Internetexplorer öffnet sich von selbst

LukashoferT · 10.12.2013, 22:12

Hallo zusammen,

seit ein paar Stunden öffnet sich mein Internet Explorer ständig von selbst, geöffnet wird immer Werbung von verschiedensten Firmen. Ich bin mir nicht sicher, ob das ein Zeichen für einen Virus ist, allerdings habe ich auf den Hinweis eines Bekannten hin schon das Programm malware bites ausprobiert sowie mcafee stinger. Beides bisher ergebnislos. Das erstgenannte Programm ist zwar auf Malware gestoßen, nach einem Neustart des Systems hat sich allerdings nichts geändert. Mcafee Stinger hat keine Malware gefunden.
Ich hoffe, Sie können mir bei der Lösung meines Problems helfen!

Vielen Dank im Voraus!

schrauber · 10.12.2013, 22:22

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

LukashoferT · 10.12.2013, 23:41

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-12-2013
Ran by Theresa (administrator) on THERESA-PC on 10-12-2013 23:25:20
Running from C:\Users\Theresa\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\smartlogon.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDECK.EXE
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
() C:\Program Files\Spring Smart\updateSpringSmart.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
(ASUS) C:\Windows\AsScrPro.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Updater) C:\ProgramData\Updater\updater.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Users\Theresa\AppData\Local\DownBook\DownBook.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Smartbar) C:\Users\Theresa\AppData\Local\Smartbar\Application\SnapDo.exe
(BrowserSafeguard) C:\Program Files\Browsersafeguard\BrowserSafeguard.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IeHelper\IeHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ieuser.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe
(MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\Theresa\Downloads\FRST(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DisableS3S4] - c:\DisableS3S4.cmd
HKLM\...\Run: [UpdateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2008-08-18] (ASUS)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [8105984 2008-09-03] (ASUS)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-03-19] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDECK.EXE [1392640 2009-04-30] (VIA)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [540576 2009-04-21] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Wireless Console 3] - C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [1593344 2009-02-07] ()
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Media\DMedia.exe [159744 2008-08-19] (ASUS)
HKLM\...\Run: [ADSMTray] - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [266240 2008-04-01] (ASUSTek Computer Inc.)
HKLM\...\Run: [ACMON] - C:\Program Files\ASUS\Splendid\ACMON.exe [851968 2008-10-01] (ATK)
HKLM\...\Run: [ASUS Camera ScreenSaver] - C:\Windows\AsScrProlog.exe [47672 2009-08-16] ()
HKLM\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3054136 2009-08-16] (ASUS)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421160 2011-04-27] (Apple Inc.)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [273528 2011-11-19] (RealNetworks, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ApnTBMon] - "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM\...\Run: [MSC] - "C:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey <===== ATTENTION (File name is altered)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2565520 2011-03-14] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [481656 2013-11-21] (Updater)
HKLM\...\Runonce: [Del2146058] - cmd.exe /Q /D /c del "C:\Users\Theresa\AppData\Local\Temp\0.del"
HKCU\...\Run: [SRS Premium Sound] - C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [3405048 2009-04-07] (SRS Labs, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKCU\...\Run: [DownBook] - C:\Users\Theresa\AppData\Local\DownBook\DownBook.exe [1016527 2013-11-04] ()
HKCU\...\Run: [Ivgvsoft] - regsvr32.exe C:\Users\Theresa\AppData\Local\Ivgvsoft\SecurityNetwork24.dll <===== ATTENTION
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\Theresa\AppData\Local\Smartbar\Application\SnapDo.exe [21536 2013-10-31] (Smartbar)
HKCU\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [481656 2013-11-21] (Updater)
HKCU\...\Run: [BrowserSafeguard] - C:\Program Files\Browsersafeguard\BrowserSafeguard.exe [569856 2013-11-20] (BrowserSafeguard)
HKCU\...\Runonce: [Del2146058] - cmd.exe /Q /D /c del "C:\Users\Theresa\AppData\Local\Temp\0.del"
MountPoints2: {6d02211c-3fea-11e3-b912-002618f946ee} - F:\AutoRun.exe
MountPoints2: {c341e8fb-de13-11e0-8e4b-002618f946ee} - F:\AutoRun.exe
MountPoints2: {c341e909-de13-11e0-8e4b-001e101f0de9} - F:\AutoRun.exe
MountPoints2: {d021afa4-40df-11e3-8346-001e101fa1f5} - G:\AutoRun.exe
MountPoints2: {e8ae1bf3-3a86-11e3-a746-002618f946ee} - F:\AutoRun.exe
MountPoints2: {e8ae1c27-3a86-11e3-a746-001e101f4e71} - G:\AutoRun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49266;https=127.0.0.1:49266;
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=ds&q={searchTerms}&installDate=10/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=hp&installDate=10/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=ds&q={searchTerms}&installDate=10/12/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=ds&q={searchTerms}&installDate=10/12/2013
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=ds&q={searchTerms}&installDate=10/12/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=ds&q={searchTerms}&installDate=10/12/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=ds&q={searchTerms}&installDate=10/12/2013
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
BHO: Tube Dimmer - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\TubeDimmer\IE\common.dll (Creative Island Media, LLC)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default
FF user.js: detected! => C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default\user.js
FF NewTab: hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=nt&installDate=10/12/2013
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=hp&installDate=10/12/2013
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=ds&installDate=10/12/2013&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=12.0.1.669 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.669 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.669 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Tube Dimmer - C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default\Extensions\support@tubedimmerapp.com
FF Extension: Foxtab Speed Dial - C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF Extension: NbDocCstg Class - C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default\Extensions\{8BA08CAA-E441-7CC5-2275-324A1CB354C0}
FF Extension: Snap.Do  - C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default\Extensions\{a90602f2-6145-b132-32f8-05bd19400cf3}
FF Extension: firefox - C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default\Extensions\firefox@springsmart.net.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR Extension: () - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_1
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [igjjkeeamkpihpncmmbgdkhdnjpcfmfb] - C:\ProgramData\TubeDimmer\Chrome\common.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-14] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [239968 2013-10-21] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 SRS_VolSync_Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [70880 2009-04-07] (SRS Labs, Inc.)
R2 Update Spring Smart; C:\Program Files\Spring Smart\updateSpringSmart.exe [66344 2013-11-07] ()
S2 APNMCP; "C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe" [x]

==================== Drivers (Whitelisted) ====================

R0 ahcix86s; C:\Windows\System32\DRIVERS\ahcix86s.sys [173576 2008-05-27] (AMD Technologies Inc.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [4386304 2009-03-19] (ATI Technologies Inc.)
R0 AsDsm; C:\Windows\System32\Drivers\AsDsm.sys [30264 2009-08-16] (ASUSTek Computer Inc)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
S3 CRFILTER; C:\Windows\System32\DRIVERS\CRFILTER.sys [6656 2008-04-07] (Generic)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [90112 2009-04-21] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2008-11-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2008-12-24] (ATK0100)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1752704 2008-08-11] ()
R3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_i386.sys [233128 2009-04-01] ()
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1019392 2009-04-28] (VIA Technologies, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-10 23:25 - 2013-12-10 23:28 - 00026106 _____ C:\Users\Theresa\Downloads\FRST.txt
2013-12-10 23:25 - 2013-12-10 23:25 - 00000000 ____D C:\FRST
2013-12-10 23:24 - 2013-12-10 23:24 - 01061325 _____ (Farbar) C:\Users\Theresa\Downloads\FRST(1).exe
2013-12-10 23:23 - 2013-12-10 23:24 - 01061325 _____ (Farbar) C:\Users\Theresa\Downloads\FRST.exe
2013-12-10 23:00 - 2013-12-10 23:00 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-12-10 22:59 - 2013-12-10 23:00 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\Advanced System Protector
2013-12-10 22:59 - 2013-12-10 22:59 - 00000814 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-12-10 22:59 - 2013-12-10 22:59 - 00000276 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-12-10 22:59 - 2013-12-10 22:59 - 00000268 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-12-10 22:59 - 2013-12-10 22:59 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\Systweak
2013-12-10 22:59 - 2013-11-22 15:42 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot.exe
2013-12-10 22:58 - 2013-12-10 22:59 - 00000000 ____D C:\Program Files\RegClean Pro
2013-12-10 22:58 - 2013-12-10 22:58 - 00000870 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-12-10 22:58 - 2013-12-10 22:58 - 00000296 _____ C:\Windows\Tasks\FoxTab.job
2013-12-10 22:58 - 2013-12-10 22:58 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\FoxTab
2013-12-10 22:58 - 2013-12-10 22:58 - 00000000 ____D C:\Program Files\OpenIt
2013-12-10 22:58 - 2013-12-10 22:58 - 00000000 ____D C:\Program Files\Foxtab
2013-12-10 22:57 - 2013-12-10 22:57 - 00666568 _____ (Zip Opener Technologies) C:\Users\Theresa\Downloads\ZipOpenerSetup.exe
2013-12-10 22:57 - 2013-12-10 22:57 - 00666568 _____ (Zip Opener Technologies) C:\Users\Theresa\Downloads\ZipOpenerSetup(1).exe
2013-12-10 22:33 - 2013-12-10 22:33 - 00001419 _____ C:\Users\Theresa\Desktop\Sync Folder.lnk
2013-12-10 22:33 - 2013-12-10 22:33 - 00000000 ____D C:\Users\Theresa\SyncFolder
2013-12-10 21:47 - 2013-12-10 21:47 - 00000000 ____D C:\Program Files\Browsersafeguard
2013-12-10 21:46 - 2013-12-10 22:34 - 00000000 ____D C:\Program Files\MyPC Backup
2013-12-10 21:46 - 2013-12-10 21:46 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-10 21:46 - 2013-12-10 21:46 - 00000000 ____D C:\Program Files\Spring Smart
2013-12-10 21:45 - 2013-12-10 21:45 - 00000000 ____D C:\ProgramData\Updater
2013-12-10 21:45 - 2013-12-10 21:45 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-12-10 21:45 - 2013-12-10 21:45 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-10 21:44 - 2013-12-10 21:44 - 00002063 _____ C:\Users\Theresa\Desktop\Search.lnk
2013-12-10 21:42 - 2013-12-10 21:44 - 00000000 ____D C:\Users\Theresa\AppData\Local\Smartbar
2013-12-10 21:37 - 2013-12-10 21:38 - 02355496 _____ (Premium Installer     ) C:\Users\Theresa\Downloads\Setup.exe
2013-12-10 21:02 - 2013-12-10 21:33 - 00000118 ___RH C:\Users\Theresa\Downloads\Stinger.opt
2013-12-10 21:02 - 2013-12-10 21:15 - 00000638 _____ C:\Users\Theresa\Downloads\Stinger_10122013_210221.html
2013-12-10 21:01 - 2013-12-10 21:01 - 10237984 _____ (McAfee Inc) C:\Users\Theresa\Downloads\stinger32(1).exe
2013-12-10 21:00 - 2013-12-10 21:33 - 00000000 ____D C:\Program Files\stinger
2013-12-10 21:00 - 2013-12-10 21:01 - 10237984 _____ (McAfee Inc) C:\Users\Theresa\Downloads\stinger32.exe
2013-12-10 20:58 - 2013-12-10 20:59 - 00819192 _____ (Google Inc.) C:\Users\Theresa\Downloads\ChromeSetup.exe
2013-12-10 20:58 - 2013-12-10 20:58 - 00614784 _____ C:\Users\Theresa\Downloads\McAfee Labs Stinger 32 Bit - CHIP-Downloader.exe
2013-12-10 19:50 - 2013-12-10 20:48 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-10 19:50 - 2013-12-10 19:50 - 00104664 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-10 19:50 - 2013-12-10 19:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 19:49 - 2013-12-10 20:45 - 00000000 ____D C:\Users\Theresa\Desktop\mbar
2013-12-10 19:49 - 2013-12-10 19:49 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-10 17:43 - 2013-12-10 17:44 - 00000000 ____D C:\Users\Theresa\AppData\Local\Ivgvsoft
2013-11-22 14:22 - 2013-11-22 14:22 - 00000000 ____D C:\Users\Theresa\AppData\Local\Macromedia
2013-11-21 23:04 - 2013-12-10 23:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-21 23:04 - 2013-11-22 13:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-21 23:04 - 2013-11-22 13:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-17 17:38 - 2013-11-17 17:39 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-12-10 23:28 - 2013-12-10 23:25 - 00026106 _____ C:\Users\Theresa\Downloads\FRST.txt
2013-12-10 23:25 - 2013-12-10 23:25 - 00000000 ____D C:\FRST
2013-12-10 23:25 - 2011-03-26 14:46 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\Skype
2013-12-10 23:24 - 2013-12-10 23:24 - 01061325 _____ (Farbar) C:\Users\Theresa\Downloads\FRST(1).exe
2013-12-10 23:24 - 2013-12-10 23:23 - 01061325 _____ (Farbar) C:\Users\Theresa\Downloads\FRST.exe
2013-12-10 23:24 - 2013-11-21 23:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 23:00 - 2013-12-10 23:00 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-12-10 23:00 - 2013-12-10 22:59 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\Advanced System Protector
2013-12-10 22:59 - 2013-12-10 22:59 - 00000814 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-12-10 22:59 - 2013-12-10 22:59 - 00000276 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-12-10 22:59 - 2013-12-10 22:59 - 00000268 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-12-10 22:59 - 2013-12-10 22:59 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\Systweak
2013-12-10 22:59 - 2013-12-10 22:58 - 00000000 ____D C:\Program Files\RegClean Pro
2013-12-10 22:58 - 2013-12-10 22:58 - 00000870 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-12-10 22:58 - 2013-12-10 22:58 - 00000296 _____ C:\Windows\Tasks\FoxTab.job
2013-12-10 22:58 - 2013-12-10 22:58 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\FoxTab
2013-12-10 22:58 - 2013-12-10 22:58 - 00000000 ____D C:\Program Files\OpenIt
2013-12-10 22:58 - 2013-12-10 22:58 - 00000000 ____D C:\Program Files\Foxtab
2013-12-10 22:57 - 2013-12-10 22:57 - 00666568 _____ (Zip Opener Technologies) C:\Users\Theresa\Downloads\ZipOpenerSetup.exe
2013-12-10 22:57 - 2013-12-10 22:57 - 00666568 _____ (Zip Opener Technologies) C:\Users\Theresa\Downloads\ZipOpenerSetup(1).exe
2013-12-10 22:55 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-10 22:55 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-10 22:34 - 2013-12-10 21:46 - 00000000 ____D C:\Program Files\MyPC Backup
2013-12-10 22:33 - 2013-12-10 22:33 - 00001419 _____ C:\Users\Theresa\Desktop\Sync Folder.lnk
2013-12-10 22:33 - 2013-12-10 22:33 - 00000000 ____D C:\Users\Theresa\SyncFolder
2013-12-10 22:33 - 2009-09-13 15:22 - 00000000 ____D C:\Users\Theresa
2013-12-10 22:29 - 2009-08-16 09:45 - 01364655 _____ C:\Windows\WindowsUpdate.log
2013-12-10 22:23 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-10 22:22 - 2006-11-02 14:01 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-10 21:47 - 2013-12-10 21:47 - 00000000 ____D C:\Program Files\Browsersafeguard
2013-12-10 21:46 - 2013-12-10 21:46 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-10 21:46 - 2013-12-10 21:46 - 00000000 ____D C:\Program Files\Spring Smart
2013-12-10 21:45 - 2013-12-10 21:45 - 00000000 ____D C:\ProgramData\Updater
2013-12-10 21:45 - 2013-12-10 21:45 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-12-10 21:45 - 2013-12-10 21:45 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-10 21:44 - 2013-12-10 21:44 - 00002063 _____ C:\Users\Theresa\Desktop\Search.lnk
2013-12-10 21:44 - 2013-12-10 21:42 - 00000000 ____D C:\Users\Theresa\AppData\Local\Smartbar
2013-12-10 21:38 - 2013-12-10 21:37 - 02355496 _____ (Premium Installer     ) C:\Users\Theresa\Downloads\Setup.exe
2013-12-10 21:33 - 2013-12-10 21:02 - 00000118 ___RH C:\Users\Theresa\Downloads\Stinger.opt
2013-12-10 21:33 - 2013-12-10 21:00 - 00000000 ____D C:\Program Files\stinger
2013-12-10 21:15 - 2013-12-10 21:02 - 00000638 _____ C:\Users\Theresa\Downloads\Stinger_10122013_210221.html
2013-12-10 21:01 - 2013-12-10 21:01 - 10237984 _____ (McAfee Inc) C:\Users\Theresa\Downloads\stinger32(1).exe
2013-12-10 21:01 - 2013-12-10 21:00 - 10237984 _____ (McAfee Inc) C:\Users\Theresa\Downloads\stinger32.exe
2013-12-10 20:59 - 2013-12-10 20:58 - 00819192 _____ (Google Inc.) C:\Users\Theresa\Downloads\ChromeSetup.exe
2013-12-10 20:58 - 2013-12-10 20:58 - 00614784 _____ C:\Users\Theresa\Downloads\McAfee Labs Stinger 32 Bit - CHIP-Downloader.exe
2013-12-10 20:48 - 2013-12-10 19:50 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-10 20:46 - 2013-11-08 11:35 - 00000000 ____D C:\Users\Theresa\AppData\Local\wsearch
2013-12-10 20:46 - 2008-04-16 11:43 - 00000000 ____D C:\Windows\ABLKSR
2013-12-10 20:46 - 2008-01-21 03:47 - 00319320 _____ C:\Windows\PFRO.log
2013-12-10 20:45 - 2013-12-10 19:49 - 00000000 ____D C:\Users\Theresa\Desktop\mbar
2013-12-10 19:50 - 2013-12-10 19:50 - 00104664 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-12-10 19:50 - 2013-12-10 19:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 19:49 - 2013-12-10 19:49 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-10 17:44 - 2013-12-10 17:43 - 00000000 ____D C:\Users\Theresa\AppData\Local\Ivgvsoft
2013-12-09 22:06 - 2011-03-26 14:46 - 00000000 ___RD C:\Program Files\Skype
2013-12-09 22:06 - 2011-03-26 14:45 - 00000000 ____D C:\ProgramData\Skype
2013-12-03 21:13 - 2006-11-02 11:33 - 01445120 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-03 21:11 - 2013-10-22 14:27 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-01 08:37 - 2013-09-27 09:05 - 00000000 ___RD C:\Users\Theresa\Desktop\Uni
2013-12-01 08:34 - 2006-11-02 13:52 - 00303129 _____ C:\Windows\setupact.log
2013-11-25 23:10 - 2009-08-16 11:12 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-11-22 15:42 - 2013-12-10 22:59 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot.exe
2013-11-22 14:22 - 2013-11-22 14:22 - 00000000 ____D C:\Users\Theresa\AppData\Local\Macromedia
2013-11-22 13:24 - 2013-11-21 23:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-22 13:24 - 2013-11-21 23:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-20 07:29 - 2013-10-11 07:54 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-20 07:28 - 2013-10-11 07:53 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-19 18:20 - 2013-01-12 15:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-19 11:21 - 2009-12-14 14:21 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-17 17:39 - 2013-11-17 17:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-17 16:27 - 2011-02-20 19:08 - 00000680 _____ C:\Users\Theresa\AppData\Local\d3d9caps.dat
2013-11-14 20:17 - 2013-11-04 15:33 - 00000000 ____D C:\Users\Theresa\AppData\Local\WideSearch
2013-11-14 19:04 - 2013-08-23 02:04 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 19:04 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-11-12 20:58 - 2013-11-04 15:33 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\Comical
ZeroAccess:
C:\Users\Theresa\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install

Some content of TEMP:
====================
C:\Users\Theresa\AppData\Local\Temp\413.53289594710656_Update.exe
C:\Users\Theresa\AppData\Local\Temp\581217 medi learn skriptenreihe 20132014 pake...  Downloader.exe
C:\Users\Theresa\AppData\Local\Temp\615.318192379781_Update.exe
C:\Users\Theresa\AppData\Local\Temp\BrokerMediumIntegrity.exe
C:\Users\Theresa\AppData\Local\Temp\DeltaTB.exe
C:\Users\Theresa\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Theresa\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Theresa\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Theresa\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Theresa\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Theresa\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Theresa\AppData\Local\Temp\setup.exe
C:\Users\Theresa\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Theresa\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Theresa\AppData\Local\Temp\tbDVD0.dll
C:\Users\Theresa\AppData\Local\Temp\tbr.exe
C:\Users\Theresa\AppData\Local\Temp\TB_ED3B.exe
C:\Users\Theresa\AppData\Local\Temp\uninstall.exe
C:\Users\Theresa\AppData\Local\Temp\uninstaller.exe
C:\Users\Theresa\AppData\Local\Temp\WhiteLabelSetup.exe
C:\Users\Theresa\AppData\Local\Temp\WSSetup.exe
C:\Users\Theresa\AppData\Local\Temp\_is3294.exe
C:\Users\Theresa\AppData\Local\Temp\{B815E23D-9460-498E-90AA-36254A51FAEC}-22.0.1229.94_22.0.1229.79_chrome_updater.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 22:32

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-12-2013
Ran by Theresa at 2013-12-10 23:31:35
Running from C:\Users\Theresa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 6.1.1)
4500_G510gm_Help (Version: 000.0.439.000)
4500G510gm (Version: 000.0.423.000)
4500G510gm_Software_Min (Version: 000.0.423.000)
7-Zip 9.20
7Zip Bundle by Fileparade.com (Version: 1.0.0.0)
Adobe AIR (Version: 1.5.2.8900)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
AMD USB Audio Driver Filter (Version: 1.0.7.0031)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
ASUS CopyProtect (Version: 1.0.0009)
ASUS Data Security Manager (Version: 1.00.0011)
ASUS FancyStart (Version: 1.0.2)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.6)
ASUS MultiFrame (Version: 1.0.0018)
ASUS Power4Gear Hybrid (Version: 1.1.10)
ASUS SmartLogon (Version: 1.0.0006)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0023)
ASUS Virtual Camera (Version: 1.0.13)
Asus_Camera_ScreenSaver (Version: 2.0.0008)
Atheros Client Installation Program (Version: 7.0)
ATI Catalyst Install Manager (Version: 3.0.715.0)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0049)
ATK Media (Version: 2.0.0001)
ATKOSD2 (Version: 7.0.0002)
Avira SearchFree Toolbar (Version: 12.6.0.1900)
Bonjour (Version: 2.0.5.0)
BrowserSafeguard
BufferChm (Version: 130.0.331.000)
Canon Easy-PhotoPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG5300 series Benutzerregistrierung
Canon MG5300 series MP Drivers
Canon MG5300 series On-screen Manual
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0318.2141.37097)
Catalyst Control Center Graphics Full Existing (Version: 2009.0318.2141.37097)
Catalyst Control Center Graphics Full New (Version: 2009.0318.2141.37097)
Catalyst Control Center Graphics Light (Version: 2009.0318.2141.37097)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0318.2141.37097)
Catalyst Control Center InstallProxy (Version: 2009.0318.2141.37097)
Catalyst Control Center Localization All (Version: 2009.0318.2141.37097)
CCC Help Chinese Standard (Version: 2009.0318.2140.37097)
CCC Help Chinese Traditional (Version: 2009.0318.2140.37097)
CCC Help Czech (Version: 2009.0318.2140.37097)
CCC Help Danish (Version: 2009.0318.2140.37097)
CCC Help Dutch (Version: 2009.0318.2140.37097)
CCC Help English (Version: 2009.0318.2140.37097)
CCC Help Finnish (Version: 2009.0318.2140.37097)
CCC Help French (Version: 2009.0318.2140.37097)
CCC Help German (Version: 2009.0318.2140.37097)
CCC Help Greek (Version: 2009.0318.2140.37097)
CCC Help Hungarian (Version: 2009.0318.2140.37097)
CCC Help Italian (Version: 2009.0318.2140.37097)
CCC Help Japanese (Version: 2009.0318.2140.37097)
CCC Help Korean (Version: 2009.0318.2140.37097)
CCC Help Norwegian (Version: 2009.0318.2140.37097)
CCC Help Polish (Version: 2009.0318.2140.37097)
CCC Help Portuguese (Version: 2009.0318.2140.37097)
CCC Help Russian (Version: 2009.0318.2140.37097)
CCC Help Spanish (Version: 2009.0318.2140.37097)
CCC Help Swedish (Version: 2009.0318.2140.37097)
CCC Help Thai (Version: 2009.0318.2140.37097)
CCC Help Turkish (Version: 2009.0318.2140.37097)
ccc-core-static (Version: 2009.0318.2141.37097)
ccc-utility (Version: 2009.0318.2141.37097)
Choice Guard (Version: 1.2.87.0)
Cisco EAP-FAST Module (Version: 2.2.9)
Cisco LEAP Module (Version: 1.0.15)
Cisco PEAP Module (Version: 1.1.2)
Comical 0.8
CyberLink LabelPrint (Version: 2.5.1720)
CyberLink Power2Go (Version: 6.1.2713)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
DocMgr (Version: 130.0.000.000)
DocProc (Version: 13.0.0.0)
ETDWare PS/2-x86 7.0.5.3 WHQL
Fax (Version: 130.0.418.000)
Foxtab
Google Update Helper (Version: 1.3.21.153)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Officejet 4500 G510g-m (Version: 13.0)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
iTunes (Version: 10.2.2.14)
Java Auto Updater (Version: 2.0.7.2)
Java(TM) 6 Update 37 (Version: 6.0.370)
Junk Mail filter update (Version: 14.0.8050.1202)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Outlook Connector (Version: 12.0.6414.1000)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mobile Partner (Version: 21.005.15.02.382)
Mozilla Firefox 25.0.1 (x86 de) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.01.0000.00)
MyPC Backup  (Version: ) <==== ATTENTION
Network (Version: 130.0.374.000)
Norton Internet Security (Version: 16.0.0.125)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Open It! (Version: 1.1.1)
OpenOffice.org 3.1 (Version: 3.1.9420)
Platform (Version: 1.34)
QuickTime (Version: 7.69.80.9)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
RegClean Pro (Version: 6.21) <==== ATTENTION
Scan (Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
Skins (Version: 2009.0318.2141.37097)
Skype Toolbars (Version: 5.2.4170)
Skype™ 6.11 (Version: 6.11.102)
SmartWebPrinting (Version: 130.0.373.000)
Snap.Do (Version: 10.235.1.13231)
Snap.Do Engine (HKCU Version: 10.235.1.13231)
SolutionCenter (Version: 130.0.373.000)
Spring Smart 2013.11.07.204203 (Version: 2013.11.07.204203)
SRS Premium Sound (Version: 1.09.0300)
Status (Version: 130.0.373.000)
SweetPacks Updater Service (Version: 4.0.5.7)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Tube Dimmer (Version: 2.6.49)
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Updater (Version: 2.6.49)
USB 2.0 1.3M UVC WebCam
VIA Platform Device Manager (Version: 1.34)
WebReg (Version: 130.0.132.017)
Windows Live Anmelde-Assistent (Version: 5.000.818.6)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Family Safety (Version: 14.0.8052.1208)
Windows Live Fotogalerie (Version: 14.0.8051.1204)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Movie Maker-Betaversion (Version: 14.0.8051.1204)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
WinFlash (Version: 2.29.0)
Wireless Console 3 (Version: 3.0.6)
XMind (Version: 3.2.1)
XMind 2012 (v3.3.1) (Version: 3.3.1.201212250029)
Yahoo! Detect
Zip Opener Packages <==== ATTENTION

==================== Restore Points  =========================

31-10-2013 15:36:00 Windows Update
01-11-2013 19:17:19 Windows Update
03-11-2013 09:53:05 Windows Update
04-11-2013 14:29:43 Windows Update
14-11-2013 18:03:09 Windows Update
14-11-2013 18:32:11 Windows Update
17-11-2013 15:35:25 Windows Update
19-11-2013 17:30:37 Windows Update
20-11-2013 06:27:18 Windows Update
20-11-2013 19:54:47 Windows Update
22-11-2013 12:28:55 Windows Update
23-11-2013 09:48:28 Windows Update
23-11-2013 15:56:06 Windows Update
24-11-2013 12:32:21 Windows Update
25-11-2013 13:47:32 Windows Update
26-11-2013 21:02:27 Windows Update
27-11-2013 22:30:40 Windows Update
29-11-2013 14:34:26 Windows Update
01-12-2013 07:47:37 Windows Update
02-12-2013 16:25:37 Windows Update
03-12-2013 16:48:45 Windows Update
05-12-2013 19:11:26 Windows Update
09-12-2013 15:06:17 Windows Update
10-12-2013 16:42:32 Windows Update
10-12-2013 19:43:29 Malwarebytes Anti-Rootkit Restore Point

==================== Hosts content: ==========================

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {48BEEE27-75D5-4C76-BBAF-A92BB10CD6B7} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe [2013-09-19] (MyPCBackup.com)
Task: {711E866D-E2E0-4D49-9F50-47F0B5F59076} - System32\Tasks\FoxTab => C:\Users\Theresa\AppData\Roaming\FoxTab\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {7F9AC77F-7F83-4E2B-99F4-C968D778852F} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Theresa => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-21] (Microsoft Corporation)
Task: {8082577D-46D4-4000-8CF0-D635B9378D5A} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2008-11-27] (ATK)
Task: {85D84353-D09C-4B84-ADC5-96CC312D2402} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2008-12-09] (ASUS)
Task: {8A911CDD-40C6-483F-9424-B34696D56BF2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {93D48519-7C8E-4E86-B398-04D25C3B3280} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-11-22] (Systweak Inc) <==== ATTENTION
Task: {A2AEF789-AC96-4596-9FB9-4A22601B987B} - System32\Tasks\{5F4D8CC7-AADC-42BF-B37F-7BF14901F6F7} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-15] (Skype Technologies S.A.)
Task: {AC0B6E40-F6A8-4A11-9444-3339A1A1A29C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-22] (Adobe Systems Incorporated)
Task: {B183E706-9E3F-45A7-B7FF-49C7568D81A4} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-11-22] (Systweak Inc) <==== ATTENTION
Task: {B506BCF7-D584-44D0-9BD0-158FDD80B955} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-498081548-509131595-4215888964-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: {C1DDB80E-3E9D-4BC8-A45C-10AF73B4675D} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files\Browsersafeguard\uninstall.browsersafeguard.exe [2013-12-10] () <==== ATTENTION
Task: {C611127A-DC22-4BDC-8546-1D682F903389} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {CB092BE2-CC79-4FE4-B00E-9383C9FF9C9D} - System32\Tasks\Advanced System Protector => C:\Program Files\RegClean Pro\systweakasp.exe [2013-08-23] (Systweak Inc                                                ) <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {E79321B5-CE08-476F-AF1C-611B99BF5C28} - System32\Tasks\ASPG => C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe [2008-10-15] (ASUS)
Task: {EAE44CD8-FE56-4FCE-B5F9-7059312C6CF3} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-11-22] (Systweak Inc) <==== ATTENTION
Task: {F0DE3C35-2CC5-4BE3-9991-96D8386BFE48} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22] (Apple Inc.)
Task: {FD8A1446-5845-4E64-A08A-5A587EC82D6A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-498081548-509131595-4215888964-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-09-27] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\Theresa\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-12-10 17:44 - 2013-12-10 17:44 - 00020480 _____ () C:\Users\Theresa\AppData\Local\Ivgvsoft\SecurityNetwork24.dll
2007-06-15 18:28 - 2007-06-15 18:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-02 01:08 - 2007-06-02 01:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
2013-09-19 23:37 - 2013-09-19 23:37 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll
2013-12-10 21:43 - 2013-12-10 21:43 - 00911872 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2009-03-19 03:16 - 2009-03-19 03:16 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-08-20 23:49 - 2008-08-20 23:49 - 00016384 _____ () C:\Program files\P4G\DevMng.dll
2008-10-30 23:37 - 2008-10-30 23:37 - 00015360 _____ () C:\Program files\P4G\OvrClk.dll
2009-08-16 10:19 - 2007-03-10 00:16 - 00106496 _____ () C:\Program Files\ATKGFNEX\AGFNEX.dll
2008-08-28 00:32 - 2008-08-28 00:32 - 00619816 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 17:55 - 2008-06-09 17:55 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2007-11-12 23:41 - 2007-11-12 23:41 - 00106496 _____ () C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll
2009-08-16 10:41 - 2008-03-17 10:49 - 00069632 _____ () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
2009-08-16 10:41 - 2009-04-02 02:26 - 00102400 _____ () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
2009-08-16 10:41 - 2008-02-14 06:56 - 00094208 _____ () C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
2009-08-16 10:41 - 2009-04-30 08:23 - 47607808 _____ () C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll
2009-08-16 10:32 - 2009-08-16 10:32 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2008-10-24 19:29 - 2008-10-24 19:29 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-11-03 15:51 - 2009-11-03 15:51 - 00067872 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00034848 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00056864 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\srau.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00150560 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00112672 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 01981472 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00055840 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\spbl.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00013344 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\siem.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00049184 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\sppsm.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00728096 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00082464 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00014368 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00017440 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00031264 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\srut.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00020512 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\srsbs.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00057888 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00014880 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\srpdm.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00014368 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\sgml.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00053280 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-10-31 15:29 - 2013-10-31 15:29 - 00048160 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-10-31 15:29 - 2013-10-31 15:29 - 00026144 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00025632 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-10-31 15:17 - 2013-10-31 15:17 - 00193056 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\sgmu.dll
2013-10-31 15:16 - 2013-10-31 15:16 - 00068640 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00248864 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\srns.dll
2009-08-18 15:54 - 2009-08-18 15:54 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2013-09-19 23:37 - 2013-09-19 23:37 - 03889152 _____ () C:\Program Files\MyPC Backup\MPCBIconOverlays.dll
2013-10-31 15:30 - 2013-10-31 15:30 - 00136736 _____ () C:\Users\Theresa\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll
2013-11-17 17:38 - 2013-11-17 17:38 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-12-10 21:43 - 2013-10-22 07:20 - 00099096 _____ () C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default\extensions\{a90602f2-6145-b132-32f8-05bd19400cf3}\components\SmartbarFireFoxRemotePlugin_25.dll
2013-11-22 13:24 - 2013-11-22 13:24 - 16233864 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2013 11:03:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Das erforderliche "name"-Attribut fehlt im assemblyIdentity-Element.

Error: (12/10/2013 11:00:39 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Das erforderliche "name"-Attribut fehlt im assemblyIdentity-Element.

Error: (12/10/2013 10:59:32 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_RU.JSON> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/10/2013 10:59:32 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_RU.JSON> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/10/2013 10:59:31 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_PT-BR.JSON> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/10/2013 10:59:31 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_PT-BR.JSON> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/10/2013 10:59:31 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_IT.JSON> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/10/2013 10:59:31 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_IT.JSON> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/10/2013 10:59:28 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_HE.JSON> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/10/2013 10:59:28 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_HE.JSON> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (12/10/2013 11:03:22 PM) (Source: DCOM) (User: Theresa-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}Theresa-PCTheresaS-1-5-21-498081548-509131595-4215888964-1000LocalHost (unter Verwendung von LRPC)

Error: (12/10/2013 11:03:21 PM) (Source: DCOM) (User: Theresa-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}Theresa-PCTheresaS-1-5-21-498081548-509131595-4215888964-1000LocalHost (unter Verwendung von LRPC)

Error: (12/10/2013 10:59:33 PM) (Source: DCOM) (User: Theresa-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}Theresa-PCTheresaS-1-5-21-498081548-509131595-4215888964-1000LocalHost (unter Verwendung von LRPC)

Error: (12/10/2013 10:59:33 PM) (Source: DCOM) (User: Theresa-PC)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}Theresa-PCTheresaS-1-5-21-498081548-509131595-4215888964-1000LocalHost (unter Verwendung von LRPC)

Error: (12/10/2013 10:25:27 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (12/10/2013 10:24:58 PM) (Source: Service Control Manager) (User: )
Description: Mobile Partner. OUC%%1053

Error: (12/10/2013 10:24:58 PM) (Source: Service Control Manager) (User: )
Description: 30000Mobile Partner. OUC

Error: (12/10/2013 10:23:28 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (12/10/2013 10:22:03 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/10/2013 09:43:19 PM) (Source: Service Control Manager) (User: )
Description: Ask Aktualisierungsdienst1


Microsoft Office Sessions:
=========================
Error: (12/10/2013 11:03:47 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitynameC:\Users\Theresa\AppData\Local\Temp\413.53289594710656_Update.exeC:\Users\Theresa\AppData\Local\Temp\413.53289594710656_Update.exe3

Error: (12/10/2013 11:00:39 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitynameC:\Users\Theresa\AppData\Local\Temp\615.318192379781_Update.exeC:\Users\Theresa\AppData\Local\Temp\615.318192379781_Update.exe3

Error: (12/10/2013 10:59:32 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_RU.JSON

Error: (12/10/2013 10:59:32 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_RU.JSON

Error: (12/10/2013 10:59:31 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_PT-BR.JSON

Error: (12/10/2013 10:59:31 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_PT-BR.JSON

Error: (12/10/2013 10:59:31 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_IT.JSON

Error: (12/10/2013 10:59:31 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_IT.JSON

Error: (12/10/2013 10:59:28 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_HE.JSON

Error: (12/10/2013 10:59:28 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GR0ZQ2TS.DEFAULT\EXTENSIONS\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}\CONTENT\DATA\FAVORITES_HE.JSON


CodeIntegrity Errors:
===================================
  Date: 2013-12-10 23:28:51.857
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-10 23:28:51.110
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-10 23:28:50.292
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-10 23:28:49.774
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-10 23:28:49.058
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-10 23:28:48.402
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-10 23:28:47.880
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-10 23:28:47.271
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-10 23:27:45.891
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-10 23:27:45.252
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 68%
Total physical RAM: 3070.18 MB
Available physical RAM: 966.93 MB
Total Pagefile: 6346.91 MB
Available Pagefile: 3881.69 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.28 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:67.36 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:137.33 GB) (Free:137.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=12 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=137 GB) - (Type=OF Extended)

==================== End Of Log ============================

--- --- ---

Es tut mir sehr leid, dass das so lange gedauert hat, aber mein Computer hat sich immer wieder aufgehängt. Ich hoffe, ich es hat soweit alles geklappt.
Danke!

Es tut mir sehr leid, dass das so lange gedauert hat, aber mein Computer hat sich immer wieder aufgehängt. Ich hoffe, ich es hat soweit alles geklappt.
Danke!

schrauber · 11.12.2013, 13:02

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

LukashoferT · 13.12.2013, 20:06

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-12-13.01 - Theresa 13.12.2013  19:51:44.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.49.1031.18.3070.1664 [GMT 1:00]
ausgeführt von:: c:\users\Theresa\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\ASPG_icon.ico
c:\users\Theresa\AppData\Local\WideSearch
c:\users\Theresa\AppData\Local\WideSearch\unins000.dat
c:\windows\PFRO.log
C:\WindowsLive_A.TXT
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-11-13 bis 2013-12-13  ))))))))))))))))))))))))))))))
.
.
2013-12-13 19:01 . 2013-12-13 19:01	--------	d-----w-	c:\users\Theresa\AppData\Local\temp
2013-12-13 19:01 . 2013-12-13 19:01	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-12-13 17:15 . 2013-12-13 17:15	197544	----a-w-	c:\programdata\azycfx.dat
2013-12-10 22:25 . 2013-12-10 22:25	--------	d-----w-	C:\FRST
2013-12-10 21:59 . 2013-12-10 22:00	--------	d-----w-	c:\users\Theresa\AppData\Roaming\Advanced System Protector
2013-12-10 21:59 . 2013-12-12 13:26	--------	d-----w-	c:\users\Theresa\AppData\Roaming\Systweak
2013-12-10 21:59 . 2013-11-22 14:42	18776	----a-w-	c:\windows\system32\roboot.exe
2013-12-10 21:58 . 2013-12-10 21:58	--------	d-----w-	c:\users\Theresa\AppData\Roaming\FoxTab
2013-12-10 21:33 . 2013-12-10 21:33	--------	d-----w-	c:\users\Theresa\SyncFolder
2013-12-10 20:46 . 2013-12-12 13:24	--------	d-----w-	c:\program files\MyPC Backup
2013-12-10 20:45 . 2013-12-10 20:45	--------	d-----w-	c:\programdata\RHelpers
2013-12-10 20:45 . 2013-12-10 20:45	--------	d-----w-	c:\programdata\Updater
2013-12-10 20:00 . 2013-12-10 20:33	--------	d-----w-	c:\program files\stinger
2013-12-10 18:50 . 2013-12-10 18:50	--------	d-----w-	c:\programdata\Malwarebytes
2013-12-10 18:50 . 2013-12-10 19:48	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-12-10 18:50 . 2013-12-10 18:50	104664	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-12-10 18:49 . 2013-12-10 18:49	74456	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2013-12-10 16:43 . 2013-12-10 16:44	--------	d-----w-	c:\users\Theresa\AppData\Local\Ivgvsoft
2013-11-22 13:22 . 2013-11-22 13:22	--------	d-----w-	c:\users\Theresa\AppData\Local\Macromedia
2013-11-21 22:04 . 2013-12-13 17:24	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-21 22:04 . 2013-12-13 17:24	692616	----a-w-	c:\windows\system32\FlashPlayerApp.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-12 13:35 . 2009-08-16 10:12	45056	----a-w-	c:\windows\system32\acovcnt.exe
2013-11-19 10:21 . 2009-12-14 13:21	230048	------w-	c:\windows\system32\MpSigStub.exe
2013-10-30 21:05 . 2013-10-30 21:05	477168	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-10-30 21:05 . 2011-02-10 12:28	473072	----a-w-	c:\windows\system32\deployJava1.dll
2013-10-21 19:34 . 2013-10-21 19:36	861696	----a-w-	c:\windows\system32\drivers\mod7700.sys
2013-10-21 19:34 . 2013-10-21 19:36	64384	----a-w-	c:\windows\system32\drivers\ew_jucdcecm.sys
2013-10-21 19:34 . 2013-10-21 19:36	26624	----a-w-	c:\windows\system32\drivers\ew_juextctrl.sys
2013-10-21 19:34 . 2013-10-21 19:36	11136	----a-w-	c:\windows\system32\drivers\ew_usbenumfilter.sys
2013-10-21 19:34 . 2013-10-21 19:36	90368	----a-w-	c:\windows\system32\drivers\ew_jucdcacm.sys
2013-10-21 19:34 . 2013-10-21 19:36	73216	----a-w-	c:\windows\system32\drivers\ew_jubusenum.sys
2013-10-21 19:34 . 2013-10-21 19:36	25856	----a-w-	c:\windows\system32\drivers\ewdcsc.sys
2013-10-21 19:34 . 2013-10-21 19:36	235392	----a-w-	c:\windows\system32\drivers\ewusbnet.sys
2013-10-21 19:34 . 2013-10-21 19:36	193792	----a-w-	c:\windows\system32\drivers\ewusbmdm.sys
2013-10-21 19:34 . 2013-10-21 19:36	19200	----a-w-	c:\windows\system32\drivers\ew_hwupgrade.sys
2013-10-21 19:34 . 2013-10-21 19:36	102784	----a-w-	c:\windows\system32\drivers\ew_hwusbdev.sys
2013-10-21 19:34 . 2011-09-15 14:39	1112288	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2013-10-21 19:34 . 2011-09-15 14:39	1112288	----a-w-	c:\windows\system32\drivers\WdfCoInstaller01007.dll
2008-10-14 21:57 . 2008-10-14 21:57	106496	----a-w-	c:\program files\Common Files\CPInstallAction.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08	143360	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-04-07 3405048]
"Ivgvsoft"="c:\users\Theresa\AppData\Local\Ivgvsoft\SecurityNetwork24.dll" [2013-12-10 20480]
"azycfx"="c:\programdata\azycfx.dat" [2013-12-13 197544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-19 61440]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-04-30 1392640]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-04-21 540576]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
backup=c:\windows\pss\FancyStart daemon.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Theresa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
path=c:\users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
backup=c:\windows\pss\MyPC Backup.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Theresa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
path=c:\users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
2008-10-01 06:02	851968	----a-w-	c:\program files\ASUS\Splendid\ACMON.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51	919008	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
2008-04-01 06:09	266240	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-08-16 10:03	47672	----a-w-	c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-08-16 10:03	3054136	----a-w-	c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2008-08-19 17:34	159744	----a-w-	c:\program files\ASUS\ATK Media\DMedia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2008-09-03 00:11	8105984	----a-w-	c:\program files\ASUS\ATKOSD2\ATKOSD2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2011-03-14 17:09	2565520	----a-w-	c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2011-08-04 15:06	1612920	----a-w-	c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52	104936	----a-w-	c:\program files\CyberLink\Power2Go\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownBook]
2013-11-04 14:33	1016527	----a-w-	c:\users\Theresa\AppData\Local\DownBook\DownBook.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 15:24	54840	----a-w-	c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-26 23:22	421160	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-11-15 09:58	20588704	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-11-19 12:36	273528	----a-w-	c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
2009-05-20 05:16	222504	----a-w-	c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
2008-12-04 05:15	218408	----a-w-	c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Updater]
2013-11-21 00:07	481656	----a-w-	c:\programdata\Updater\updater.exe
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - NisDrv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-21 17:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=a90602f2-6145-b132-32f8-05bd19400cf3&searchtype=ds&q={searchTerms}&installDate=10/12/2013
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-12-12 14:17; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\gr0zq2ts.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: !HIDDEN! 2013-09-27 10:18; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: extensions.irspeeddial.aflt - fxntbd
FF - user.js: extensions.irspeeddial.instlRef - 
FF - user.js: extensions.irspeeddial.cr - 813082382
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutDtDtByCtCzz0FzyyEyC0E0E0BtB0FtBtN0D0Tzu0CyBtCtDtN1L2XzutBtFtBtFyBtFtCtBtDtCtN1L1Czu1G2Z1S
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
WebBrowser-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
MSConfigStartUp-ApnTBMon - c:\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
MSConfigStartUp-Browser Infrastructure Helper - c:\users\Theresa\AppData\Local\Smartbar\Application\SnapDo.exe
MSConfigStartUp-BrowserSafeguard - c:\program files\Browsersafeguard\Browsersafeguard.exe
MSConfigStartUp-DisableS3S4 - c:\DisableS3S4.cmd
MSConfigStartUp-MSC - c:\program files\Microsoft Security Client\mssecex.exe
AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe
.
.
.
**************************************************************************
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r??????????????????????????????????????????????? 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(660)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
.
Zeit der Fertigstellung: 2013-12-13  20:03:47
ComboFix-quarantined-files.txt  2013-12-13 19:03
.
Vor Suchlauf: 6 Verzeichnis(se), 71.826.333.696 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 74.482.757.632 Bytes frei
.
- - End Of File - - EFF5420333347AF49CE1640BABC74F3B

--- --- ---
64B1E91C5C6C2157642651010728F90F

Hi,
leider bin ich mit Computern nicht so vertraut, daher sagt mir der Begriff Code- Tags leider nichts. Ich hoffe, Sie können mit meiner Antwort etwas anfangen!

Vielen Dank!

schrauber · 14.12.2013, 07:42

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Internetexplorer öffnet sich von selbst

Plagegeister aller Art und deren Bekämpfung: Internetexplorer öffnet sich von selbst