Firefox öffnet selbständig neuen Tab zu Systweak/Reg cleaner pro

windchill · 10.02.2014, 21:27

Guten Abend,

ich habe leider das im Titel angegebene Problem. Das erste Mal trat es gestern Abend auf. Da ich außer Ebay keine weiteren Seiten geöffnet hatte, war ich stutzig geworden. Vorher hatte ich noch einen vollständigen Suchlauf mit Kaspersky gemacht und nix gefunden. Nach dem Auftreten des Kuriosums habe ich einen vollständigen Suchlauf mit Malwarebytes gemacht und da wurde auch nix gefunden.

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.09.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Michael (Admin) :: SCHLEPPTOPF-PC [Administrator]

09.02.2014 20:46:38
mbam-log-2014-02-09 (20-46-38).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 473580
Laufzeit: 2 Stunde(n), 11 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Heute Abend habe ich noch einen Suchlauf mit FRST gemacht. Hier die Logfiles:

FRST.txt:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014
Ran by Michael (ATTENTION: The logged in user is not administrator) on SCHLEPPTOPF-PC on 10-02-2014 20:11:04
Running from C:\Users\Michael\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Windows\tsnp2uvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\IELowutil.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13605408 2009-02-10] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [92704 2009-02-10] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6265376 2008-07-24] (Realtek Semiconductor)
HKLM\...\Run: [tsnp2uvc] - C:\Windows\tsnp2uvc.exe [233472 2008-08-28] ()
HKLM\...\Run: [COMODO Firewall Pro] - "C:\Program Files\COMODO\Firewall\cfp.exe" -h
HKLM\...\Run: [WPCUMI] - C:\Windows\system32\WpcUmi.exe [176128 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1833504 2008-07-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [F-Secure Hoster (666)] - "C:\Program Files\F-Secure\fshoster32.exe" -app -hosterid:1
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [217088 2009-04-11] (Microsoft Corporation)
HKLM\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKU\.DEFAULT\...\Run: [MsnMsgr] - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [3885408 2009-02-06] (Microsoft Corporation)
HKU\S-1-5-21-399314428-2372084609-4159001784-1003\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-399314428-2372084609-4159001784-1003\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-399314428-2372084609-4159001784-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-399314428-2372084609-4159001784-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-399314428-2372084609-4159001784-1003\...\MountPoints2: {07279b00-a77f-11dd-a0df-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-21-399314428-2372084609-4159001784-1003\...\MountPoints2: {f0acdc93-26fb-11e1-8510-001f1609b82b} - G:\AutoRun.exe
HKU\S-1-5-21-399314428-2372084609-4159001784-1003\...\MountPoints2: {f0acdca5-26fb-11e1-8510-001f1609b82b} - G:\AutoRun.exe
HKU\S-1-5-21-399314428-2372084609-4159001784-1003\...\MountPoints2: {f0acdcaf-26fb-11e1-8510-001f1609b82b} - G:\AutoRun.exe
HKU\S-1-5-21-399314428-2372084609-4159001784-1003\...\MountPoints2: {f0acdcb3-26fb-11e1-8510-001f1609b82b} - G:\AutoRun.exe
Lsa: [Notification Packages] C:\Program Files\EgisTec\VITAKEY\PwdFilter
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office 2010\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: No Name - {53707962-6F74-2D53-2644-206D7942484F} -  No File
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\ye3p2czc.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.gmx.net/
FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MI7967~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MI7967~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\ye3p2czc.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\ye3p2czc.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\ye3p2czc.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash Video Downloader - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\ye3p2czc.default\Extensions\artur.dubovoy@gmail.com [2014-01-25]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\ye3p2czc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-10-06]
FF Extension: NoScript - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\ye3p2czc.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-07-24]
FF Extension: Click to call with Skype - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions:  - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-08]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-08]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-08]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-08]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-08]

========================== Services (Whitelisted) =================

R2 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia)
R2 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [405504 2008-12-09] ()
R2 avp; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528608 2008-04-17] (Cisco Systems, Inc.)
R2 IGBASVC; C:\Program Files\EgisTec\VITAKEY\BASVC.exe [2180392 2008-08-29] ()
R2 iphlpsvc; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [304688 2008-08-04] (EgisTec Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-29] ()
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)

==================== Drivers (Whitelisted) ====================

S3 AVerAF15DMBTH; C:\Windows\System32\Drivers\AVerAF15DMBTH.sys [487168 2009-01-05] (AVerMedia TECHNOLOGIES, Inc.)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306299 2008-04-17] (Cisco Systems, Inc.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26920 2008-08-28] (LTT)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [66856 2008-08-28] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-01-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [574560 2014-01-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [144992 2014-01-12] (Kaspersky Lab ZAO)
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-08-04] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-08-04] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-08-04] (Egis Incorporated.)
S3 PhilCap; C:\Windows\System32\DRIVERS\PhilCap.sys [908896 2007-07-31] (NXP Semiconductors Germany GmbH)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-07-10] ()
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2013-06-08] (Kaspersky Lab ZAO)
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-10 20:11 - 2014-02-10 20:11 - 00017645 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-02-10 20:10 - 2014-02-10 20:11 - 00000000 ____D () C:\FRST
2014-02-10 19:45 - 2014-02-10 19:45 - 01139200 _____ (Farbar) C:\Users\Michael\Desktop\FRST.exe
2014-02-09 20:45 - 2014-02-09 20:45 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Malwarebytes
2014-01-15 11:16 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-15 11:16 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-15 11:16 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-15 11:16 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-15 11:15 - 2014-01-15 11:16 - 00005315 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log

==================== One Month Modified Files and Folders =======

2014-02-10 20:11 - 2014-02-10 20:11 - 00017645 _____ () C:\Users\Michael\Desktop\FRST.txt
2014-02-10 20:11 - 2014-02-10 20:10 - 00000000 ____D () C:\FRST
2014-02-10 20:10 - 2008-08-28 06:26 - 00000438 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
2014-02-10 20:05 - 2012-04-01 18:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-10 20:05 - 2011-05-20 10:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-10 20:05 - 2008-10-31 21:16 - 01830276 _____ () C:\Windows\WindowsUpdate.log
2014-02-10 20:04 - 2006-11-02 11:33 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-10 20:03 - 2008-08-28 05:28 - 00220409 _____ () C:\ProgramData\nvModes.001
2014-02-10 20:03 - 2008-08-28 05:22 - 00220409 _____ () C:\ProgramData\nvModes.dat
2014-02-10 20:02 - 2013-03-30 16:27 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-10 20:02 - 2013-01-26 00:58 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 19:59 - 2006-11-02 13:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-10 19:57 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-10 19:57 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-10 19:57 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-10 19:55 - 2008-08-28 03:21 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-10 19:55 - 2006-11-02 14:01 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-10 19:47 - 2013-01-26 00:58 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 19:45 - 2014-02-10 19:45 - 01139200 _____ (Farbar) C:\Users\Michael\Desktop\FRST.exe
2014-02-09 20:45 - 2014-02-09 20:45 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Malwarebytes
2014-02-09 17:37 - 2008-11-10 14:44 - 00000680 _____ () C:\Users\Michael\AppData\Local\d3d9caps.dat
2014-02-07 22:03 - 2008-11-06 16:39 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Skype
2014-02-04 21:36 - 2010-02-10 21:59 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\vlc
2014-02-04 21:20 - 2008-11-01 23:57 - 00000000 ____D () C:\xx
2014-01-16 08:10 - 2008-08-28 09:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 08:08 - 2013-08-26 02:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 08:05 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-15 11:16 - 2014-01-15 11:15 - 00005315 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-15 11:16 - 2013-06-23 17:39 - 00000000 ____D () C:\Program Files\Java
2014-01-12 22:07 - 2013-10-17 15:47 - 00574560 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-01-12 22:07 - 2013-10-17 15:47 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-01-12 22:07 - 2013-06-06 17:38 - 00144992 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys

Some content of TEMP:
====================
C:\Users\Mama\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Michael\AppData\Local\Temp\AskSLib.dll
C:\Users\Michael\AppData\Local\Temp\autorun.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-02-2014
Ran by Michael at 2014-02-10 20:11:32
Running from C:\Users\Michael\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (Version:  - Microsoft)
7-Zip 9.20 (Version:  - )
Activation Assistant for the 2007 Microsoft Office suites (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 11 (Version: 11 - Adobe Systems, Inc.)
Any Video Converter 5 5.0.4 (Version:  - Any-Video-Converter.com)
AVerMedia A850 USB DMB-TH 1.0.0.26 (Version: 1.0.0.26 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV (Version: 6.0.18 - AVerMedia Technologies, Inc.)
AVerTV (Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden
Bing Bar (Version: 7.0.850.0 - Microsoft Corporation)
CCleaner (Version: 3.22 - Piriform)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco Systems VPN Client 5.0.03.0530 (Version: 5.0.3 - Cisco Systems, Inc.)
Click to Call with Skype (Version: 5.6.8153 - Skype Technologies S.A.)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel MediaOne (Version: 2.00.0000 - Corel Corporation)
CorelDRAW Essential Edition 3 (Version:  - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
CyberLink MediaShow (Version: 4.1.2014 - CyberLink Corp.)
CyberLink MediaShow (Version: 4.1.2014 - CyberLink Corp.) Hidden
CyberLink PhotoNow (Version: 1.1.5203 - CyberLink Corp.)
CyberLink PhotoNow (Version: 1.1.5203 - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 7.0.2014 - CyberLink Corp.)
CyberLink PowerDirector (Version: 7.0.2014 - CyberLink Corp.) Hidden
CyberLink PowerProducer (Version: 5.0815 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0815 - CyberLink Corp.) Hidden
CyberLink YouCam (Version: 2.0.1916 - CyberLink Corp.)
CyberLink YouCam (Version: 2.0.1916 - CyberLink Corp.) Hidden
DE (Version: 3.0 - Corel Corporation) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version:  - Microsoft)
e-Wörterbücher (Version:  - )
FILEminimizer Pictures (Version:  - balesio AG)
Foxlink Webcam (Version: 5.8.48000.201_WHQL - Sonix)
Freeciv 2.1.9 (GTK+ client) (Version:  - )
Garmin BaseCamp (Version: 3.2.2 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Google Earth Plug-in (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
ICQ6.5 (Version: 6.5 - ICQ)
ICQ7.5 (HKCU Version: 7.5 - ICQ)
Java 7 Update 51 (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Letstrade (Version: 1.00.0000 - Buhl Data Service)
LetsTrade Komponenten (Version:  - )
MakeDisc (Version: 3.0.2601 - CyberLink Corp.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Fix it Center (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
Mozilla Thunderbird (3.1.7) (Version: 3.1.7 (de) - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker 3 (Version: 3.1.20.0 - EgisTec)
Nero 8 Essentials (Version: 8.3.124 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
NVIDIA Drivers (Version: 1.4 - NVIDIA Corporation)
OpenOffice.org 3.0 (Version: 3.0.9358 - OpenOffice.org)
PowerDVD (Version: 7.0.3118.0 - PowerDVDCorp.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (Version: 6.0.1.5672 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
Sceneo AbsolutTV (Version:  - )
Schiff-Simulator 2008 (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 5.10 (Version: 5.10.116 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
TVsweeper 3 (Version: 3.0.3 - Sonavis)
Update for 2007 Microsoft Office System (KB967642) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (Version:  - Microsoft)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VITAKEY (Version: 6.0.1.41 - EgisTec)
VITAKEY (Version: 6.0.1.41 - EgisTec) Hidden
VLC media player 1.0.5 (Version: 1.0.5 - VideoLAN Team)
waterMark V2 (Version:  - )
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live ID-Anmelde-Assistent (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Movie Maker-Betaversion (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (Version: 14.0.8014.1029 - Microsoft Corporation)
WISO Mein Geld 2008 Professional (Version: 9.00.01.0023 - Buhl Data Service GmbH)
X10 Hardware(TM) (Version:  - )
Youtube Downloader HD v. 2.6 (Version:  - YoutubeDownloaderHD.com)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2006-11-02 11:23 - 2012-10-04 22:01 - 00444414 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	123topsearch.com
127.0.0.1	www.123topsearch.com
127.0.0.1	132.com
127.0.0.1	www.132.com
127.0.0.1	www.136136.net
127.0.0.1	136136.net
127.0.0.1	163ns.com
127.0.0.1	www.163ns.com
127.0.0.1	171203.com
127.0.0.1	17-plus.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job => ?

==================== Loaded Modules (whitelisted) =============

2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2008-08-28 10:58 - 2008-08-28 14:03 - 00233472 _____ () C:\Windows\tsnp2uvc.exe

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Systemfehler 5 aufgetreten.

Zugriff verweigert


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 3065.96 MB
Available physical RAM: 1861.71 MB
Total Pagefile: 6332.89 MB
Available Pagefile: 4998.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.45 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:278.32 GB) (Free:62.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVER) (Fixed) (Total:19.76 GB) (Free:7.11 GB) FAT32

==================== MBR & Partition Table ==================

==================== End Of Log ============================

Vielen Dank schonmal im Voraus

Firefox öffnet selbständig neuen Tab zu Systweak/Reg cleaner pro

Plagegeister aller Art und deren Bekämpfung: Firefox öffnet selbständig neuen Tab zu Systweak/Reg cleaner pro

Firefox öffnet selbständig neuen Tab zu Systweak/Reg cleaner pro

Ähnliche Themen: Firefox öffnet selbständig neuen Tab zu Systweak/Reg cleaner pro