Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Win7 (x64) 'Registry Helper' etc . infiziert

Win7 (x64) 'Registry Helper' etc . infiziert


Plagegeister aller Art und deren Bekämpfung: Win7 (x64) 'Registry Helper' etc . infiziert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.03.2014, 09:23   #1
Manu3l
 
Win7 (x64) 'Registry Helper' etc . infiziert - Standard

Win7 (x64) 'Registry Helper' etc . infiziert


Hallo Zusammen,

vor vier Tagen habe ich mir ein Texterkennungsprogramm über chip.de runtergeladen. Leider waren die drei o.g. Programme auch dabei. Ich war dummerweise unaufmerksam und nun habe ich den Salat. Es tauchen u.a. doppelt unterstrichene Wörter im Browser auf, ein kleines Fenster nach dem Start meint, es gäbe 268 Funde für Malware und Firefox öffnet immer snapdo in neuen Tabs.

Bisher habe ich folgendes unternommen: Virescan mit Avira Antivir keinen Fund. Nachdem ich auf dieses Forum getroffen bin, habe ich FRST drüber laufen lassen.

Leider hab ich keine Logfiles vom Virenscannerscan.

Es wäre super, wenn ihr mir helfen könntet meinen Rechner davon zu bereinigen. Danke schon mal im Vorraus!


Hier die logfiles:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Frida (administrator) on GERD on 21-03-2014 09:11:51
Running from C:\Users\Frida\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(brother Industries Ltd) C:\Windows\SysWOW64\brsvc01a.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(brother Industries Ltd) C:\Windows\SysWOW64\brss01a.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SafeApp Software, LLC) C:\Program Files (x86)\Computer Updater\ComputerUp-daterService.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
() C:\Program Files (x86)\LPT\srpts.exe
(SafeApp Software, LLC) C:\Program Files (x86)\Registry Helper\RegistryHelperService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\V-bates\ExtensionUpdaterService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
() C:\Program Files (x86)\LPT\srptm.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Activeris) C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Dropbox, Inc.) C:\Users\Frida\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(SafeApp Software, LLC) C:\Program Files (x86)\Computer Updater\ComputerUp-dater.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Lenovo Group Limited) c:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [TPHOTKEY] - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [69568 2009-12-21] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2009-12-11] (Lenovo.)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [508472 2009-10-28] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-07-16] ()
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [36864 2009-10-13] ()
HKLM\...\Run: [cssauth] - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [5879608 2009-08-26] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Message Center Plus] - C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [49976 2009-05-27] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Computer Updater] - C:\Program Files (x86)\Computer Updater\ComputerUp-dater.Exe [3483992 2014-01-26] (SafeApp Software, LLC)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3555803482-773397576-744118989-1003\...\Run: [Browser Infrastructure Helper] - C:\Users\Frida\AppData\Local\Smartbar\Application\SnapDo.exe [27680 2014-03-02] (Smartbar)
HKU\S-1-5-21-3555803482-773397576-744118989-1003\...\MountPoints2: {c854fa97-aeda-11df-8356-78dd08b459fd} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3555803482-773397576-744118989-1003\...\MountPoints2: {f47ad795-64ac-11df-ad90-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli ACGina
Startup: C:\Users\Frida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Frida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Frida\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Frida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT42zm_0PKUNlGehSL1rm7hs7wRcbgJ_Xy_vnyk_RqyHVMf7gnrBMBQrQRX-CrfTYFlFDKiT3xhDft_KFO5bzPgzPrEi5uRHMwWico8GwVNqHoGf87wJCDRdMOfH0CGA,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT42zm_0PKUNlGehSL1rm7hs7wRcbgJ_Xy_vnyk_RqyHVMf7gnrBMBQrQRX-CrfTYFmJIEAlT5ofs1XLgVMr5rgtdYVom0s9QoGWhvJ_z7_y2S8EtEJbU1nQce1T-vWg,,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT42zm_0PKUNlGehSL1rm7hs7wRcbgJ_Xy_vnyk_RqyHVMf7gnrBMBQrQRX-CrfTYFlFDKiT3xhDft_KFO5bzPgzPrEi5uRHMwWico8GwVNqHoGf87wJCDRdMOfH0CGA,,&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT42zm_0PKUNlGehSL1rm7hs7wRcbgJ_Xy_vnyk_RqyHVMf7gnrBMBQrQRX-CrfTYFlFDKiT3xhDft_KFO5bzPgzPrEi5uRHMwWico8GwVNqHoGf87wJCDRdMOfH0CGA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT42zm_0PKUNlGehSL1rm7hs7wRcbgJ_Xy_vnyk_RqyHVMf7gnrBMBQrQRX-CrfTYFlFDKiT3xhDft_KFO5bzPgzPrEi5uRHMwWico8GwVNqHoGf87wJCDRdMOfH0CGA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT42zm_0PKUNlGehSL1rm7hs7wRcbgJ_Xy_vnyk_RqyHVMf7gnrBMBQrQRX-CrfTYFlFDKiT3xhDft_KFO5bzPgzPrEi5uRHMwWico8GwVNqHoGf87wJCDRdMOfH0CGA,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT42zm_0PKUNlGehSL1rm7hs7wRcbgJ_Xy_vnyk_RqyHVMf7gnrBMBQrQRX-CrfTYFlFDKiT3xhDft_KFO5bzPgzPrEi5uRHMwWico8GwVNqHoGf87wJCDRdMOfH0CGA,,&q={searchTerms}
BHO: V-bates - {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} - C:\Program Files\V-bates\Extension64.dll ()
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: V-bates - {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} - C:\Program Files\V-bates\Extension32.dll ()
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ssl.cms.hu-berlin.de/dana-cached/sc/JuniperSetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Frida\AppData\Roaming\Mozilla\Firefox\Profiles\10ly96bs.default-1391872834982
FF NewTab: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT42zm_0PKUNlGehSL1rm7hs7wRcbgJ_Xy_vnyk_RqyHVMf7gnrBMBQrQRX-CrfTYFnoealWh_nTCd2c4h3K7CkiQqZKF_djniKQFNJy8ucspcn2wvnRtjGq94pkbPXg,,
FF Homepage: about:home
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT42zm_0PKUNlGehSL1rm7hs7wRcbgJ_Xy_vnyk_RqyHVMf7gnrBMBQrQRX-CrfTYFlFDKiT3xhDft_KFO5bzPgzPrEi5uRHMwWico8GwVNqHoGf87wJCDRdMOfH0CGA,,&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Frida\AppData\Roaming\Mozilla\Firefox\Profiles\10ly96bs.default-1391872834982\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Frida\AppData\Roaming\Mozilla\Firefox\Profiles\10ly96bs.default-1391872834982\Extensions\ich@maltegoetz.de [2014-02-08]
FF Extension: Adblock Plus - C:\Users\Frida\AppData\Roaming\Mozilla\Firefox\Profiles\10ly96bs.default-1391872834982\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-08]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: V-bates - C:\Program Files\V-bates\Firefox [2014-03-17]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011-02-17]
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: V-bates - C:\Program Files\V-bates\Firefox [2014-03-17]

Chrome: 
=======
CHR HomePage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT42zm_0PKUNlGehSL1rm7hs7wRcbgJ_Xy_vnyk_RqyHVMf7gnrBMBQrQRX-CrfTYFmJIEAlT5ofs1XLgVMr5rgtdYVom0s9QoGWhvJ_z7_y2S8EtEJbU1nQce1T-vWg,,
CHR Extension: (AdBlock) - C:\Users\Frida\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-05-11]
CHR Extension: (V-bates) - C:\Users\Frida\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-03-17]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Frida\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-02-10] (Adobe Systems)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)
R2 ComputerUpdater Service; C:\Program Files (x86)\Computer Updater\ComputerUp-daterService.exe [88424 2014-01-26] (SafeApp Software, LLC)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [35872 2014-03-02] ()
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation)
R2 Registry Helper Service; C:\Program Files (x86)\Registry Helper\RegistryHelperService.exe [84328 2014-01-26] (SafeApp Software, LLC)
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-28] (Lenovo Group Limited)
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1474560 2009-09-04] (Lenovo Group Limited)
R2 V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [209408 2014-02-26] ()
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [631360 2009-11-04] (DiBcom SA)
S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [23744 2009-11-04] (DiBcom S.A.)
R3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225792 2009-09-30] (Realtek Semiconductor Corp.)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [13104 2010-05-12] ()
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [205952 2009-11-23] (SMI)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-21 09:11 - 2014-03-21 09:14 - 00021095 _____ () C:\Users\Frida\Desktop\FRST.txt
2014-03-21 09:11 - 2014-03-21 09:11 - 00000000 ____D () C:\FRST
2014-03-21 09:08 - 2014-03-21 09:08 - 02157056 _____ (Farbar) C:\Users\Frida\Desktop\FRST64.exe
2014-03-19 19:11 - 2014-03-21 08:54 - 00003106 _____ () C:\Windows\System32\Tasks\Activeris AntiMalware_startup
2014-03-19 16:55 - 2014-03-21 08:54 - 00000000 ____D () C:\ProgramData\Computer Updater
2014-03-18 22:57 - 2014-03-18 22:57 - 00000000 ____D () C:\Users\Frida\Downloads\rectify-first-season_english-720396
2014-03-18 22:54 - 2014-03-18 22:54 - 00017288 _____ () C:\Users\Frida\Downloads\rectify-first-season_english-720396(1).zip
2014-03-18 22:53 - 2014-03-18 22:53 - 00017288 _____ () C:\Users\Frida\Downloads\rectify-first-season_english-720396.zip
2014-03-18 22:21 - 2014-03-18 22:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 20:04 - 2014-03-18 20:05 - 01398290 _____ () C:\Users\Frida\Desktop\bookmarks.html
2014-03-18 19:12 - 2014-03-18 19:12 - 00000000 ____D () C:\Users\Frida\Downloads\rectify-first-season_english-720395
2014-03-18 19:11 - 2014-03-18 19:11 - 00019220 _____ () C:\Users\Frida\Downloads\rectify-first-season_english-720395.zip
2014-03-18 18:58 - 2014-03-18 18:59 - 103403280 _____ (Microsoft Corporation) C:\Users\Frida\Downloads\msert.exe
2014-03-18 18:49 - 2014-03-18 18:49 - 00001074 _____ () C:\Users\Public\Desktop\Computer Updater.lnk
2014-03-18 18:48 - 2014-03-18 18:49 - 00000000 ____D () C:\Program Files (x86)\Computer Updater
2014-03-18 18:46 - 2014-03-18 18:47 - 00000000 ____D () C:\Program Files (x86)\Registry Helper
2014-03-18 18:45 - 2014-03-18 18:45 - 06999200 _____ () C:\Users\Frida\Downloads\registryhelpersetup.exe
2014-03-18 18:33 - 2014-03-18 18:37 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-03-18 18:32 - 2014-03-18 18:33 - 00000000 ____D () C:\Users\Frida\AppData\Local\Smartbar
2014-03-18 18:32 - 2014-03-18 18:32 - 00000000 ____D () C:\Users\Frida\AppData\Local\LPT
2014-03-18 18:31 - 2014-03-18 18:31 - 00001169 _____ () C:\Users\Public\Desktop\Activeris AntiMalware.lnk
2014-03-18 18:31 - 2014-03-18 18:31 - 00000000 ____D () C:\Users\Frida\AppData\Roaming\Activeris
2014-03-18 18:31 - 2014-03-18 18:31 - 00000000 ____D () C:\ProgramData\Activeris
2014-03-18 18:31 - 2014-03-18 18:31 - 00000000 ____D () C:\Program Files (x86)\Activeris AntiMalware
2014-03-18 18:31 - 2012-09-26 19:03 - 00020480 _____ () C:\Windows\system32\acrisnative64.exe
2014-03-18 18:28 - 2014-03-18 18:29 - 00414625 _____ ( ) C:\Users\Frida\Downloads\freeocr422.exe
2014-03-18 18:16 - 2014-03-21 08:50 - 00000448 _____ () C:\Windows\setupact.log
2014-03-18 18:16 - 2014-03-18 18:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-18 18:14 - 2014-03-18 18:14 - 00017218 _____ () C:\Users\Frida\Desktop\cc_20140318_181403.reg
2014-03-17 14:50 - 2014-03-17 15:08 - 1062844809 _____ () C:\Users\Frida\Downloads\rectify.s01e03.720p.hdtv.x264-2hd.mkv
2014-03-17 12:56 - 2014-03-17 13:01 - 298367700 _____ () C:\Users\Frida\Downloads\rectify.s01e02.hdtv.x264-2hd.mp4
2014-03-17 11:16 - 2014-03-17 11:16 - 00000000 ____D () C:\Users\Frida\AppData\Local\FreeOCR
2014-03-17 11:06 - 2014-03-17 11:12 - 00000000 ____D () C:\FreeOCR
2014-03-17 11:06 - 2007-03-10 09:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx
2014-03-17 11:04 - 2014-03-17 11:04 - 00000000 ____D () C:\Program Files\V-bates
2014-03-16 23:55 - 2014-03-17 01:09 - 1328038204 _____ () C:\Users\Frida\Downloads\rectify.s01e01.720p.hdtv.x264-2hd.mkv
2014-03-16 19:36 - 2014-03-16 19:36 - 00037001 _____ () C:\Users\Frida\Downloads\buffalo-66_english-269976.zip
2014-03-16 19:36 - 2004-08-09 02:11 - 731179008 _____ () C:\Users\Frida\Desktop\buffalo 66.avi
2014-03-16 12:01 - 2014-03-16 12:13 - 1060245093 _____ () C:\Users\Frida\Downloads\arte-live berlin sophie hunger.mp4
2014-03-09 19:01 - 2014-03-10 19:44 - 01339392 _____ () C:\Users\Frida\Desktop\gastkommentra.indd
2014-03-07 12:53 - 2014-03-07 12:53 - 00000000 ____D () C:\Program Files\One click FLAC to MP3 Converter
2014-03-07 12:53 - 2014-03-07 12:53 - 00000000 ____D () C:\Program Files (x86)\One-click FLAC to MP3 Converter
2014-03-03 21:11 - 2014-03-03 21:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-02 17:36 - 2014-03-02 17:36 - 00000000 ____D () C:\Users\Frida\AppData\Roaming\Remote Control Server
2014-03-02 17:13 - 2014-03-02 17:13 - 05205504 _____ (Steppschuh) C:\Users\Frida\Downloads\RemoteControlServer.exe
2014-02-23 17:35 - 2014-03-03 12:38 - 00000000 ____D () C:\Users\Frida\Desktop\kud

==================== One Month Modified Files and Folders =======

2014-03-21 09:14 - 2014-03-21 09:11 - 00021095 _____ () C:\Users\Frida\Desktop\FRST.txt
2014-03-21 09:11 - 2014-03-21 09:11 - 00000000 ____D () C:\FRST
2014-03-21 09:09 - 2011-07-09 11:56 - 00000000 ___RD () C:\Users\Frida\Dropbox
2014-03-21 09:09 - 2011-07-09 11:50 - 00000000 ____D () C:\Users\Frida\AppData\Roaming\Dropbox
2014-03-21 09:08 - 2014-03-21 09:08 - 02157056 _____ (Farbar) C:\Users\Frida\Desktop\FRST64.exe
2014-03-21 09:08 - 2010-08-03 10:44 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D54DD03E-3945-4937-9347-752F8D557CFB}
2014-03-21 09:06 - 2010-10-14 16:48 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-21 09:03 - 2011-05-18 19:27 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-03-21 08:59 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-21 08:59 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-21 08:54 - 2014-03-19 19:11 - 00003106 _____ () C:\Windows\System32\Tasks\Activeris AntiMalware_startup
2014-03-21 08:54 - 2014-03-19 16:55 - 00000000 ____D () C:\ProgramData\Computer Updater
2014-03-21 08:53 - 2010-10-14 16:48 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-21 08:50 - 2014-03-18 18:16 - 00000448 _____ () C:\Windows\setupact.log
2014-03-21 08:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-20 02:50 - 2010-05-21 08:50 - 01991796 _____ () C:\Windows\WindowsUpdate.log
2014-03-20 02:26 - 2013-10-05 10:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-19 17:15 - 2011-05-18 19:27 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-03-19 17:14 - 2011-05-18 19:27 - 00003484 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-03-19 16:51 - 2012-04-26 07:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 22:57 - 2014-03-18 22:57 - 00000000 ____D () C:\Users\Frida\Downloads\rectify-first-season_english-720396
2014-03-18 22:54 - 2014-03-18 22:54 - 00017288 _____ () C:\Users\Frida\Downloads\rectify-first-season_english-720396(1).zip
2014-03-18 22:53 - 2014-03-18 22:53 - 00017288 _____ () C:\Users\Frida\Downloads\rectify-first-season_english-720396.zip
2014-03-18 22:21 - 2014-03-18 22:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 20:35 - 2010-08-03 22:57 - 00000000 ____D () C:\Users\Frida\AppData\Roaming\vlc
2014-03-18 20:05 - 2014-03-18 20:04 - 01398290 _____ () C:\Users\Frida\Desktop\bookmarks.html
2014-03-18 19:12 - 2014-03-18 19:12 - 00000000 ____D () C:\Users\Frida\Downloads\rectify-first-season_english-720395
2014-03-18 19:11 - 2014-03-18 19:11 - 00019220 _____ () C:\Users\Frida\Downloads\rectify-first-season_english-720395.zip
2014-03-18 18:59 - 2014-03-18 18:58 - 103403280 _____ (Microsoft Corporation) C:\Users\Frida\Downloads\msert.exe
2014-03-18 18:49 - 2014-03-18 18:49 - 00001074 _____ () C:\Users\Public\Desktop\Computer Updater.lnk
2014-03-18 18:49 - 2014-03-18 18:48 - 00000000 ____D () C:\Program Files (x86)\Computer Updater
2014-03-18 18:47 - 2014-03-18 18:46 - 00000000 ____D () C:\Program Files (x86)\Registry Helper
2014-03-18 18:45 - 2014-03-18 18:45 - 06999200 _____ () C:\Users\Frida\Downloads\registryhelpersetup.exe
2014-03-18 18:37 - 2014-03-18 18:33 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-03-18 18:33 - 2014-03-18 18:32 - 00000000 ____D () C:\Users\Frida\AppData\Local\Smartbar
2014-03-18 18:32 - 2014-03-18 18:32 - 00000000 ____D () C:\Users\Frida\AppData\Local\LPT
2014-03-18 18:31 - 2014-03-18 18:31 - 00001169 _____ () C:\Users\Public\Desktop\Activeris AntiMalware.lnk
2014-03-18 18:31 - 2014-03-18 18:31 - 00000000 ____D () C:\Users\Frida\AppData\Roaming\Activeris
2014-03-18 18:31 - 2014-03-18 18:31 - 00000000 ____D () C:\ProgramData\Activeris
2014-03-18 18:31 - 2014-03-18 18:31 - 00000000 ____D () C:\Program Files (x86)\Activeris AntiMalware
2014-03-18 18:29 - 2014-03-18 18:28 - 00414625 _____ ( ) C:\Users\Frida\Downloads\freeocr422.exe
2014-03-18 18:16 - 2014-03-18 18:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-18 18:14 - 2014-03-18 18:14 - 00017218 _____ () C:\Users\Frida\Desktop\cc_20140318_181403.reg
2014-03-18 18:10 - 2010-08-23 13:27 - 00000000 ____D () C:\Windows\Minidump
2014-03-17 15:08 - 2014-03-17 14:50 - 1062844809 _____ () C:\Users\Frida\Downloads\rectify.s01e03.720p.hdtv.x264-2hd.mkv
2014-03-17 13:01 - 2014-03-17 12:56 - 298367700 _____ () C:\Users\Frida\Downloads\rectify.s01e02.hdtv.x264-2hd.mp4
2014-03-17 11:16 - 2014-03-17 11:16 - 00000000 ____D () C:\Users\Frida\AppData\Local\FreeOCR
2014-03-17 11:12 - 2014-03-17 11:06 - 00000000 ____D () C:\FreeOCR
2014-03-17 11:04 - 2014-03-17 11:04 - 00000000 ____D () C:\Program Files\V-bates
2014-03-17 01:09 - 2014-03-16 23:55 - 1328038204 _____ () C:\Users\Frida\Downloads\rectify.s01e01.720p.hdtv.x264-2hd.mkv
2014-03-17 01:08 - 2010-12-06 19:54 - 00000000 ____D () C:\Users\Frida\AppData\Roaming\Skype
2014-03-16 19:36 - 2014-03-16 19:36 - 00037001 _____ () C:\Users\Frida\Downloads\buffalo-66_english-269976.zip
2014-03-16 19:17 - 2010-05-21 18:36 - 00753340 _____ () C:\Windows\system32\perfh007.dat
2014-03-16 19:17 - 2010-05-21 18:36 - 00171160 _____ () C:\Windows\system32\perfc007.dat
2014-03-16 19:17 - 2009-07-14 06:13 - 01758600 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-16 18:35 - 2013-10-04 13:55 - 00000000 ____D () C:\Users\Frida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-03-16 12:13 - 2014-03-16 12:01 - 1060245093 _____ () C:\Users\Frida\Downloads\arte-live berlin sophie hunger.mp4
2014-03-15 14:39 - 2013-04-01 19:49 - 00000000 ____D () C:\Users\Frida\Documents\Teaser Produktion
2014-03-12 19:26 - 2013-10-05 10:47 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 19:26 - 2012-06-11 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 19:26 - 2011-05-24 17:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 19:44 - 2014-03-09 19:01 - 01339392 _____ () C:\Users\Frida\Desktop\gastkommentra.indd
2014-03-10 12:03 - 2010-12-03 12:21 - 00000000 ____D () C:\Users\Frida\Documents\Schriften
2014-03-10 11:46 - 2014-02-10 11:17 - 00000000 ____D () C:\Users\Frida\Desktop\cs2
2014-03-10 10:59 - 2009-07-14 05:45 - 05100936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-09 17:08 - 2010-08-03 09:09 - 00128080 _____ () C:\Users\Frida\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-07 12:53 - 2014-03-07 12:53 - 00000000 ____D () C:\Program Files\One click FLAC to MP3 Converter
2014-03-07 12:53 - 2014-03-07 12:53 - 00000000 ____D () C:\Program Files (x86)\One-click FLAC to MP3 Converter
2014-03-05 20:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-03 23:25 - 2014-01-26 19:06 - 00000000 ____D () C:\Users\Frida\Desktop\Neuer Ordner
2014-03-03 21:14 - 2014-03-03 21:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-03 12:38 - 2014-02-23 17:35 - 00000000 ____D () C:\Users\Frida\Desktop\kud
2014-03-02 17:36 - 2014-03-02 17:36 - 00000000 ____D () C:\Users\Frida\AppData\Roaming\Remote Control Server
2014-03-02 17:31 - 2010-05-21 09:40 - 01736622 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-02 17:13 - 2014-03-02 17:13 - 05205504 _____ (Steppschuh) C:\Users\Frida\Downloads\RemoteControlServer.exe
2014-02-27 21:05 - 2011-05-18 19:27 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-02-26 21:47 - 2011-05-18 19:27 - 00004224 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-02-25 19:24 - 2011-02-17 13:38 - 00000000 ____D () C:\Users\Frida\Documents\Citavi 3
2014-02-24 18:11 - 2010-12-25 16:33 - 00000000 ____D () C:\Users\Frida\AppData\Local\FreePDF_XP
2014-02-24 11:21 - 2010-08-03 11:21 - 00000000 ____D () C:\Users\Frida\Documents\UNI
2014-02-23 13:08 - 2013-10-27 12:06 - 00000000 ____D () C:\Users\Frida\Documents\Projekt CANADA
2014-02-19 17:01 - 2010-10-14 16:48 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-19 17:01 - 2010-10-14 16:48 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Frida\AppData\Local\Temp\avgnt.exe
C:\Users\Frida\AppData\Local\Temp\ComputerUpdaterSetupCB_1_0_5.exe
C:\Users\Frida\AppData\Local\Temp\DiskCleanerSetupCB_2_1_0.exe
C:\Users\Frida\AppData\Local\Temp\~SpUnin~.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 01:41

==================== End Of Log ============================
--- --- ---



Hier noch die Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Frida at 2014-03-21 09:15:25
Running from C:\Users\Frida\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Registry Patch to arrange icons in Device and Printers folder of Windows 7 (HKLM\...\W7DevOR) (Version: 1.00 - )
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6425.1000 - Microsoft Corporation)
7-Zip 4.65 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0465-000001000000}) (Version: 4.65.00.0 - Igor Pavlov)
Access Help (HKLM-x32\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 3.00 - Lenovo)
Activeris AntiMalware (HKLM-x32\...\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1) (Version: 1.0.0.1 - Activeris)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe InDesign CS2 (x32 Version: 004.000.000 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.10.00 - )
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-115C (HKLM-x32\...\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Business Contact Manager für Outlook 2007 SP1 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.7311.0 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP1 (x32 Version: 3.0.7311.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
Cinergy HT USB XE V3.12.00.00a (HKLM-x32\...\Cinergy HT USB XE) (Version: 3.12.00.00a - )
Citavi (HKLM-x32\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.0.3.0 - Swiss Academic Software)
Client Security - Password Manager (HKLM\...\{3FD730D4-755F-439B-8082-B55E00924A44}) (Version: 8.30.0023.00 - Lenovo Group Limited)
Computer Updater  (HKLM-x32\...\Computer Updater) (Version:  - SafeApp Software, LLC)
Conexant 20582 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.18.61 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
f4 2012 (HKLM-x32\...\f42012) (Version:  - audiotranskription.de)
FreeOCR v4.2 (HKLM-x32\...\freeocr_is1) (Version:  - )
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript 9.00 (HKLM-x32\...\GPL Ghostscript 9.00) (Version:  - )
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Integrated Camera (HKLM\...\Integrated Camera) (Version: 5.50.2.5 - Silicon Motion)
Integrated Camera (HKLM-x32\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 5.50.2.5 - Silicon Motion)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1872 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JOSM (HKCU\...\JOSM) (Version:  - OpenStreetMap)
Juniper Networks Network Connect 6.4.0 (HKLM-x32\...\Juniper Network Connect 6.4.0) (Version: 6.4.0.16245 - Juniper Networks)
Juniper Networks Network Connect 7.1.0 (HKLM-x32\...\Juniper Network Connect 7.1.0) (Version: 7.1.0.19243 - Juniper Networks)
Juniper Networks Network Connect 7.1.14 (HKLM-x32\...\Juniper Network Connect 7.1.14) (Version: 7.1.14.23943 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.0.0.3 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.10.21853 - Juniper Networks, Inc.)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.03.13 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.02 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0004.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.0.023.0 - Lenovo)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
MAXQDA 10 (R250212) (HKLM-x32\...\MAXQDA10) (Version: (R250212) - VERBI Software.Consult.Sozialforschung GmbH)
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Research AutoCollage Touch 2009 (HKLM-x32\...\{1F8DA253-3C27-4B01-A63A-BA3533120833}) (Version: 2.00.2009 - Microsoft Research)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (x32 Version: 9.3.4035.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{F90F5A11-53E6-4045-ACB1-BC03D71FB06C}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{F68310EC-B615-4044-B7D7-1A6349758D42}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mobile Broadband Connect (HKLM-x32\...\{9202762E-4B4C-48C9-A6CC-C27F9F85190A}) (Version: 3.5.0010 - Lenovo)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
One-click FLAC to MP3 Converter (HKLM-x32\...\{C438FF68-F2F2-4322-A8C4-A66721795B73}) (Version: 4.3.0 - Streamware Development)
One-click FLAC to MP3 Converter (x64 add-on) (HKLM\...\{64DFC00F-2502-41AE-8E92-B6E7F10F9A62}) (Version: 4.3.0 - Streamware Development)
OpenOffice.org 3.2 (HKLM-x32\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
PDF Editor 3 (HKLM-x32\...\PDF Editor 3) (Version:  - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.199.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Quantum GIS Wroclaw 1.7.2 Wroclaw (HKLM-x32\...\Quantum GIS Wroclaw) (Version: 1.7.2-r67330-1 - QGIS Development Team)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30106 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Registry Helper  (HKLM-x32\...\Registry Helper) (Version:  - SafeApp Software, LLC) <==== ATTENTION
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Rescue and Recovery (HKLM-x32\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0025.00 - Lenovo Group Limited)
Scribus 1.4.2 (HKLM-x32\...\Scribus 1.4.2) (Version: 1.4.2 - The Scribus Team)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
Skype™ 5.3 (HKLM-x32\...\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}) (Version: 5.3.120 - Skype Technologies S.A.)
Snap.Do (HKLM-x32\...\{A4ED8988-A037-462D-A646-CD3304087062}) (Version: 10.211.1.15575 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKCU\...\{9d6c3db8-56b6-46ea-9c3a-6e294188105c}) (Version: 10.211.1.15575 - ReSoft Ltd.) <==== ATTENTION
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0032 - Lenovo)
TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.15.11 - )
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.25 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.61 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.71 - Lenovo)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.4035.00 - Microsoft Corporation)
V-bates 2.0.0.438 (HKLM\...\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1) (Version: 2.0.0.438 - Wajamu) <==== ATTENTION
Verizon Wireless Mobile Broadband Self Activation (HKLM-x32\...\{C64A877E-DF8D-4017-AA82-000A77C6D809}) (Version: 3.1.4 - Smith Micro Software, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (09/11/2009 6.2.0.9407) (HKLM\...\3932CA781A7894D20116FDF60F878301800EA8AB) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Intel hdc  (06/04/2009 7.0.0.1013) (HKLM\...\1AE98C75AE2DD1284F66876FA76F46BFDF6B9D31) (Version: 06/04/2009 7.0.0.1013 - Intel)
Windows-Treiberpaket - Intel System  (06/04/2009 1.0.0.0002) (HKLM\...\E7B58217635B8F723D4744A328A4B3237DB35FA9) (Version: 06/04/2009 1.0.0.0002 - Intel)
Windows-Treiberpaket - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4) (HKLM\...\114EB224AD576F278686036AA9E1EFB7847E3935) (Version: 11/18/2009 1.60.0.4 - Lenovo)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Restore Points  =========================

20-03-2014 00:49:41 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-11-01 12:19 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {12561A61-99D8-4CF9-8720-CE38A4A114DB} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {361DAC20-0700-4C84-BC36-EEEBBB7AF7A4} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {72EC84DC-7D2E-45A7-B0A2-E4F0B60C3BCB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {732917FE-E3A6-46B7-AEE2-CFCD4109FEAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14] (Google Inc.)
Task: {828947B6-AA68-4789-8059-E82F6CE67BAA} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {87FD1FA0-F5C5-4489-95F8-028DE97E6B54} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {880F4307-7766-40FD-820E-1661E8406B32} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {8D30982F-053B-4F8B-9CA1-A7B90FD1633C} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {AEB8969C-3B13-4489-8CDE-9B66EA576418} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14] (Google Inc.)
Task: {B427BDCA-209C-4973-B17F-C9F2CE2D7D83} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E33C4698-A2B4-465F-A42C-780D8AC2CFA2} - System32\Tasks\{02307617-CFBF-49E9-87F0-E0E78B3F036F} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124/en/abandoninstall?page=tsPlugin&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {FFBF2014-62AC-44ED-98CE-6DE708FD12BE} - System32\Tasks\Activeris AntiMalware_startup => C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe [2014-01-23] (Activeris)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Loaded Modules (whitelisted) =============

2010-03-05 08:21 - 2010-03-05 08:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-10-25 22:35 - 2010-06-17 20:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00035872 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-03-17 11:04 - 2014-02-26 15:31 - 00209408 _____ () C:\Program Files\V-bates\ExtensionUpdaterService.exe
2014-03-02 14:11 - 2014-03-02 14:11 - 00023072 _____ () C:\Program Files (x86)\LPT\srptm.exe
2010-05-21 09:03 - 2010-05-12 02:25 - 00047616 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2009-05-27 21:09 - 2009-05-27 21:09 - 00049976 _____ () C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
2013-03-31 11:33 - 2013-03-31 11:29 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-03-01 10:13 - 2010-03-01 10:13 - 00020480 _____ () C:\Program Files (x86)\Lenovo\Access Connections\ACNewBiosHelper.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00072224 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00023072 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00056352 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00060960 _____ () C:\Program Files (x86)\LPT\sppsm.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00154656 _____ () C:\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00026656 _____ () C:\Program Files (x86)\LPT\Smartbar.Personalization.Common.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00165408 _____ () C:\Program Files (x86)\LPT\Smartbar.Infrastructure.Utilities.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00043552 _____ () C:\Program Files (x86)\LPT\srbu.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00024608 _____ () C:\Program Files (x86)\LPT\srpdm.dll
2014-03-02 14:11 - 2014-03-02 14:11 - 00036896 _____ () C:\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-03-18 18:31 - 2012-09-26 15:31 - 00886272 _____ () C:\Program Files (x86)\Activeris AntiMalware\System.Data.SQLite.dll
2014-03-18 18:31 - 2014-01-23 19:04 - 01718264 _____ () C:\Program Files (x86)\Activeris AntiMalware\acrissys.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Frida\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-18 22:21 - 2014-03-18 22:21 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Frida\Desktop\buffalo 66.avi:AFP_Resource

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files (x86)\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/21/2014 09:03:14 AM) (Source: PC-Doctor) (User: )
Description: (4740) Asapi: (09:03:14:5640)(4740) libTonopahClient.DownloadManager - Error -- 135 HttpException : Http send request failed: getSystemErrormsg: FormatMessage(12007) failed with error: 317

Error: (03/21/2014 08:50:55 AM) (Source: Registry Helper Service) (User: )
Description: Error: Service started

Error: (03/21/2014 08:50:50 AM) (Source: ComputerUpdater Service) (User: )
Description: Error: Service started

Error: (03/20/2014 02:19:01 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/20/2014 02:14:30 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (03/20/2014 01:49:29 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/20/2014 01:44:09 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (03/19/2014 07:09:28 PM) (Source: Registry Helper Service) (User: )
Description: Error: Service started

Error: (03/19/2014 07:09:15 PM) (Source: ComputerUpdater Service) (User: )
Description: Error: Service started

Error: (03/19/2014 05:14:31 PM) (Source: PC-Doctor) (User: )
Description: (496) Asapi: (17:14:31:0590)(496) libTonopahClient.DownloadManager - Error -- 135 HttpException : Http send request failed: getSystemErrormsg: FormatMessage(12007) failed with error: 317


System errors:
=============
Error: (03/21/2014 08:51:37 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/21/2014 08:50:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/19/2014 07:11:40 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/19/2014 07:09:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/19/2014 07:08:50 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎19.‎03.‎2014 um 18:51:54 unerwartet heruntergefahren.

Error: (03/19/2014 04:52:45 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (03/19/2014 04:52:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/18/2014 10:07:17 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.

Error: (03/18/2014 06:50:29 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Registry Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/18/2014 06:32:36 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Search Protect by Conduit Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (06/09/2011 02:22:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2989 seconds with 2580 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 77%
Total physical RAM: 1912.87 MB
Available physical RAM: 424.37 MB
Total Pagefile: 3825.73 MB
Available Pagefile: 1697.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:221.95 GB) (Free:21.68 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:9.77 GB) (Free:0.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: FD380F2A)

Partition: GPT Partition Type.

==================== End Of Log ============================
Geändert von Manu3l (21.03.2014 um 09:29 Uhr)

 

Themen zu Win7 (x64) 'Registry Helper' etc . infiziert
antivir, avira, browser, chip.de, doppelt, fenster, firefox, firefox 28.0, folge, folgendes, forum, hallo zusammen, helper, infiziert, kleines, logfiles, malware, microsoft, neue, neuen, newtab, programme, pwmtr64v.dll, rechner, registry, remote control, smartbar, start, super, tracker, win, win7, öffnet


« PopUp Meldung MS 13-052 | Sweet-Page und und und. »


Ähnliche Themen: Win7 (x64) 'Registry Helper' etc . infiziert


  1. Win7: Interpol Browser Sperre und anschließende Probleme mit Avira und Registry
    Plagegeister aller Art und deren Bekämpfung - 09.06.2015 (18)
  2. Win7 Prof. Infiziert mit Win32/Packed.Asprotect.DS Trojaner! Entfernung?
    Log-Analyse und Auswertung - 01.10.2014 (9)
  3. System mit BKA-Trojaner ähnlichem Schädling infiziert (Win7 Home Premium)
    Log-Analyse und Auswertung - 17.04.2014 (7)
  4. Win7 infiziert, u.a. TR/ATRAPS.Gen2 (Trojaner)
    Log-Analyse und Auswertung - 01.10.2013 (14)
  5. Win7: Webseiten werden mit Werbung verlinkt; Suchmaschinen-ergebnisse sind infiziert (monstermarketplace.com)
    Log-Analyse und Auswertung - 02.09.2013 (23)
  6. trojan.hijacker - win7 auch nach neuinstallation infiziert? rootkit?
    Log-Analyse und Auswertung - 04.02.2013 (40)
  7. Win7-PC mit GVU/BSI-Trojaner infiziert
    Plagegeister aller Art und deren Bekämpfung - 23.11.2012 (17)
  8. Win7 PC mit BKA-Trojaner infiziert (Logfiles angehängt)
    Log-Analyse und Auswertung - 08.08.2012 (18)
  9. Win7 mit GVU-Trojaner 2.07 infiziert
    Plagegeister aller Art und deren Bekämpfung - 23.07.2012 (12)
  10. Windows Pro Web Helper entfernen
    Anleitungen, FAQs & Links - 03.05.2012 (2)
  11. "PUM.Disabled.SecurityCenter" Registry infiziert
    Log-Analyse und Auswertung - 08.06.2011 (17)
  12. Win7 total securtiy Spyware infiziert
    Log-Analyse und Auswertung - 01.05.2011 (1)
  13. 3 Systeme infiziert, auch Probleme mit der Registry
    Plagegeister aller Art und deren Bekämpfung - 08.10.2010 (6)
  14. Registry infiziert
    Log-Analyse und Auswertung - 18.04.2010 (6)
  15. Little helper
    Mülltonne - 06.05.2007 (0)
  16. Registry Key infiziert - Wie vorgehen?
    Plagegeister aller Art und deren Bekämpfung - 05.04.2006 (16)
  17. ct helper
    Log-Analyse und Auswertung - 11.03.2005 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win7 (x64) 'Registry Helper' etc . infiziert - Hallo Zusammen, vor vier Tagen habe ich mir ein Texterkennungsprogramm über chip.de runtergeladen. Leider waren die drei o.g. Programme auch dabei. Ich war dummerweise unaufmerksam und nun habe ich den - Win7 (x64) 'Registry Helper' etc . infiziert...
Archiv
Du betrachtest: Win7 (x64) 'Registry Helper' etc . infiziert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131