Hallo,
ich habe mir snapdo eingefangen, habe es aber, so weit ich weiß, mit verschiedenen Programmen ( malwarebyte, adwcleaner) von firefox entfernen können. Wenn ich es aus der Systemsteuerung deinstallieren möchte, kommt immer der Hinweis, dass die Informationsquelle nicht zur Verfügung steht. da weiß ich leider nicht, wie ich weiterkommen soll.schonmal vielen dank

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

den Scan mit Farbar's Recovery Scan Tool habe ich schon gemacht, aber vergessen zu posten.das war aber leider bisher auch nicht erfolgreich

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Neuha_000 (administrator) on NEVADA on 30-03-2014 01:25:11
Running from C:\Users\Neuha_000\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Neuha_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) c:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\InDesign.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Farbar) C:\Users\Neuha_000\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-10-01] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-24] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3701953606-3288909924-4052013988-1002\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3701953606-3288909924-4052013988-1002\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-3701953606-3288909924-4052013988-1002\...\MountPoints2: {72820eaf-273f-11e3-be6c-806e6f6e6963} - "D:\Autorun.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-20] (NVIDIA Corporation)
Startup: C:\Users\Neuha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Neuha_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Neuha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Product Registration.lnk
ShortcutTarget: Product Registration.lnk -> C:\Users\Neuha_000\AppData\Local\Temp\is-L145B.tmp\ATR1.exe (Leader Technologies/Atari)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {1412151E-204D-4296-B39D-B7F1150C0300} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: The weDownload Manager - {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Hosts: 127.0.0.1                   activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Neuha_000\AppData\Roaming\Mozilla\Firefox\Profiles\25ap5sq8.default-1396097256838
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Neuha_000\AppData\Roaming\Mozilla\Firefox\Profiles\25ap5sq8.default-1396097256838\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-23]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-24] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-29] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-01] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-30 01:23 - 2014-03-30 01:25 - 00017757 _____ () C:\Users\Neuha_000\Downloads\FRST.txt
2014-03-30 01:23 - 2014-03-30 01:25 - 00000000 ____D () C:\FRST
2014-03-30 01:23 - 2014-03-30 01:24 - 00038515 _____ () C:\Users\Neuha_000\Downloads\Addition.txt
2014-03-30 01:23 - 2014-03-30 01:23 - 02157056 _____ (Farbar) C:\Users\Neuha_000\Downloads\FRST64(1).exe
2014-03-30 01:21 - 2014-03-30 01:21 - 00000252 _____ () C:\Users\Neuha_000\Downloads\defogger_enable.log
2014-03-30 01:19 - 2014-03-30 01:19 - 00000480 _____ () C:\Users\Neuha_000\Downloads\defogger_disable.log
2014-03-30 01:18 - 2014-03-30 01:18 - 00050477 _____ () C:\Users\Neuha_000\Downloads\Defogger(1).exe
2014-03-30 01:16 - 2014-03-30 01:16 - 00050477 _____ () C:\Users\Neuha_000\Downloads\Defogger.exe
2014-03-30 01:04 - 2014-03-30 01:14 - 00018691 _____ () C:\Windows\WindowsUpdate.log
2014-03-30 00:56 - 2014-03-30 00:56 - 00347816 _____ (Microsoft Corporation) C:\Users\Neuha_000\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.34319566669141803.6.1.Run.exe
2014-03-30 00:26 - 2014-03-30 00:26 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-30 00:26 - 2014-03-30 00:26 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-30 00:26 - 2014-03-30 00:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-30 00:24 - 2014-03-30 00:25 - 03710504 _____ (Piriform Ltd) C:\Users\Neuha_000\Downloads\ccsetup412_slim.exe
2014-03-29 23:43 - 2014-03-29 23:43 - 00987442 _____ () C:\Users\Neuha_000\Downloads\SecurityCheck.exe
2014-03-29 17:36 - 2014-03-29 17:36 - 02347384 _____ (ESET) C:\Users\Neuha_000\Downloads\esetsmartinstaller_enu.exe
2014-03-29 17:36 - 2014-03-29 17:36 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-29 17:35 - 2014-03-29 17:35 - 00015822 _____ () C:\Users\Neuha_000\Downloads\SystemLook.txt
2014-03-29 17:34 - 2014-03-29 17:34 - 00165376 _____ () C:\Users\Neuha_000\Downloads\SystemLook_x64.exe
2014-03-29 16:12 - 2014-03-29 16:12 - 00000000 ____D () C:\Users\Neuha_000\AppData\Local\NVIDIA Corporation
2014-03-29 16:11 - 2014-03-29 16:13 - 00000000 ____D () C:\Users\Neuha_000\AppData\Local\NVIDIA
2014-03-29 16:10 - 2014-03-29 16:10 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-29 16:09 - 2014-03-29 16:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-29 16:05 - 2013-02-20 21:25 - 01110024 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-29 16:05 - 2013-02-20 21:25 - 00245872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-29 15:35 - 2014-03-29 17:00 - 00000000 ____D () C:\rei
2014-03-29 15:35 - 2014-03-29 15:35 - 00000000 ____D () C:\Program Files\Reimage
2014-03-29 15:11 - 2014-03-29 17:00 - 00000000 ____D () C:\Users\Neuha_000\Downloads\backups
2014-03-29 15:07 - 2014-03-29 15:07 - 00012617 _____ () C:\Users\Neuha_000\Downloads\hijackthis.log
2014-03-29 14:46 - 2014-03-29 15:17 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-03-29 13:58 - 2014-03-29 13:58 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-29 13:58 - 2014-03-29 13:58 - 00000000 _____ () C:\autoexec.bat
2014-03-29 13:57 - 2014-03-29 17:03 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-29 13:56 - 2014-03-29 13:56 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Neuha_000\Downloads\SpyHunter-Installer.exe
2014-03-29 13:43 - 2014-03-29 17:02 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\ProductData
2014-03-29 13:43 - 2014-03-29 17:02 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-29 13:43 - 2014-03-29 17:02 - 00000000 ____D () C:\ProgramData\IObit
2014-03-29 13:43 - 2014-03-29 13:43 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\IObit
2014-03-29 13:43 - 2014-03-29 13:43 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-29 13:42 - 2014-03-29 13:42 - 12569408 _____ (IObit) C:\Users\Neuha_000\Downloads\iobituninstaller_3.2.0.128.exe
2014-03-29 13:12 - 2014-03-29 13:12 - 01950720 _____ () C:\Users\Neuha_000\Downloads\adwcleaner_3.022.exe
2014-03-29 13:10 - 2014-03-29 23:55 - 00000401 _____ () C:\Users\Neuha_000\Desktop\regfix.reg
2014-03-29 00:37 - 2014-03-29 00:37 - 00000093 ____H () C:\Users\Neuha_000\Desktop\.~lock.ccc.docx#
2014-03-29 00:34 - 2014-03-29 00:34 - 55633177 _____ (7-PDF, Germany ) C:\Users\Neuha_000\Downloads\7p141.exe
2014-03-29 00:32 - 2014-03-29 00:32 - 00000000 ____D () C:\Program Files (x86)\gs
2014-03-29 00:30 - 2014-03-29 00:31 - 00000000 ____D () C:\Users\gs9.14
2014-03-29 00:30 - 2014-03-29 00:30 - 00000000 ____D () C:\Users\gs9.14\zlib
2014-03-29 00:30 - 2014-03-29 00:30 - 00000000 ____D () C:\Users\gs9.14\trio
2014-03-29 00:30 - 2014-03-29 00:30 - 00000000 ____D () C:\Users\gs9.14\libpng
2014-03-29 00:29 - 2014-03-29 00:29 - 13044626 _____ () C:\Users\Neuha_000\Downloads\gs914w32.exe
2014-03-29 00:28 - 2014-03-29 00:28 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\WordToPDF
2014-03-29 00:27 - 2014-03-29 00:27 - 01594813 _____ (Mario Noack ) C:\Users\Neuha_000\Downloads\SetupWordToPDF_237_v2.9.exe
2014-03-29 00:21 - 2014-03-29 00:22 - 05048488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-29 00:16 - 2014-03-29 00:23 - 04205376 _____ (Softland ) C:\Users\Neuha_000\Downloads\dopdf-7.exe
2014-03-29 00:16 - 2014-03-29 00:16 - 00709352 _____ ( ) C:\Users\Neuha_000\Downloads\COMPUTER_BILD-Download-Manager_fuer_dopdf-7.exe
2014-03-29 00:16 - 2014-03-29 00:16 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\Softland
2014-03-29 00:16 - 2014-03-29 00:16 - 00000000 ____D () C:\Program Files\Softland
2014-03-29 00:16 - 2014-01-10 15:43 - 00007549 _____ () C:\Windows\system32\dopdf7.ctm
2014-03-28 23:48 - 2014-03-28 23:48 - 16204160 _____ (Geek Software GmbH ) C:\Users\Neuha_000\Downloads\pdf24-creator-6.3.2(1).exe
2014-03-28 17:19 - 2014-03-28 17:19 - 00000000 ____D () C:\Users\Neuha_000\AppData\Local\PDF24
2014-03-28 17:18 - 2014-03-28 17:18 - 16204160 _____ (Geek Software GmbH ) C:\Users\Neuha_000\Downloads\pdf24-creator-6.3.2.exe
2014-03-28 17:16 - 2014-03-29 01:00 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-28 17:16 - 2014-03-28 17:16 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\Opera Software
2014-03-28 17:16 - 2014-03-28 17:16 - 00000000 ____D () C:\Users\Neuha_000\AppData\Local\Opera Software
2014-03-28 17:16 - 2014-03-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-03-28 17:16 - 2013-10-23 14:24 - 00087600 _____ () C:\Windows\system32\cpwmon64.dll
2014-03-28 17:15 - 2014-03-28 17:15 - 02003352 _____ (Acro Software Inc. ) C:\Users\Neuha_000\Downloads\CuteWriter.exe
2014-03-28 15:35 - 2014-03-29 00:04 - 00001456 _____ () C:\Users\Neuha_000\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-03-23 20:29 - 2014-03-23 20:29 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
2014-03-23 20:21 - 2014-03-23 20:21 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\com.adobe.dmp.contentviewer
2014-03-23 18:39 - 2014-03-23 18:39 - 00114448 _____ () C:\Users\Neuha_000\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-23 18:39 - 2014-03-23 18:39 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\PDF Architect
2014-03-23 18:38 - 2014-03-23 18:38 - 00000000 ____D () C:\Users\Neuha_000\Documents\PDF Architect Files
2014-03-23 18:38 - 2014-03-23 18:38 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-23 18:36 - 2014-03-23 18:36 - 69734576 _____ (pdfforge ) C:\Users\Neuha_000\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-17 17:32 - 2014-01-31 01:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-17 17:32 - 2014-01-31 01:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-17 17:32 - 2013-10-25 08:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-17 17:32 - 2013-10-24 23:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-17 15:36 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-17 15:36 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-17 15:36 - 2014-02-23 09:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-17 15:36 - 2014-02-23 09:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-17 15:36 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-17 15:36 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-17 15:36 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-17 15:36 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-17 15:36 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-17 15:36 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-17 15:36 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-17 15:36 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-17 15:36 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-17 15:36 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-17 15:36 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-17 15:36 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-17 15:36 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-17 15:36 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-17 15:36 - 2014-02-23 07:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-17 15:36 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-17 15:36 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-17 15:36 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-17 15:36 - 2014-02-23 05:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-03-17 15:36 - 2014-02-08 05:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-17 15:35 - 2014-02-06 00:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-17 15:35 - 2014-02-06 00:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-17 15:35 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-17 15:35 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-06 19:26 - 2014-03-06 19:26 - 26732368 _____ () C:\Users\Neuha_000\Downloads\karneval.zip
2014-03-01 15:05 - 2014-03-01 15:05 - 00000000 ____D () C:\Program Files\McAfee Security Scan

==================== One Month Modified Files and Folders =======

2014-03-30 01:25 - 2014-03-30 01:23 - 00017757 _____ () C:\Users\Neuha_000\Downloads\FRST.txt
2014-03-30 01:25 - 2014-03-30 01:23 - 00000000 ____D () C:\FRST
2014-03-30 01:25 - 2014-02-16 19:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-30 01:24 - 2014-03-30 01:23 - 00038515 _____ () C:\Users\Neuha_000\Downloads\Addition.txt
2014-03-30 01:23 - 2014-03-30 01:23 - 02157056 _____ (Farbar) C:\Users\Neuha_000\Downloads\FRST64(1).exe
2014-03-30 01:21 - 2014-03-30 01:21 - 00000252 _____ () C:\Users\Neuha_000\Downloads\defogger_enable.log
2014-03-30 01:21 - 2014-01-17 14:58 - 00000000 ____D () C:\Users\Neuha_000
2014-03-30 01:19 - 2014-03-30 01:19 - 00000480 _____ () C:\Users\Neuha_000\Downloads\defogger_disable.log
2014-03-30 01:18 - 2014-03-30 01:18 - 00050477 _____ () C:\Users\Neuha_000\Downloads\Defogger(1).exe
2014-03-30 01:16 - 2014-03-30 01:16 - 00050477 _____ () C:\Users\Neuha_000\Downloads\Defogger.exe
2014-03-30 01:14 - 2014-03-30 01:04 - 00018691 _____ () C:\Windows\WindowsUpdate.log
2014-03-30 01:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-30 00:56 - 2014-03-30 00:56 - 00347816 _____ (Microsoft Corporation) C:\Users\Neuha_000\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.34319566669141803.6.1.Run.exe
2014-03-30 00:26 - 2014-03-30 00:26 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-30 00:26 - 2014-03-30 00:26 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-30 00:26 - 2014-03-30 00:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-30 00:26 - 2014-01-28 00:28 - 00000000 ____D () C:\Windows\Minidump
2014-03-30 00:26 - 2014-01-17 21:48 - 00000000 ____D () C:\Users\Neuha_000\AppData\Local\CrashDumps
2014-03-30 00:26 - 2013-04-18 11:11 - 00000000 ____D () C:\Windows\Panther
2014-03-30 00:25 - 2014-03-30 00:24 - 03710504 _____ (Piriform Ltd) C:\Users\Neuha_000\Downloads\ccsetup412_slim.exe
2014-03-30 00:00 - 2013-09-27 08:56 - 00000000 ____D () C:\ProgramData\install_clap
2014-03-29 23:55 - 2014-03-29 13:10 - 00000401 _____ () C:\Users\Neuha_000\Desktop\regfix.reg
2014-03-29 23:43 - 2014-03-29 23:43 - 00987442 _____ () C:\Users\Neuha_000\Downloads\SecurityCheck.exe
2014-03-29 19:45 - 2014-02-02 20:47 - 00000000 ___RD () C:\Users\Neuha_000\Desktop\Kamera-Uploads from Nico
2014-03-29 17:36 - 2014-03-29 17:36 - 02347384 _____ (ESET) C:\Users\Neuha_000\Downloads\esetsmartinstaller_enu.exe
2014-03-29 17:36 - 2014-03-29 17:36 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-29 17:35 - 2014-03-29 17:35 - 00015822 _____ () C:\Users\Neuha_000\Downloads\SystemLook.txt
2014-03-29 17:34 - 2014-03-29 17:34 - 00165376 _____ () C:\Users\Neuha_000\Downloads\SystemLook_x64.exe
2014-03-29 17:05 - 2014-01-17 15:48 - 00000000 ___RD () C:\Users\Neuha_000\Dropbox
2014-03-29 17:05 - 2014-01-17 15:45 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\Dropbox
2014-03-29 17:03 - 2014-03-29 13:57 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-29 17:03 - 2013-09-27 08:39 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-29 17:03 - 2012-07-26 09:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-29 17:03 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-29 17:02 - 2014-03-29 13:43 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\ProductData
2014-03-29 17:02 - 2014-03-29 13:43 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-29 17:02 - 2014-03-29 13:43 - 00000000 ____D () C:\ProgramData\IObit
2014-03-29 17:02 - 2014-01-17 15:01 - 00000000 ___RD () C:\Users\Neuha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-29 17:02 - 2013-09-27 08:39 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 17:02 - 2013-09-27 08:39 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-29 17:02 - 2013-09-27 08:39 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-29 17:02 - 2013-09-27 08:39 - 00000000 ____D () C:\Windows\system32\NV
2014-03-29 17:02 - 2013-09-27 08:39 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-29 17:02 - 2013-09-27 08:38 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-29 17:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Help
2014-03-29 17:01 - 2014-02-16 20:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 17:01 - 2014-01-29 14:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 17:01 - 2013-09-27 08:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-29 17:01 - 2013-04-18 11:05 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-29 17:00 - 2014-03-29 15:35 - 00000000 ____D () C:\rei
2014-03-29 17:00 - 2014-03-29 15:11 - 00000000 ____D () C:\Users\Neuha_000\Downloads\backups
2014-03-29 17:00 - 2014-02-17 14:12 - 00000000 ____D () C:\Users\Neuha_000\Desktop\BROTHER
2014-03-29 16:58 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2014-03-29 16:57 - 2013-09-27 08:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-29 16:13 - 2014-03-29 16:11 - 00000000 ____D () C:\Users\Neuha_000\AppData\Local\NVIDIA
2014-03-29 16:12 - 2014-03-29 16:12 - 00000000 ____D () C:\Users\Neuha_000\AppData\Local\NVIDIA Corporation
2014-03-29 16:12 - 2014-03-29 16:09 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-29 16:10 - 2014-03-29 16:10 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-29 15:35 - 2014-03-29 15:35 - 00000000 ____D () C:\Program Files\Reimage
2014-03-29 15:17 - 2014-03-29 14:46 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-03-29 15:07 - 2014-03-29 15:07 - 00012617 _____ () C:\Users\Neuha_000\Downloads\hijackthis.log
2014-03-29 13:58 - 2014-03-29 13:58 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-29 13:58 - 2014-03-29 13:58 - 00000000 _____ () C:\autoexec.bat
2014-03-29 13:56 - 2014-03-29 13:56 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Neuha_000\Downloads\SpyHunter-Installer.exe
2014-03-29 13:47 - 2014-02-01 22:28 - 00000000 ____D () C:\Users\Neuha_000\Desktop\Alte Firefox-Daten
2014-03-29 13:43 - 2014-03-29 13:43 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\IObit
2014-03-29 13:43 - 2014-03-29 13:43 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-29 13:42 - 2014-03-29 13:42 - 12569408 _____ (IObit) C:\Users\Neuha_000\Downloads\iobituninstaller_3.2.0.128.exe
2014-03-29 13:18 - 2014-02-01 17:16 - 00000000 ____D () C:\AdwCleaner
2014-03-29 13:12 - 2014-03-29 13:12 - 01950720 _____ () C:\Users\Neuha_000\Downloads\adwcleaner_3.022.exe
2014-03-29 13:02 - 2014-01-20 23:06 - 00000000 ____D () C:\Brother
2014-03-29 12:45 - 2014-01-29 15:36 - 00000000 ____D () C:\Users\Neuha_000\AppData\Local\Adobe
2014-03-29 03:42 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-29 01:00 - 2014-03-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-29 00:37 - 2014-03-29 00:37 - 00000093 ____H () C:\Users\Neuha_000\Desktop\.~lock.ccc.docx#
2014-03-29 00:34 - 2014-03-29 00:34 - 55633177 _____ (7-PDF, Germany ) C:\Users\Neuha_000\Downloads\7p141.exe
2014-03-29 00:32 - 2014-03-29 00:32 - 00000000 ____D () C:\Program Files (x86)\gs
2014-03-29 00:31 - 2014-03-29 00:30 - 00000000 ____D () C:\Users\gs9.14
2014-03-29 00:30 - 2014-03-29 00:30 - 00000000 ____D () C:\Users\gs9.14\zlib
2014-03-29 00:30 - 2014-03-29 00:30 - 00000000 ____D () C:\Users\gs9.14\trio
2014-03-29 00:30 - 2014-03-29 00:30 - 00000000 ____D () C:\Users\gs9.14\libpng
2014-03-29 00:30 - 2014-01-29 15:52 - 00001990 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-03-29 00:30 - 2014-01-29 15:40 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-29 00:29 - 2014-03-29 00:29 - 13044626 _____ () C:\Users\Neuha_000\Downloads\gs914w32.exe
2014-03-29 00:28 - 2014-03-29 00:28 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\WordToPDF
2014-03-29 00:27 - 2014-03-29 00:27 - 01594813 _____ (Mario Noack ) C:\Users\Neuha_000\Downloads\SetupWordToPDF_237_v2.9.exe
2014-03-29 00:23 - 2014-03-29 00:16 - 04205376 _____ (Softland ) C:\Users\Neuha_000\Downloads\dopdf-7.exe
2014-03-29 00:22 - 2014-03-29 00:21 - 05048488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-29 00:16 - 2014-03-29 00:16 - 00709352 _____ ( ) C:\Users\Neuha_000\Downloads\COMPUTER_BILD-Download-Manager_fuer_dopdf-7.exe
2014-03-29 00:16 - 2014-03-29 00:16 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\Softland
2014-03-29 00:16 - 2014-03-29 00:16 - 00000000 ____D () C:\Program Files\Softland
2014-03-29 00:04 - 2014-03-28 15:35 - 00001456 _____ () C:\Users\Neuha_000\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-03-28 23:48 - 2014-03-28 23:48 - 16204160 _____ (Geek Software GmbH ) C:\Users\Neuha_000\Downloads\pdf24-creator-6.3.2(1).exe
2014-03-28 21:02 - 2014-01-30 15:16 - 00350720 ___SH () C:\Users\Neuha_000\Downloads\Thumbs.db
2014-03-28 17:19 - 2014-03-28 17:19 - 00000000 ____D () C:\Users\Neuha_000\AppData\Local\PDF24
2014-03-28 17:18 - 2014-03-28 17:18 - 16204160 _____ (Geek Software GmbH ) C:\Users\Neuha_000\Downloads\pdf24-creator-6.3.2.exe
2014-03-28 17:16 - 2014-03-28 17:16 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\Opera Software
2014-03-28 17:16 - 2014-03-28 17:16 - 00000000 ____D () C:\Users\Neuha_000\AppData\Local\Opera Software
2014-03-28 17:16 - 2014-03-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-03-28 17:15 - 2014-03-28 17:15 - 02003352 _____ (Acro Software Inc. ) C:\Users\Neuha_000\Downloads\CuteWriter.exe
2014-03-28 17:06 - 2014-01-17 15:48 - 00000000 ___RD () C:\Users\Neuha_000\Desktop\Le Gurp 389
2014-03-28 15:34 - 2014-01-17 15:00 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\Adobe
2014-03-23 20:29 - 2014-03-23 20:29 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
2014-03-23 20:21 - 2014-03-23 20:21 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\com.adobe.dmp.contentviewer
2014-03-23 18:39 - 2014-03-23 18:39 - 00114448 _____ () C:\Users\Neuha_000\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-23 18:39 - 2014-03-23 18:39 - 00000000 ____D () C:\Users\Neuha_000\AppData\Roaming\PDF Architect
2014-03-23 18:38 - 2014-03-23 18:38 - 00000000 ____D () C:\Users\Neuha_000\Documents\PDF Architect Files
2014-03-23 18:38 - 2014-03-23 18:38 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-23 18:36 - 2014-03-23 18:36 - 69734576 _____ (pdfforge ) C:\Users\Neuha_000\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-21 21:45 - 2014-01-18 03:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-21 21:44 - 2014-01-18 03:10 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-21 21:43 - 2014-01-31 18:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-20 01:02 - 2013-09-27 17:32 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-03-20 01:02 - 2013-09-27 17:32 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-03-20 01:02 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-20 00:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-19 22:40 - 2014-02-11 21:13 - 00011776 ___SH () C:\Users\Neuha_000\Desktop\Thumbs.db
2014-03-17 20:41 - 2014-01-17 15:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3701953606-3288909924-4052013988-1002
2014-03-17 20:24 - 2014-01-17 15:01 - 00000000 ___RD () C:\Users\Neuha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-17 20:22 - 2014-02-07 14:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-17 20:22 - 2014-02-07 14:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-17 20:21 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-03-17 20:21 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-17 20:21 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-17 20:21 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-17 20:21 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-12 14:25 - 2014-02-22 18:25 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-12 14:25 - 2014-02-16 19:29 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-06 19:26 - 2014-03-06 19:26 - 26732368 _____ () C:\Users\Neuha_000\Downloads\karneval.zip
2014-03-04 23:52 - 2014-01-20 00:26 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:52 - 2014-01-20 00:26 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-01 15:05 - 2014-03-01 15:05 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-01 15:05 - 2014-02-16 19:29 - 00001935 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

Files to move or delete:
====================
C:\Windows\SysWOW64\nvinit.dll


Some content of TEMP:
====================
C:\Users\Neuha_000\AppData\Local\Temp\1390490966_the_wedownload_manager_1.exe
C:\Users\Neuha_000\AppData\Local\Temp\BackupSetup.exe
C:\Users\Neuha_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplygnne.dll
C:\Users\Neuha_000\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_dopdf-7.exe
C:\Users\Neuha_000\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Neuha_000\AppData\Local\Temp\octCA4B.tmp.exe
C:\Users\Neuha_000\AppData\Local\Temp\promote-upx.exe
C:\Users\Neuha_000\AppData\Local\Temp\Quarantine.exe
C:\Users\Neuha_000\AppData\Local\Temp\SHSetup.exe
C:\Users\Neuha_000\AppData\Local\Temp\SIntf16.dll
C:\Users\Neuha_000\AppData\Local\Temp\SIntf32.dll
C:\Users\Neuha_000\AppData\Local\Temp\SIntfNT.dll
C:\Users\Neuha_000\AppData\Local\Temp\_isA209.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-28 17:38

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Neuha_000 at 2014-03-30 01:25:24
Running from C:\Users\Neuha_000\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
Brother MFL-Pro Suite DCP-J4110DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - Acro Software Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DC4BC0CC-A928-4C48-BA40-AC24784F46E5}) (Version:  - Microsoft)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
FuzeZip (HKCU\...\FuzeZip) (Version: 1.0.0.134605 - Koyote-Lab Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3089 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Packages (HKCU\...\Microsoft PowerPoint Packages) (Version:  - ) <==== ATTENTION
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA Grafiktreiber 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.30 (Version: 311.30 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
ownCloud (HKLM-x32\...\ownCloud) (Version: 1.5.0.1913 - ownCloud, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Snap.Do (HKLM-x32\...\{FB385922-2E32-4462-A7DC-27159614A660}) (Version: 10.213.1.15234 - ReSoft Ltd.) <==== ATTENTION
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.17 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{99A0DB9A-71FC-4F98-BC1F-78A18195C677}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{A9C4BE58-07E0-473D-AE68-ECBA13FBF77E}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BEA3259E-14B5-4D89-87FF-ED9F1D0D81C8}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{BE1D254A-E5CD-4E76-9BE8-7B2E5FDBA6AF}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{04DED3FB-DDB2-4C1E-A057-2A1FB97BE42D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version:  - Microsoft)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)

==================== Restore Points  =========================

17-03-2014 17:15:58 Geplanter Prüfpunkt
21-03-2014 20:41:39 Windows Update
29-03-2014 12:57:45 Installed SpyHunter
29-03-2014 15:54:48 Wiederherstellungsvorgang

==================== Hosts content: ==========================

2012-07-26 06:26 - 2014-01-29 16:19 - 00000872 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1                   activate.adobe.com

==================== Scheduled Tasks (whitelisted) =============

Task: {0415E83A-C80D-4AA4-A749-95B17DE82C6D} - \The weDownload Manager-enabler No Task File
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {57A0E76A-457B-4DF8-885A-66813E1C5828} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-17] (Acer Incorporate)
Task: {76D74FA8-F72E-4965-8CB5-D45916FCC958} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {850735D2-237F-4D89-AE24-83FAD458205D} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {94F96968-6F3D-4145-89A7-542E7CC3B111} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {A2793DD3-6EE1-49B2-88A1-195C8258862B} - \The weDownload Manager-updater No Task File
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AC2D978C-20E9-4361-AA4E-DE36E084C595} - \The weDownload Manager-codedownloader No Task File
Task: {C18A4F0B-0469-454A-B9EE-0C64DA2A4068} - \The weDownload Manager-firefoxinstaller No Task File
Task: {C682D4AD-03C6-4D5E-9104-D40D5D654145} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D6C683B4-CA2E-4520-AC57-A765AC31FD85} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {DF9D7853-68AB-4940-AB23-6CFBE088E0E8} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Neuhausyasmin@aol.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EC46389F-27ED-4F43-BF8E-110B9C97BFCC} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-20 23:06 - 2005-04-22 05:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2013-09-27 07:57 - 2013-04-02 05:42 - 00176024 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-01-24 23:09 - 2013-01-24 23:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-24 23:05 - 2013-01-24 23:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-24 23:12 - 2013-01-24 23:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-03-28 17:16 - 2013-10-23 14:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2014-03-29 17:05 - 2014-03-29 17:05 - 00041984 _____ () C:\Users\Neuha_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplygnne.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Neuha_000\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-20 23:04 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2010-10-25 15:15 - 2010-10-25 15:15 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2013-09-27 08:29 - 2013-01-23 08:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2011-03-10 16:40 - 2011-03-10 16:40 - 00035328 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\boost_threads.dll
2011-03-10 16:40 - 2011-03-10 16:40 - 00066560 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\boost_filesystem.dll
2011-03-10 16:40 - 2011-03-10 16:40 - 00649216 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\boost_regex.dll
2011-03-10 16:40 - 2011-03-10 16:40 - 00012800 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\boost_system.dll
2011-03-10 23:55 - 2011-03-10 23:55 - 00063328 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\ASLSupport.dll
2011-03-10 16:40 - 2011-03-10 16:40 - 00026112 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\tbbmalloc.dll
2011-03-10 16:40 - 2011-03-10 16:40 - 00379056 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\Plug-ins\Filters\Sangam Readers\Reader For PageMaker.smrd
2011-03-10 16:40 - 2011-03-10 16:40 - 00122032 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\PMFileReader.dll
2011-03-10 16:40 - 2011-03-10 16:40 - 00051376 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\ALDFS32CJK.dll
2011-03-10 16:40 - 2011-03-10 16:40 - 00046256 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\ALDVM32CJK.dll
2011-03-10 16:40 - 2011-03-10 16:40 - 00095136 _____ () C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\unihan.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-01-12 07:08 - 2011-01-12 07:08 - 00060416 _____ () C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\zlib1.dll
2014-03-29 13:56 - 2014-02-16 20:04 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/29/2014 11:39:09 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/29/2014 11:27:57 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2014/03/29 23:27:57.545]: [00004296]: Initialize TwdsMain Class failed!

Error: (03/29/2014 11:27:57 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2014/03/29 23:27:57.544]: [00004296]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (03/29/2014 11:24:43 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2014/03/29 23:24:43.641]: [00004296]: Initialize TwdsMain Class failed!

Error: (03/29/2014 11:24:43 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2014/03/29 23:24:43.640]: [00004296]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (03/29/2014 11:22:48 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2014/03/29 23:22:48.047]: [00004296]: Initialize TwdsMain Class failed!

Error: (03/29/2014 11:22:48 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2014/03/29 23:22:48.047]: [00004296]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (03/29/2014 11:16:54 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2014/03/29 23:16:54.769]: [00004296]: Initialize TwdsMain Class failed!

Error: (03/29/2014 11:16:54 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2014/03/29 23:16:54.769]: [00004296]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (03/29/2014 11:00:25 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.


System errors:
=============
Error: (03/29/2014 04:55:19 PM) (Source: DCOM) (User: NEVADA)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (03/29/2014 03:54:58 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎29.‎03.‎2014 um 15:51:12 unerwartet heruntergefahren.

Error: (03/29/2014 03:18:06 PM) (Source: NETLOGON) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (03/29/2014 03:18:00 PM) (Source: Service Control Manager) (User: )
Description: Erkannte Ringabhängigkeiten starten Dienste automatisch. Überprüfen Sie die Abhängigkeitsstruktur des Diensts.

Error: (03/29/2014 03:18:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EsgScanner" ist von einem Dienst in einer Gruppe abhängig, der später gestartet wird. Ändern Sie die Reihenfolge in der Dienstabhängigkeitsstruktur, um sicherzustellen, dass alle für diesen Dienst erforderlichen Dienste gestartet sind, bevor dieser Dienst gestartet wird.

Error: (03/29/2014 03:13:53 PM) (Source: NETLOGON) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (03/29/2014 03:13:46 PM) (Source: Service Control Manager) (User: )
Description: Erkannte Ringabhängigkeiten starten Dienste automatisch. Überprüfen Sie die Abhängigkeitsstruktur des Diensts.

Error: (03/29/2014 03:13:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EsgScanner" ist von einem Dienst in einer Gruppe abhängig, der später gestartet wird. Ändern Sie die Reihenfolge in der Dienstabhängigkeitsstruktur, um sicherzustellen, dass alle für diesen Dienst erforderlichen Dienste gestartet sind, bevor dieser Dienst gestartet wird.

Error: (03/29/2014 00:54:25 AM) (Source: DCOM) (User: NEVADA)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NevadaNeuha_000S-1-5-21-3701953606-3288909924-4052013988-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/29/2014 00:54:25 AM) (Source: DCOM) (User: NEVADA)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NevadaNeuha_000S-1-5-21-3701953606-3288909924-4052013988-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (03/29/2014 11:39:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (03/29/2014 11:27:57 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2014/03/29 23:27:57.545]: [00004296]: Initialize TwdsMain Class failed!

Error: (03/29/2014 11:27:57 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2014/03/29 23:27:57.544]: [00004296]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (03/29/2014 11:24:43 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2014/03/29 23:24:43.641]: [00004296]: Initialize TwdsMain Class failed!

Error: (03/29/2014 11:24:43 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2014/03/29 23:24:43.640]: [00004296]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (03/29/2014 11:22:48 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2014/03/29 23:22:48.047]: [00004296]: Initialize TwdsMain Class failed!

Error: (03/29/2014 11:22:48 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2014/03/29 23:22:48.047]: [00004296]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (03/29/2014 11:16:54 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2014/03/29 23:16:54.769]: [00004296]: Initialize TwdsMain Class failed!

Error: (03/29/2014 11:16:54 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2014/03/29 23:16:54.769]: [00004296]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (03/29/2014 11:00:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Neuha_000\Downloads\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Percentage of memory in use: 33%
Total physical RAM: 8072.27 MB
Available physical RAM: 5362.89 MB
Total Pagefile: 9288.27 MB
Available Pagefile: 6525.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.83 GB) (Free:586.89 GB) NTFS
Drive d: (RCT3) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 49D4C129)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Code: Alles auswählenAufklappen

ATTFilter

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:07:10, on 29.03.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16843)
Boot mode: Normal

Running processes:
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Users\Neuha_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Users\Neuha_000\Downloads\hijackthis_5833.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Dropbox.lnk = Neuha_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Product Registration.lnk = Neuha_000\AppData\Local\Temp\is-L145B.tmp\ATR1.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12615 bytes
         

und das ist von malwarebytes

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.01.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Neuha_000 :: NEVADA [Administrator]

01.02.2014 14:38:17
mbam-log-2014-02-01 (14-38-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 518320
Laufzeit: 2 Stunde(n), 16 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 3
C:\Program Files (x86)\RightSurf\updateRightSurf.exe (PUP.Optional.RightSurf.A) -> 2220 -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe (PUP.Optional.RightSurf.A) -> 2332 -> Keine Aktion durchgeführt.
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> 1380 -> Keine Aktion durchgeführt.

Infizierte Speichermodule: 1
C:\Users\Neuha_000\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungsschlüssel: 31
HKLM\SYSTEM\CurrentControlSet\Services\Update RightSurf (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
HKLM\SYSTEM\CurrentControlSet\Services\Util RightSurf (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c} (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{a4f32137-598e-41b6-b601-9965084c8f08} (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
HKCR\Interface\{C64BA349-1F34-4BFC-8D23-A317279D0CB9} (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C} (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C} (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C} (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WPM (PUP.Optional.WpManager.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0049074.BHO (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0049074.BHO.1 (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0049074.Sandbox (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0049074.Sandbox.1 (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Keine Aktion durchgeführt.
HKCU\Software\RightSurf (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
HKCU\Software\InstalledBrowserExtensions\weDownload (PUP.Optional.WeDownload.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\sweet-pageSoftware (PUP.Optional.SweetPage.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Keine Aktion durchgeführt.
HKLM\Software\RightSurf (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901174} (PUP.Optional.CrossRider.M) -> Keine Aktion durchgeführt.
HKCR\CLSID\{11111111-1111-1111-1111-110411901174} (PUP.Optional.CrossRider.M) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{44444444-4444-4444-4444-440444904474} (PUP.Optional.CrossRider.M) -> Keine Aktion durchgeführt.
HKCR\Interface\{55555555-5555-5555-5555-550455905574} (PUP.Optional.CrossRider.M) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411901174} (PUP.Optional.CrossRider.M) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Daten: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Neuha_000\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Keine Aktion durchgeführt.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0Q1O2W1R1D0D1S1J -> Keine Aktion durchgeführt.
HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Daten: C:\ProgramData\WPM\wprotectmanager.exe -service -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 9
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bösartig: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Gut: () -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bösartig: (hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP249428AC-DE8A-4D5D-8ABA-583AFDF93F82&SSPV=) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.SweetPage.A) -> Bösartig: (hxxp://www.sweet-page.com/?type=hp&ts=1391083583&from=cor&uid=TOSHIBAXMQ01ABD075_83DVT755TXX83DVT755T) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command| (PUP.Optional.SweetPage.A) -> Bösartig: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.sweet-page.com/?type=sc&ts=1391083583&from=cor&uid=TOSHIBAXMQ01ABD075_83DVT755TXX83DVT755T) Gut: (firefox.exe) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.SweetPage.A) -> Bösartig: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391083583&from=cor&uid=TOSHIBAXMQ01ABD075_83DVT755TXX83DVT755T) Gut: (iexplore.exe) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (PUP.Optional.SweetPage.A) -> Bösartig: (hxxp://www.sweet-page.com/web/?type=ds&ts=1391083583&from=cor&uid=TOSHIBAXMQ01ABD075_83DVT755TXX83DVT755T&q={searchTerms}) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.SweetPage.A) -> Bösartig: (hxxp://www.sweet-page.com/?type=hp&ts=1391083583&from=cor&uid=TOSHIBAXMQ01ABD075_83DVT755TXX83DVT755T) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Bösartig: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Keine Aktion durchgeführt.
HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.SweetPage.A) -> Bösartig: (hxxp://www.sweet-page.com/?type=hp&ts=1391083583&from=cor&uid=TOSHIBAXMQ01ABD075_83DVT755TXX83DVT755T) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 24
C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\plugins (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 110
C:\Program Files (x86)\RightSurf\updateRightSurf.exe (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\RightSurfBHO.dll (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1NF1VQ5A\spstub[1].exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZIJH5VH\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSA04VKN\Setup[1].exe (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Temp\ICReinstall_microsoft-powerpoint.exe (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Temp\nsd5962.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Temp\nsi73D0.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Temp\nsr574D.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Temp\nst7596.exe (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Temp\sp_downloader.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Temp\fullpackage_temp1391083543\package1.zip (PUP.Optional.SkyTech.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Temp\fullpackage_temp1391083543\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Local\Temp\nsl2D6E\SpSetup.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\Documents\arschmarsch\Filme\yasminsdudelding\iLividSetup-r542-n-bf.exe (PUP.Optional.Bandoo) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\Documents\arschmarsch\Filme\yasminsdudelding\sysrc_trial_25044.exe (PUP.Optional.RegCleanerPro) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\Downloads\microsoft powerpoint 2010 setup.exe (PUP.Optional.BundleInstaller.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\Downloads\microsoft-powerpoint.exe (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Keine Aktion durchgeführt.
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml (PUP.Optional.SweetPage.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\RightSurf.ico (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\RightSurfUninstall.exe (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\updateRightSurf.InstallState (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\RightSurf.BrowserFilter.Helper.dll (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\RightSurf.BrowserFilter.Helper.dll.old.93512796-6e09-406f-a23f-b105f7a459a8 (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\RightSurfBrowserFilter.exe (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\sqlite3.dll (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\utilRightSurf.InstallState (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\plugins\RightSurf.BrowserFilterG.dll (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\plugins\RightSurf.CompatibilityChecker.dll (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\plugins\RightSurf.FFUpdate.dll (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RightSurf\bin\plugins\RightSurf.IEUpdate.dll (PUP.Optional.RightSurf.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Neuha_000\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll (PUP.Optional.CrossRider.M) -> Keine Aktion durchgeführt.

(Ende)
         

Zitat:

Hosts: 127.0.0.1 activate.adobe.com

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast. Mindestens das Adobe CS5.5/6 scheint bei dir illegal zu sein.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.