Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 8.1: Fenster/Texteingabezeilen wählen sich ab

Windows 8.1: Fenster/Texteingabezeilen wählen sich ab


Log-Analyse und Auswertung: Windows 8.1: Fenster/Texteingabezeilen wählen sich ab

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 31.07.2014, 09:34   #1
Hemden
 
Windows 8.1: Fenster/Texteingabezeilen wählen sich ab - Standard

Windows 8.1: Fenster/Texteingabezeilen wählen sich ab


Hallo liebe Forumgemeinde!

Mein Problem: Ausgewählte Fenster, Eingabezeilen etc. wählen sich automatisch ab (nach einigen Sekunden oder aber auch sofort, sodass Texteingabe unmöglich ist).
Das Problem tritt erst auf, nachdem ich eine Verbindung zum Internet hergestellt habe. Nach einem Neustart mit deaktiviertem Wifi treten keine Probleme auf.

Da das Problem diesem aus dem anderen Thread gleicht, habe ich schon einige Schritte befolgt zu denen geraten wurde.
http://www.trojaner-board.de/150608-...b-alleine.html

Ich habe defogger, FRST, adwcleaner, malwarebytes (Aktueller log und log mit Funden von gestern), den avira systemcheck (keine Funde) und JRT angewendet (logfiles siehe unten).

Anmerkung: Ich bin in Thailand und verwende ein Wlan Netz, das vom Vermieter für alle Hausbewohner zur Verfügung gestellt wird. In dieses loggt man sich nicht direkt mit einem Passwort beim Verbinden ein, sondern wenn man einen Browser nutzt, wird man automatisch auf eine Log-In Maske weiter geleitet.
In diesem Zusammenhang hatte ich schon öfter das Problem, dass Websiten mich als Proxy-Nutzer identifizieren und zB Downloads verweigern.
Ich gehe davon aus, dass dies auch der Grund ist, warum ich den ESET online Scan nicht ausführen konnte (Fehlermeldung: „Updates funktionieren nicht. Ist ein Proxy eingerichtet?“)

Außerdem hat der GMER scan nicht funktioniert, da wohl eine Systemdatei von einem anderen Programm verwendet wird, auf die GMER zugreifen muss. (Habe alles beendet und auch mit dem Taskmanager versucht klar Schiff zu machen, aber konnte es leider nicht lösen).

Ich würde mich über eure Hilfe freuen und hier die Logfiles:

FRST als zip im Anhang, da leider zu groß.

Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-07-2014 01
Ran by User at 2014-07-31 13:17:35
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AIMP3 (HKLM\...\AIMP3) (Version: v3.55.1332, 21.12.2013 - AIMP DevTeam)
ASUS Live Update (HKLM\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.10 - ASUS)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avira (HKLM\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.93.99.187.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1788.0 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3417 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Trusted Execution Engine (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (Version: 1.0.0.1064 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
K-Lite Codec Pack 10.4.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.4.5 - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - Deutsch (HKLM\...\{90150000-00BD-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Realtek I2S Audio (HKLM\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 6.2.9600.4055 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebStorage (HKLM\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (AsusHID) Mouse  (02/12/2014 3.0.0.23) (HKLM\...\88F3FD439A3012A11FEF853A27C299ED116ABA8D) (Version: 02/12/2014 3.0.0.23 - ASUS)
WinFlash (HKLM\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2596176258-1504859495-3066305463-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\User\AppData\Local\Google\Chrome\Application\34.0.1788.0\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2596176258-1504859495-3066305463-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2596176258-1504859495-3066305463-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2596176258-1504859495-3066305463-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2596176258-1504859495-3066305463-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2596176258-1504859495-3066305463-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2596176258-1504859495-3066305463-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:13 - 2013-08-22 13:13 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00616364-A29C-4907-AEB1-35A50897A183} - System32\Tasks\ASUS Live Update1 => C:\Program Files [2014-07-31] ()
Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {01ADEDC5-FABF-4C55-84E8-4B4FF6071CFF} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {111F0EF0-82D5-4604-9B02-5845F342C954} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-24] (Adobe Systems Incorporated)
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {255264F5-0BAB-4911-9B06-B220D9348AE7} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {25D6D29D-1896-4F50-B463-A9CD456A5458} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {5700ACE8-D0AF-4BA7-98B6-1033521A877A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {5902F5B2-6F8A-4C2D-A444-8460B210D104} - System32\Tasks\ASUS Live Update2 => C:\Program Files [2014-07-31] ()
Task: {5F34E170-C9CB-4C88-9D00-0B3D83FADE1D} - System32\Tasks\Update Checker => C:\Program Files\ASUS\ASUS Live Update\UpdateChecker.exe [2013-11-28] ()
Task: {627EDA65-2431-4914-A70A-774B7E999F2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-31] (Google Inc.)
Task: {67583089-B5F1-4035-A03C-39D4812DF0CD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {6E84A59B-1863-4B21-8BD8-C9B20FD15484} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75E4C605-79A4-4C68-A78C-2D33FF69D5CC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {7C7CF1DA-F461-4850-96B2-ADCA8A67E59C} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {9D799816-D9B7-439C-9379-9EBE2CE3DDDF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {ACF88338-CF75-4366-9BBA-F4AC5D09C927} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-26] (Microsoft Corporation)
Task: {B8638F6F-A01D-489B-8391-9E8562F03D25} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [2012-12-07] (Microsoft Corporation)
Task: {BDC7E3F2-3934-494D-B295-98B4267D7D66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-31] (Google Inc.)
Task: {C09EF1CF-23B9-4BA0-8138-5CB029D97760} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E1854385-E5D6-419A-BD15-985A8C410A2C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLauncher.exe [2014-02-14] (AsusTek)
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {EF4C72DB-CD15-47BE-9961-4A16D9A8633D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-08 04:41 - 2012-11-10 10:20 - 00305232 _____ () C:\Program Files\Microsoft Office 15\ClientX86\c2rui.dll
2014-07-08 04:41 - 2012-11-24 17:23 - 00354368 _____ () C:\Program Files\Microsoft Office 15\ClientX86\c2r32.dll
2014-07-08 04:41 - 2012-12-07 05:10 - 00404048 _____ () C:\Program Files\Microsoft Office 15\ClientX86\StreamServer.dll
2014-07-24 11:50 - 2014-07-24 11:50 - 00137296 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-24 11:49 - 2014-07-24 11:49 - 00065104 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-07-30 22:10 - 2014-07-24 11:50 - 00049744 _____ () C:\Users\User\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-08 04:36 - 2014-07-17 12:42 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\Users\User\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKCU\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/31/2014 01:01:32 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceServiceMainThread:  App specific mode was turned off, but timer was not running.


System errors:
=============
Error: (07/31/2014 01:00:15 PM) (Source: DCOM) (EventID: 10010) (User: ASUS)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/31/2014 00:59:45 PM) (Source: DCOM) (EventID: 10010) (User: ASUS)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/31/2014 00:59:15 PM) (Source: DCOM) (EventID: 10010) (User: ASUS)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/31/2014 00:58:45 PM) (Source: DCOM) (EventID: 10010) (User: ASUS)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/31/2014 00:58:15 PM) (Source: DCOM) (EventID: 10010) (User: ASUS)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/31/2014 00:57:45 PM) (Source: DCOM) (EventID: 10010) (User: ASUS)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (07/31/2014 01:01:32 PM) (Source: DptfPolicyLpmService) (EventID: 1) (User: )
Description: DptfPolicyLpmServiceServiceMainThread:  App specific mode was turned off, but timer was not running.


CodeIntegrity Errors:
===================================
  Date: 2014-07-31 13:00:54.167
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-31 12:20:54.541
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-31 10:06:04.463
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-30 22:14:32.042
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-30 22:10:09.770
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-30 22:10:09.761
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-30 22:10:09.748
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-30 22:10:09.689
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-30 22:10:09.674
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-30 22:10:09.655
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 53%
Total physical RAM: 1933.15 MB
Available physical RAM: 901.63 MB
Total Pagefile: 3866.15 MB
Available Pagefile: 2059.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1855.19 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:49.14 GB) (Free:28.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 58 GB) (Disk ID: 3289F965)

Partition: GPT Partition Type.

==================== End Of Log ============================
Defogger:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:10 on 31/07/2014 (User)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-

Mabm:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 31.07.2014
Scan Time: 11:59:45
Logfile: mabm.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.31.02
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 258232
Time Elapsed: 7 min, 44 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Und der mabm log von gestern mit den Funden:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 30.07.2014
Scan Time: 22:00:25
Logfile: mabmFUND.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.30.04
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 256132
Time Elapsed: 6 min, 44 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.OpenCandy, C:\Users\User\AppData\Roaming\OpenCandy, Quarantined, [109c5b4ab1cac07620d8c7e3b949c040], 
PUP.Optional.OpenCandy, C:\Users\User\AppData\Roaming\OpenCandy\05B3E7E7A7184D04B5FFFA1902D74097, Quarantined, [109c5b4ab1cac07620d8c7e3b949c040], 

Files: 2
PUP.Optional.OpenCandy, C:\Users\User\AppData\Roaming\OpenCandy\05B3E7E7A7184D04B5FFFA1902D74097\RegistryReviverSetup_3.0.1.144_CO2.exe, Quarantined, [109c5b4ab1cac07620d8c7e3b949c040], 
PUP.Optional.OpenCandy, C:\Users\User\AppData\Roaming\OpenCandy\05B3E7E7A7184D04B5FFFA1902D74097\RegistryReviverSetup_AFD_p4v1.exe, Quarantined, [109c5b4ab1cac07620d8c7e3b949c040], 

Physical Sectors: 0
(No malicious items detected)


(end)
ADWcleaner:

Code:
ATTFilter
# AdwCleaner v3.302 - Report created 31/07/2014 at 14:09:58
# Updated 30/07/2014 by Xplode
# Operating System : Windows 8.1  (32 bits)
# Username : User - ASUS
# Running from : C:\Users\User\Desktop\adwcleaner_3.302.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v31.0 (x86 de)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\o52zds4e.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1060 octets] - [31/07/2014 12:19:14]
AdwCleaner[R1].txt - [1014 octets] - [31/07/2014 14:07:42]
AdwCleaner[S0].txt - [1128 octets] - [31/07/2014 12:20:15]
AdwCleaner[S1].txt - [937 octets] - [31/07/2014 14:09:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [996 octets] ##########

JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x86
Ran by User on 31.07.2014 at 14:13:53,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.07.2014 at 14:18:12,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Themen zu Windows 8.1: Fenster/Texteingabezeilen wählen sich ab
adware, antivirus, avg, avira, browser, computer, defender, explorer, fehlermeldung, firefox, firefox 31.0, flash player, helper, home, internet, internet explorer, preferences, problem, programm, rundll, scan, security, sekunden, sich automatisch, software, taskmanager, warum, windows, wlan


« Windows7: Bei Chrome öffnen sich neue Tabs mit Werbung | Mindspark Toolbar Platform Plugin Stub for 32-bit Windows bei Add-ons-Manager gefunden »


Ähnliche Themen: Windows 8.1: Fenster/Texteingabezeilen wählen sich ab


  1. Windows 8 - schwarzes Fenster öffnet sich immer wieder kurz sobald ich im Internet bin
    Log-Analyse und Auswertung - 18.09.2015 (5)
  2. Windows 7: CMD-Fenster öffnet und schließt sich.
    Log-Analyse und Auswertung - 20.12.2014 (10)
  3. windows 7 Firefox: My search öffnet sich als Fenster
    Log-Analyse und Auswertung - 09.09.2014 (7)
  4. Windows 7: Beim Surfen öffnen sich ungewollt neu tabs/Fenster mit Werbung
    Log-Analyse und Auswertung - 08.05.2014 (10)
  5. Windows 8: Pop-up Fenster und sich selbst öffnende Tabs.
    Log-Analyse und Auswertung - 07.04.2014 (15)
  6. windows vista aktives fenster minimier sich selbstständig
    Plagegeister aller Art und deren Bekämpfung - 02.04.2014 (13)
  7. Windows 7 - Malware? - Fenster öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 10.03.2014 (23)
  8. Windows 7 32-Bit: Virus? CD-Laufwerk öffnet sich sporadisch / Cmd-Fenster beim Start
    Log-Analyse und Auswertung - 09.03.2014 (4)
  9. Windows 7: jsw.jsfor.net/ adware vermutlich auf dem System - Fenster öffnen sich automatisch
    Log-Analyse und Auswertung - 09.01.2014 (7)
  10. Windows 7: FBDownloaderSearch macht sich zur Startseite im Browser, popup-Fenster öffnen sich
    Log-Analyse und Auswertung - 17.12.2013 (9)
  11. Explorer und Chrome können sich zeitweise nicht ins www wählen, mit anderem Rechner keine Probleme und auch Internetzugriff vorhanden
    Log-Analyse und Auswertung - 18.10.2013 (1)
  12. Windows 7: Sponsorship-Fenster öffnen sich + PC sehr langsam
    Log-Analyse und Auswertung - 19.09.2013 (11)
  13. Windows 7 Google Chrome Tabs öffnen sich ständig im neuen Fenster
    Plagegeister aller Art und deren Bekämpfung - 14.08.2013 (11)
  14. Fenster von windows öffnen sich selbständig
    Plagegeister aller Art und deren Bekämpfung - 18.06.2012 (3)
  15. Windows 7 Aktivierung per telefon option wählen geht nicht
    Alles rund um Windows - 14.08.2010 (5)
  16. Warum wählen sich meine Fenster von selber ab?
    Log-Analyse und Auswertung - 05.04.2010 (21)
  17. IE Fenster öffnet sich bei Windows Start / Windows stürzt ab
    Log-Analyse und Auswertung - 28.09.2009 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 8.1: Fenster/Texteingabezeilen wählen sich ab - Hallo liebe Forumgemeinde! Mein Problem: Ausgewählte Fenster, Eingabezeilen etc. wählen sich automatisch ab (nach einigen Sekunden oder aber auch sofort, sodass Texteingabe unmöglich ist). Das Problem tritt erst auf, nachdem - Windows 8.1: Fenster/Texteingabezeilen wählen sich ab...
Archiv
Du betrachtest: Windows 8.1: Fenster/Texteingabezeilen wählen sich ab auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19