB
Available physical RAM: 1591.95 MB
Total Pagefile: 6141.1 MB
Available Pagefile: 3969.23 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.79 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:290.08 GB) (Free:142.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:290.09 GB) (Free:285.1 GB) NTFS
Drive e: (HP PS5510d) (CDROM) (Total:0.25 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: EC96BE3F)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=290 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=290 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 12.06.2013, 06:41

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST Log. Noch Probleme?

Unerwünschte Werbeleisten im Chrome Browser, öffnen sich ständig neu beim wechseln der Seite

Plagegeister aller Art und deren Bekämpfung: Unerwünschte Werbeleisten im Chrome Browser, öffnen sich ständig neu beim wechseln der Seite