Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.

Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.


Log-Analyse und Auswertung: Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 07.11.2014, 20:24   #1
kiki-berlin
 
Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen. - Standard

Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.


Hallo,

Mein Medion-Laptop habe ich im Frühjahr von XP auf Windows 7 umgestellt.
Zuerst lief alles prima, aber zunehmend bekomme ich Probleme:

In Firefox bricht hin und wieder die Anzeige zusammen, wird kurz schwarz, dann nur Desktop und dann kommt das Bild wieder. Sehr häufig reagiert Firefox nicht, öffnet dann ein neues Fenster für diesen Tab mit dem Hinweis "KeineReaktion" oben in der Adresszeile (ganz oben im "Reiter"), und schließt dann irgendwann das Fenster wieder.
Sehr oft erscheinen Hinweise auf ein beschädigtes /nicht antwortendes Skript.

Insgesamt ist das alte Laptop zwar technisch nicht mehr auf dem modernsten Stand (Prozessor Intel T2300, @1,66 GHz 1.67 GHz, 1,00 GB RAM, 32 Bit), aber für simples Internet ohne viel Schnickschnack müsste es für mein Gefühl schneller und ohne diese Probleme gehen (ging unter XP definitiv).

Würde mich freuen, wenn mal wer draufschauen könnte. Hier meine Logfiles:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:25 on 07/11/2014 (Kirstin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by Kirstin (administrator) on KIRSTIN-LÄPPI on 07-11-2014 17:28:52
Running from C:\Users\Kirstin\Downloads
Loaded Profile: Kirstin (Available profiles: Kirstin)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\Launch Manager\LaunchAp.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Wistron) C:\Program Files\Launch Manager\WButton.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LaunchAp] => C:\Program Files\Launch Manager\LaunchAp.exe [32768 2007-09-01] ()
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [188416 2007-09-06] (Wistron)
HKLM\...\Run: [CtrlVol] => "C:\Program Files\Launch Manager\CtrlVol.exe"
HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [86016 2007-09-07] (Wistron)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [729088 2007-02-26] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2007-02-26] (Synaptics, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-1049084713-579978419-3497640582-1000\...\MountPoints2: H - H:\LGAutoRun.exe
HKU\S-1-5-21-1049084713-579978419-3497640582-1000\...\MountPoints2: {fc8efe53-5399-11e4-ac5f-0016d38110d6} - H:\LGAutoRun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9918E7C1978CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.3

FireFox:
========
FF ProfilePath: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.com/?gfe_rd=cr&ei=5uMeVNu2L6qF8Qf72YCwCA&gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: NoScript - C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-23]
FF Extension: Adblock Plus - C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-23]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2006-11-17] (Wistron Corp.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-05-27] (LG Electronics Inc.)
R1 Hotkey; C:\Windows\system32\Drivers\Hotkey.sys [9867 2003-04-28] () [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 17:28 - 2014-11-07 17:29 - 00008404 _____ () C:\Users\Kirstin\Downloads\FRST.txt
2014-11-07 17:28 - 2014-11-07 17:29 - 00000000 ____D () C:\FRST
2014-11-07 17:27 - 2014-11-07 17:27 - 01106432 _____ (Farbar) C:\Users\Kirstin\Downloads\FRST.exe
2014-11-07 17:25 - 2014-11-07 17:25 - 00000476 _____ () C:\Users\Kirstin\Downloads\defogger_disable.log
2014-11-07 17:25 - 2014-11-07 17:25 - 00000000 _____ () C:\Users\Kirstin\defogger_reenable
2014-11-07 17:24 - 2014-11-07 17:24 - 00050477 _____ () C:\Users\Kirstin\Downloads\Defogger.exe
2014-11-07 15:30 - 2013-04-10 00:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-11-07 14:25 - 2014-11-07 14:25 - 00000000 ____D () C:\Windows\pss
2014-11-07 12:21 - 2014-11-07 12:22 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-03 15:40 - 2014-11-03 15:42 - 00000000 ____D () C:\Users\Kirstin\AppData\Local\.elfohilfe
2014-11-03 15:35 - 2014-11-03 15:36 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\elsterformular
2014-11-03 15:34 - 2014-11-03 15:35 - 00000000 ____D () C:\ProgramData\elsterformular
2014-11-03 15:34 - 2014-11-03 15:34 - 00001249 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-11-03 15:34 - 2014-11-03 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-11-03 15:32 - 2014-11-03 15:34 - 00000000 ____D () C:\Program Files\images
2014-11-03 15:32 - 2014-11-03 15:34 - 00000000 ____D () C:\Program Files\hilfe
2014-11-03 15:32 - 2014-11-03 15:34 - 00000000 ____D () C:\Program Files\bin
2014-11-03 15:32 - 2014-11-03 15:32 - 00000000 ____D () C:\Program Files\dict
2014-11-03 15:29 - 2014-11-03 15:30 - 120739144 _____ (Landesfinanzdirektion Thüringen) C:\Users\Kirstin\Downloads\ElsterFormular-15.3.20141009u.exe
2014-11-02 23:58 - 2014-11-07 15:22 - 00000000 ___RD () C:\Users\Kirstin\Dropbox
2014-11-02 23:58 - 2014-11-02 23:58 - 00001003 _____ () C:\Users\Kirstin\Desktop\Dropbox.lnk
2014-11-02 23:53 - 2014-11-02 23:53 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-02 23:49 - 2014-11-07 11:59 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\Dropbox
2014-11-02 23:48 - 2014-11-02 23:48 - 00323672 _____ (Dropbox, Inc.) C:\Users\Kirstin\Downloads\DropboxInstaller.exe
2014-10-29 20:57 - 2014-10-29 20:58 - 91931728 _____ (The GIMP Team ) C:\Users\Kirstin\Downloads\gimp-2.8.14-setup-1.exe
2014-10-25 22:37 - 2014-10-25 22:37 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\dvdcss
2014-10-25 21:07 - 2014-10-25 22:45 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\vlc
2014-10-25 21:01 - 2014-10-25 21:01 - 00000000 ____D () C:\Program Files\VideoLAN
2014-10-25 20:56 - 2014-10-25 20:56 - 25603232 _____ () C:\Users\Kirstin\Downloads\vlc-2.1.5-win32.exe
2014-10-24 11:30 - 2014-10-24 11:30 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-24 11:29 - 2014-10-24 11:29 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-24 11:29 - 2014-10-24 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-24 11:29 - 2014-10-24 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-24 11:29 - 2014-10-24 11:29 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-24 11:29 - 2014-10-24 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-24 11:29 - 2014-10-24 11:29 - 00000000 ____D () C:\Program Files\Java
2014-10-17 22:14 - 2014-10-17 22:14 - 00000874 _____ () C:\Users\Kirstin\AppData\Local\recently-used.xbel
2014-10-16 21:51 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-16 21:51 - 2014-08-19 03:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-16 21:51 - 2014-08-19 03:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-16 21:51 - 2014-08-19 03:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-16 21:51 - 2014-08-19 03:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-16 21:51 - 2014-08-19 02:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-16 21:51 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-16 21:51 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-16 21:51 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-16 21:51 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-16 21:51 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-16 21:51 - 2014-07-07 02:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-16 21:51 - 2014-06-28 01:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-16 21:51 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-16 21:51 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-16 20:02 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 20:02 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 20:02 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 20:02 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 20:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 20:02 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 20:02 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 20:02 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 20:01 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 20:01 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 20:01 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 20:01 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 20:01 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 20:01 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 20:01 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 20:01 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 20:01 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 20:01 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 20:01 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 20:01 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 20:01 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 20:01 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 20:01 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 20:01 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 20:01 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 20:01 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 20:01 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 20:01 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 20:01 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 20:01 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 20:01 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 20:01 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 20:01 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 20:01 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 20:01 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 20:01 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 20:01 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 20:01 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 20:01 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 20:01 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 20:01 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 20:01 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-16 20:01 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-16 20:00 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 20:00 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 19:59 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 20:37 - 2014-10-14 20:37 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\LG Electronics
2014-10-14 20:28 - 2014-10-14 20:28 - 00000000 ____D () C:\Users\Kirstin\AppData\Local\LG Electronics
2014-10-14 20:28 - 2014-10-14 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2014-10-14 20:25 - 2014-10-14 20:26 - 00000000 ____D () C:\Program Files\LG Electronics
2014-10-14 19:47 - 2014-10-14 19:58 - 234529496 _____ (LG Electronics) C:\Users\Kirstin\Downloads\LGPCSuite_Setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 17:28 - 2014-06-20 15:15 - 01769028 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 17:26 - 2014-07-13 22:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-07 17:25 - 2014-06-20 15:26 - 00000000 ____D () C:\Users\Kirstin
2014-11-07 17:10 - 2014-06-21 12:59 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-07 15:58 - 2009-07-14 05:34 - 00032368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-07 15:58 - 2009-07-14 05:34 - 00032368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-07 15:56 - 2010-11-20 22:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 15:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-07 15:51 - 2014-06-21 12:59 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-07 15:50 - 2014-08-04 21:32 - 00013946 _____ () C:\Windows\setupact.log
2014-11-07 15:50 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 15:24 - 2014-06-20 16:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-07 14:18 - 2014-06-25 16:36 - 00000000 ____D () C:\Windows\Minidump
2014-10-30 12:24 - 2014-06-20 16:02 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 21:22 - 2014-06-22 13:33 - 00000000 ____D () C:\Users\Kirstin\.gimp-2.8
2014-10-29 21:06 - 2014-06-20 23:02 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-10-25 20:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-24 11:30 - 2014-10-01 09:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 12:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-10-17 12:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-17 11:09 - 2009-07-14 05:33 - 00286616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 11:07 - 2014-06-20 20:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-17 11:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-16 23:57 - 2014-06-20 17:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 23:52 - 2014-06-20 17:53 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Kirstin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp06yquy.dll
C:\Users\Kirstin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Kirstin\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Kirstin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kirstin\AppData\Local\Temp\setup.exe
C:\Users\Kirstin\AppData\Local\Temp\vcredist9_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-07 16:38

==================== End Of Log ============================
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by Kirstin at 2014-11-07 17:31:00
Running from C:\Users\Kirstin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Brother MFL-Pro Suite DCP-J4110DW (HKLM\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.41 - Dropbox, Inc.)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.3.20141009 - Landesfinanzdirektion Thüringen)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
FreeOCR v5.0 (HKLM\...\freeocr_is1) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Launch Manager V1.4.7 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.4.7 - Wistron Corp.)
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.18.20140626 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{15A5D29A-F209-49FD-BA47-5E4C882FF496}) (Version: 3.12.1.0 - LG Electronics)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
Mozilla Firefox 33.0.3 (x86 de) (HKLM\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PDF24 Creator 6.5.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
sv.net (HKLM\...\sv.net) (Version: 14.1 - ITSG GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.0.0 - Synaptics)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
YTD Video Downloader 4.8.1 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.1 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

07-11-2014 14:45:54 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10288478-23FA-4E8A-8188-80520E88FD90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {5B61258E-11B8-434F-92FC-03CE2733DE35} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {7B8D1A74-605A-47F9-8241-650F1AD0AF6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-21] (Google Inc.)
Task: {8B5C41C7-AC8D-4AD0-A65D-8F868EE30DA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-21] (Google Inc.)
Task: {BABDB8BD-3131-46E3-B272-5122C611CFA7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-18 09:47 - 2012-09-18 14:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2014-07-18 09:47 - 2012-09-18 14:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2014-06-21 10:38 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2014-06-20 16:28 - 2007-09-01 13:03 - 00032768 _____ () C:\Program Files\Launch Manager\LaunchAp.exe
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56chs.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00057344 _____ () C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
2014-11-07 12:21 - 2014-11-07 12:22 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Kirstin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1049084713-579978419-3497640582-500 - Administrator - Disabled)
Gast (S-1-5-21-1049084713-579978419-3497640582-501 - Limited - Disabled)
Kirstin (S-1-5-21-1049084713-579978419-3497640582-1000 - Administrator - Enabled) => C:\Users\Kirstin

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/07/2014 04:42:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/07/2014 03:51:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 03:26:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 01:52:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 33.0.0.5397 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ffc

Startzeit: 01cffa79e2cd73a4

Endzeit: 452

Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID:

Error: (11/07/2014 11:58:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/02/2014 10:26:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2014 07:08:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2014 11:39:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2014 07:59:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2014 07:51:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/07/2014 02:41:05 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (11/07/2014 11:58:04 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎11.‎2014 um 10:54:06 unerwartet heruntergefahren.

Error: (11/03/2014 00:03:05 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.0.12 mit dem Computer mit der
Netzwerkhardwareadresse 40-16-7E-25-A3-C4 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (11/03/2014 00:00:20 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (11/03/2014 00:14:44 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 2a02:8109:8b80:13d4::2 mit dem Computer mit der
Netzwerkhardwareadresse 40-16-7E-25-A3-C4 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (11/03/2014 00:07:18 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "JONATHAN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{033E48BB-E589-402D-8065-7649A1-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/03/2014 00:06:45 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "JONATHAN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{033E48BB-E589-402D-8065-7649A1-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/01/2014 09:38:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (10/29/2014 08:08:13 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.187.674.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.6.0305.00

	Quellpfad: 4.6.0305.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (10/29/2014 07:50:21 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x00000004, 0x00000258, 0x8429ca70, 0x82935b24)C:\Windows\MEMORY.DMP102914-20919-01


Microsoft Office Sessions:
=========================
Error: (11/07/2014 04:42:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Brother\Brmfl12b\NetScn\dpinstx64.exe

Error: (11/07/2014 03:51:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 03:26:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 01:52:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.0.0.5397ffc01cffa79e2cd73a4452C:\Program Files\Mozilla Firefox\firefox.exe

Error: (11/07/2014 11:58:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/02/2014 10:26:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2014 07:08:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2014 11:39:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2014 07:59:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2014 07:51:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz
Percentage of memory in use: 85%
Total physical RAM: 1014.18 MB
Available physical RAM: 146.01 MB
Total Pagefile: 4014.18 MB
Available Pagefile: 2998.56 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:44.68 GB) (Free:17.96 GB) NTFS
Drive d: (Programme) (Fixed) (Total:20 GB) (Free:19.91 GB) NTFS
Drive e: (Daten) (Fixed) (Total:37.11 GB) (Free:9.74 GB) NTFS
Drive f: (MyDrive) (Fixed) (Total:931.51 GB) (Free:609.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D12E4C6A)
Partition 1: (Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=101.8 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 50B95581)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Den Epson-Drucker und den Video-Downloader habe ich mit dem Revo uninstaller gleich entfernt, die brauche ich nicht mehr.

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-07 17:57:24
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD1200BEVS-07LAT0 rev.01.06M01 111,79GB
Running: Gmer-19357.exe; Driver: C:\Users\Kirstin\AppData\Local\Temp\uxdiyaod.sys


---- Kernel code sections - GMER 2.1 ----

.text           ntoskrnl.exe!ZwRollbackEnlistment + 1419                                                                                82C8A995 1 Byte  [06]
.text           ntoskrnl.exe!KiDispatchInterrupt + 5A2                                                                                  82CAA5F2 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] ntdll.dll!NtCreateFile                                               77955608 5 Bytes  JMP 6143C420 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] ntdll.dll!NtFlushBuffersFile                                         77955998 5 Bytes  JMP 61411594 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] ntdll.dll!NtQueryFullAttributesFile                                  77956028 5 Bytes  JMP 614112B0 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] ntdll.dll!NtReadFile                                                 779562F8 5 Bytes  JMP 61411490 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] ntdll.dll!NtReadFileScatter                                          77956308 5 Bytes  JMP 61D697EB C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] ntdll.dll!NtWriteFile                                                77956AA8 5 Bytes  JMP 6143D2F0 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] ntdll.dll!NtWriteFileGather                                          77956AB8 5 Bytes  JMP 61D6979A C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] ntdll.dll!LdrLoadDll                                                 779722AE 5 Bytes  JMP 73521F43 C:\Program Files\Mozilla Firefox\mozglue.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D                        76E694E6 7 Bytes  JMP 61CD00FF C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] kernel32.dll!QueryPerformanceCounter + 13                            76E6C4E5 7 Bytes  JMP 61CD0122 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] kernel32.dll!LoadAppInitDlls + 355                                   76E6F5A6 7 Bytes  JMP 61438F84 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] USER32.dll!GetWindowInfo                                             77584B5E 5 Bytes  JMP 61BD68B0 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3584] GDI32.dll!GetViewportOrgEx + 26C                                     76F0884B 7 Bytes  JMP 61CD0080 C:\Program Files\Mozilla Firefox\xul.dll

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                                 Wdf01000.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                                 Wdf01000.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active                                      
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@206F2BB9                             159
Reg             HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{D1C41978-F884-11E3-AA97-806E6F6E6963}  853729696

---- EOF - GMER 2.1 ----
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 07.11.2014
Suchlauf-Zeit: 19:43:27
Logdatei: 07112014Antimalware.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.07.04
Rootkit Datenbank: v2014.11.01.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Kirstin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 286110
Verstrichene Zeit: 15 Min, 58 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
Sooo, mehr hab ich jetzt erst mal nicht....

Nun werde ich hier auf eine baldige Antwort von Euch warten , ich freu mich schon drauf.

Danke
Kiki

Alt 07.11.2014, 20:33   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen. - Standard

Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.


hi,

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________

__________________
Alt 07.11.2014, 21:17   #3
kiki-berlin
 
Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen. - Standard

Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.


Wow, das ging ja wie der Blitz!
Code:
ATTFilter
# AdwCleaner v4.002 - Bericht erstellt am 07/11/2014 um 20:44:55
# DB v2014-11-02.1
# Aktualisiert 27/10/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Kirstin - KIRSTIN-LÄPPI
# Gestartet von : C:\Users\Kirstin\Downloads\AdwCleaner_4.002.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v33.0.3 (x86 de)


*************************

AdwCleaner[R0].txt - [1815 octets] - [21/09/2014 16:08:41]
AdwCleaner[R1].txt - [691 octets] - [07/11/2014 20:35:33]
AdwCleaner[R2].txt - [1082 octets] - [07/11/2014 20:40:19]
AdwCleaner[S0].txt - [1702 octets] - [21/09/2014 16:11:11]
AdwCleaner[S1].txt - [996 octets] - [07/11/2014 20:44:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1055 octets] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.6 (11.05.2014:1)
OS: Windows 7 Professional x86
Ran by Kirstin on 07.11.2014 at 20:50:52,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"



~~~ FireFox

Emptied folder: C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\0lj38nn1.default\minidumps [17 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.11.2014 at 20:53:46,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by Kirstin (administrator) on KIRSTIN-LÄPPI on 07-11-2014 21:14:26
Running from C:\Users\Kirstin\Downloads
Loaded Profile: Kirstin (Available profiles: Kirstin)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\Launch Manager\LaunchAp.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron) C:\Program Files\Launch Manager\WButton.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LaunchAp] => C:\Program Files\Launch Manager\LaunchAp.exe [32768 2007-09-01] ()
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [188416 2007-09-06] (Wistron)
HKLM\...\Run: [CtrlVol] => "C:\Program Files\Launch Manager\CtrlVol.exe"
HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [86016 2007-09-07] (Wistron)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [729088 2007-02-26] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2007-02-26] (Synaptics, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-1049084713-579978419-3497640582-1000\...\MountPoints2: H - H:\LGAutoRun.exe
HKU\S-1-5-21-1049084713-579978419-3497640582-1000\...\MountPoints2: {fc8efe53-5399-11e4-ac5f-0016d38110d6} - H:\LGAutoRun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9918E7C1978CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.3

FireFox:
========
FF ProfilePath: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.com/?gfe_rd=cr&ei=5uMeVNu2L6qF8Qf72YCwCA&gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: NoScript - C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-23]
FF Extension: Adblock Plus - C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-23]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2006-11-17] (Wistron Corp.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-05-27] (LG Electronics Inc.)
R1 Hotkey; C:\Windows\system32\Drivers\Hotkey.sys [9867 2003-04-28] () [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S1 MpKsle6f9bb20; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AF20A533-7EB6-4C3F-B0FB-6AD8BB00CDF1}\MpKsle6f9bb20.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 21:01 - 2014-11-07 21:11 - 00000836 _____ () C:\Users\Kirstin\Downloads\Addition.txt
2014-11-07 20:53 - 2014-11-07 20:53 - 00000833 _____ () C:\Users\Kirstin\Desktop\JRT.txt
2014-11-07 20:50 - 2014-11-07 20:50 - 00000000 ____D () C:\Windows\ERUNT
2014-11-07 20:49 - 2014-11-07 20:50 - 01706939 _____ (Thisisu) C:\Users\Kirstin\Downloads\JRT.exe
2014-11-07 20:34 - 2014-11-07 20:34 - 01998336 _____ () C:\Users\Kirstin\Downloads\AdwCleaner_4.002.exe
2014-11-07 19:10 - 2014-11-07 19:10 - 00001222 _____ () C:\Users\Kirstin\Desktop\Revo Uninstaller.lnk
2014-11-07 19:10 - 2014-11-07 19:10 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-11-07 19:09 - 2014-11-07 19:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kirstin\Downloads\revosetup95.exe
2014-11-07 18:35 - 2014-11-07 18:35 - 00000000 __SHD () C:\Users\Kirstin\AppData\Local\EmieUserList
2014-11-07 18:35 - 2014-11-07 18:35 - 00000000 __SHD () C:\Users\Kirstin\AppData\Local\EmieSiteList
2014-11-07 18:30 - 2014-11-07 18:30 - 00023347 _____ () C:\Users\Kirstin\Desktop\Läppi.MHT
2014-11-07 17:34 - 2014-11-07 17:34 - 00380416 _____ () C:\Users\Kirstin\Downloads\Gmer-19357.exe
2014-11-07 17:28 - 2014-11-07 21:14 - 00008475 _____ () C:\Users\Kirstin\Downloads\FRST.txt
2014-11-07 17:28 - 2014-11-07 21:14 - 00000000 ____D () C:\FRST
2014-11-07 17:27 - 2014-11-07 17:27 - 01106432 _____ (Farbar) C:\Users\Kirstin\Downloads\FRST.exe
2014-11-07 17:25 - 2014-11-07 17:25 - 00000000 _____ () C:\Users\Kirstin\defogger_reenable
2014-11-07 17:24 - 2014-11-07 17:24 - 00050477 _____ () C:\Users\Kirstin\Downloads\Defogger.exe
2014-11-07 15:30 - 2013-04-10 00:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-11-07 14:25 - 2014-11-07 14:25 - 00000000 ____D () C:\Windows\pss
2014-11-07 12:21 - 2014-11-07 12:22 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-03 15:40 - 2014-11-03 15:42 - 00000000 ____D () C:\Users\Kirstin\AppData\Local\.elfohilfe
2014-11-03 15:35 - 2014-11-03 15:36 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\elsterformular
2014-11-03 15:34 - 2014-11-03 15:35 - 00000000 ____D () C:\ProgramData\elsterformular
2014-11-03 15:34 - 2014-11-03 15:34 - 00001249 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-11-03 15:34 - 2014-11-03 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-11-03 15:32 - 2014-11-03 15:34 - 00000000 ____D () C:\Program Files\images
2014-11-03 15:32 - 2014-11-03 15:34 - 00000000 ____D () C:\Program Files\hilfe
2014-11-03 15:32 - 2014-11-03 15:34 - 00000000 ____D () C:\Program Files\bin
2014-11-03 15:32 - 2014-11-03 15:32 - 00000000 ____D () C:\Program Files\dict
2014-11-03 15:29 - 2014-11-03 15:30 - 120739144 _____ (Landesfinanzdirektion Thüringen) C:\Users\Kirstin\Downloads\ElsterFormular-15.3.20141009u.exe
2014-11-02 23:58 - 2014-11-07 15:22 - 00000000 ___RD () C:\Users\Kirstin\Dropbox
2014-11-02 23:58 - 2014-11-02 23:58 - 00001003 _____ () C:\Users\Kirstin\Desktop\Dropbox.lnk
2014-11-02 23:53 - 2014-11-02 23:53 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-02 23:49 - 2014-11-07 11:59 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\Dropbox
2014-11-02 23:48 - 2014-11-02 23:48 - 00323672 _____ (Dropbox, Inc.) C:\Users\Kirstin\Downloads\DropboxInstaller.exe
2014-10-29 20:57 - 2014-10-29 20:58 - 91931728 _____ (The GIMP Team ) C:\Users\Kirstin\Downloads\gimp-2.8.14-setup-1.exe
2014-10-25 22:37 - 2014-10-25 22:37 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\dvdcss
2014-10-25 21:07 - 2014-10-25 22:45 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\vlc
2014-10-25 21:01 - 2014-10-25 21:01 - 00000000 ____D () C:\Program Files\VideoLAN
2014-10-25 20:56 - 2014-10-25 20:56 - 25603232 _____ () C:\Users\Kirstin\Downloads\vlc-2.1.5-win32.exe
2014-10-24 11:30 - 2014-10-24 11:30 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-24 11:29 - 2014-10-24 11:29 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-24 11:29 - 2014-10-24 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-24 11:29 - 2014-10-24 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-24 11:29 - 2014-10-24 11:29 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-24 11:29 - 2014-10-24 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-24 11:29 - 2014-10-24 11:29 - 00000000 ____D () C:\Program Files\Java
2014-10-17 22:14 - 2014-10-17 22:14 - 00000874 _____ () C:\Users\Kirstin\AppData\Local\recently-used.xbel
2014-10-16 21:51 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-16 21:51 - 2014-08-19 03:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-16 21:51 - 2014-08-19 03:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-16 21:51 - 2014-08-19 03:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-16 21:51 - 2014-08-19 03:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-16 21:51 - 2014-08-19 02:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-16 21:51 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-16 21:51 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-16 21:51 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-16 21:51 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-16 21:51 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-16 21:51 - 2014-07-07 02:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-16 21:51 - 2014-06-28 01:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-16 21:51 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-16 21:51 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-16 20:02 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 20:02 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 20:02 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 20:02 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 20:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 20:02 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 20:02 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 20:02 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 20:01 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 20:01 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 20:01 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 20:01 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 20:01 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 20:01 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 20:01 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 20:01 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 20:01 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 20:01 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 20:01 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 20:01 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 20:01 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 20:01 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 20:01 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 20:01 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 20:01 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 20:01 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 20:01 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 20:01 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 20:01 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 20:01 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 20:01 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 20:01 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 20:01 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 20:01 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 20:01 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 20:01 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 20:01 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 20:01 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 20:01 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 20:01 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 20:01 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 20:01 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-16 20:01 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-16 20:00 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 20:00 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 19:59 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 20:37 - 2014-10-14 20:37 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\LG Electronics
2014-10-14 20:28 - 2014-10-14 20:28 - 00000000 ____D () C:\Users\Kirstin\AppData\Local\LG Electronics
2014-10-14 20:28 - 2014-10-14 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2014-10-14 20:25 - 2014-10-14 20:26 - 00000000 ____D () C:\Program Files\LG Electronics
2014-10-14 19:47 - 2014-10-14 19:58 - 234529496 _____ (LG Electronics) C:\Users\Kirstin\Downloads\LGPCSuite_Setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 21:10 - 2014-06-21 12:59 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-07 20:54 - 2009-07-14 05:34 - 00032368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-07 20:54 - 2009-07-14 05:34 - 00032368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-07 20:53 - 2010-11-20 22:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 20:52 - 2014-06-20 15:15 - 01791433 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 20:47 - 2014-06-21 12:59 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-07 20:46 - 2014-09-20 07:31 - 00008428 _____ () C:\Windows\PFRO.log
2014-11-07 20:46 - 2014-08-04 21:32 - 00014002 _____ () C:\Windows\setupact.log
2014-11-07 20:46 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 20:45 - 2014-09-21 16:08 - 00000000 ____D () C:\AdwCleaner
2014-11-07 20:26 - 2014-07-13 22:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-07 20:11 - 2014-09-21 16:26 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-07 19:42 - 2014-09-21 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-07 19:42 - 2014-09-21 16:25 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-11-07 19:22 - 2014-07-18 14:23 - 00000000 ____D () C:\ProgramData\EPSON
2014-11-07 17:25 - 2014-06-20 15:26 - 00000000 ____D () C:\Users\Kirstin
2014-11-07 15:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-07 15:24 - 2014-06-20 16:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-07 14:18 - 2014-06-25 16:36 - 00000000 ____D () C:\Windows\Minidump
2014-10-30 12:24 - 2014-06-20 16:02 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 21:22 - 2014-06-22 13:33 - 00000000 ____D () C:\Users\Kirstin\.gimp-2.8
2014-10-29 21:06 - 2014-06-20 23:02 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-10-25 20:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-24 11:30 - 2014-10-01 09:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 12:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-10-17 12:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-17 11:09 - 2009-07-14 05:33 - 00286616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 11:07 - 2014-06-20 20:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-17 11:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-16 23:57 - 2014-06-20 17:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 23:52 - 2014-06-20 17:53 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Kirstin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp06yquy.dll
C:\Users\Kirstin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Kirstin\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Kirstin\AppData\Local\Temp\setup.exe
C:\Users\Kirstin\AppData\Local\Temp\sqlite3.dll
C:\Users\Kirstin\AppData\Local\Temp\vcredist9_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-07 16:38

==================== End Of Log ============================
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by Kirstin at 2014-11-07 21:15:19
Running from C:\Users\Kirstin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Brother MFL-Pro Suite DCP-J4110DW (HKLM\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.41 - Dropbox, Inc.)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.3.20141009 - Landesfinanzdirektion Thüringen)
FreeOCR v5.0 (HKLM\...\freeocr_is1) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Launch Manager V1.4.7 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.4.7 - Wistron Corp.)
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.18.20140626 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{15A5D29A-F209-49FD-BA47-5E4C882FF496}) (Version: 3.12.1.0 - LG Electronics)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
Mozilla Firefox 33.0.3 (x86 de) (HKLM\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PDF24 Creator 6.5.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
sv.net (HKLM\...\sv.net) (Version: 14.1 - ITSG GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.0.0 - Synaptics)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

07-11-2014 14:45:54 Windows Update
07-11-2014 18:16:57 Revo Uninstaller's restore point - YTD Video Downloader 4.8.1
07-11-2014 18:20:53 Revo Uninstaller's restore point - EPSON-Drucker-Software

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10288478-23FA-4E8A-8188-80520E88FD90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {5B61258E-11B8-434F-92FC-03CE2733DE35} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {7B8D1A74-605A-47F9-8241-650F1AD0AF6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-21] (Google Inc.)
Task: {8B5C41C7-AC8D-4AD0-A65D-8F868EE30DA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-21] (Google Inc.)
Task: {BABDB8BD-3131-46E3-B272-5122C611CFA7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-18 09:47 - 2012-09-18 14:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2014-07-18 09:47 - 2012-09-18 14:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2014-06-21 10:38 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2014-06-20 16:28 - 2007-09-01 13:03 - 00032768 _____ () C:\Program Files\Launch Manager\LaunchAp.exe
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56chs.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00057344 _____ () C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
2014-11-07 12:21 - 2014-11-07 12:22 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Kirstin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1049084713-579978419-3497640582-500 - Administrator - Disabled)
Gast (S-1-5-21-1049084713-579978419-3497640582-501 - Limited - Disabled)
Kirstin (S-1-5-21-1049084713-579978419-3497640582-1000 - Administrator - Enabled) => C:\Users\Kirstin

==================== Faulty Device Manager Devices =============

Name: MpKsle6f9bb20
Description: MpKsle6f9bb20
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKsle6f9bb20
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz
Percentage of memory in use: 92%
Total physical RAM: 1014.18 MB
Available physical RAM: 76.29 MB
Total Pagefile: 4014.18 MB
Available Pagefile: 3007.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:44.68 GB) (Free:17.79 GB) NTFS
Drive d: (Programme) (Fixed) (Total:20 GB) (Free:19.91 GB) NTFS
Drive e: (Daten) (Fixed) (Total:37.11 GB) (Free:9.74 GB) NTFS
Drive f: (MyDrive) (Fixed) (Total:931.51 GB) (Free:609.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D12E4C6A)
Partition 1: (Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=101.8 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 50B95581)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
__________________
Alt 08.11.2014, 08:22   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen. - Standard

Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.11.2014, 19:32   #5
kiki-berlin
 
Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen. - Standard

Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.


Hallo Schrauber!

So, alles abgearbeitet.

Es geht los mit dem Logfile von Eset:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=fd7b8e99318db44a81f410bec6bcd221
# engine=20993
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-08 06:16:34
# local_time=2014-11-08 07:16:34 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 4995681 38454588 0 0
# scanned=201526
# found=4
# cleaned=4
# scan_time=11139
sh=6CFE3661C342FB6D3BACA31204F4FDAA2D0DEBAC ft=1 fh=8d3364d31a1b9b3f vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\DATEN (F)\ADMIN\Eigene Dateien\Downloads\agsetup183se.exe"
sh=E4FA9FE51E29A7AB41A794E212E248F1730FA095 ft=1 fh=842039f94dab477f vn="Variante von MSIL/Solimba.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Joni\Downloads\rest\Google Chrome.exe"
sh=0F04E59B729F9EB611F1F725050DE4130D6C799C ft=1 fh=52e3632171e19a21 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Joni\Downloads\rest\SoftonicDownloader_fuer_maplestory.exe"
sh=58341D14FA3FA2E0E6245EDBB1973FF222A95F1E ft=1 fh=c8ef4cb7a666ed4d vn="Variante von Win32/SweetIM.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Joni\Downloads\rest\sweetimsetup.exe"

Danach den checkup.log
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.89  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.9016)   
 CCleaner     
 Java 7 Update 71  
 Java version out of Date! 
 Adobe Flash Player 	15.0.0.152  
 Adobe Reader XI  
 Mozilla Firefox (33.0.3) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Und last but not least ein neues FRST.log


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-11-2014 01
Ran by Kirstin (administrator) on KIRSTIN-LÄPPI on 08-11-2014 15:57:42
Running from C:\Users\Kirstin\Downloads
Loaded Profile: Kirstin (Available profiles: Kirstin)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\Launch Manager\LaunchAp.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Wistron) C:\Program Files\Launch Manager\WButton.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LaunchAp] => C:\Program Files\Launch Manager\LaunchAp.exe [32768 2007-09-01] ()
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [188416 2007-09-06] (Wistron)
HKLM\...\Run: [CtrlVol] => "C:\Program Files\Launch Manager\CtrlVol.exe"
HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [86016 2007-09-07] (Wistron)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [729088 2007-02-26] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2007-02-26] (Synaptics, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-1049084713-579978419-3497640582-1000\...\MountPoints2: H - H:\LGAutoRun.exe
HKU\S-1-5-21-1049084713-579978419-3497640582-1000\...\MountPoints2: {fc8efe53-5399-11e4-ac5f-0016d38110d6} - H:\LGAutoRun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9918E7C1978CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.3

FireFox:
========
FF ProfilePath: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.com/?gfe_rd=cr&ei=5uMeVNu2L6qF8Qf72YCwCA&gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: NoScript - C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-23]
FF Extension: Adblock Plus - C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\0lj38nn1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-23]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2006-11-17] (Wistron Corp.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-05-27] (LG Electronics Inc.)
R1 Hotkey; C:\Windows\system32\Drivers\Hotkey.sys [9867 2003-04-28] () [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S1 MpKsle6f9bb20; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AF20A533-7EB6-4C3F-B0FB-6AD8BB00CDF1}\MpKsle6f9bb20.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 15:57 - 2014-11-08 15:58 - 00008671 _____ () C:\Users\Kirstin\Downloads\FRST.txt
2014-11-08 15:57 - 2014-11-08 15:57 - 00000000 ____D () C:\Users\Kirstin\Downloads\FRST-OlderVersion
2014-11-08 15:50 - 2014-11-08 15:50 - 00000874 _____ () C:\Users\Kirstin\Desktop\checkup.txt
2014-11-08 15:45 - 2014-11-08 15:45 - 00854448 _____ () C:\Users\Kirstin\Desktop\SecurityCheck.exe
2014-11-08 15:39 - 2014-11-08 15:39 - 00001545 _____ () C:\Users\Kirstin\Desktop\log - Verknüpfung.lnk
2014-11-08 12:40 - 2014-11-08 12:40 - 02347384 _____ (ESET) C:\Users\Kirstin\Desktop\esetsmartinstaller_deu.exe
2014-11-07 20:50 - 2014-11-07 20:50 - 00000000 ____D () C:\Windows\ERUNT
2014-11-07 20:49 - 2014-11-07 20:50 - 01706939 _____ (Thisisu) C:\Users\Kirstin\Downloads\JRT.exe
2014-11-07 20:34 - 2014-11-07 20:34 - 01998336 _____ () C:\Users\Kirstin\Downloads\AdwCleaner_4.002.exe
2014-11-07 19:10 - 2014-11-07 19:10 - 00001222 _____ () C:\Users\Kirstin\Desktop\Revo Uninstaller.lnk
2014-11-07 19:10 - 2014-11-07 19:10 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-11-07 19:09 - 2014-11-07 19:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kirstin\Downloads\revosetup95.exe
2014-11-07 18:35 - 2014-11-07 18:35 - 00000000 __SHD () C:\Users\Kirstin\AppData\Local\EmieUserList
2014-11-07 18:35 - 2014-11-07 18:35 - 00000000 __SHD () C:\Users\Kirstin\AppData\Local\EmieSiteList
2014-11-07 18:30 - 2014-11-07 18:30 - 00023347 _____ () C:\Users\Kirstin\Desktop\Läppi.MHT
2014-11-07 17:34 - 2014-11-07 17:34 - 00380416 _____ () C:\Users\Kirstin\Downloads\Gmer-19357.exe
2014-11-07 17:28 - 2014-11-08 15:57 - 00000000 ____D () C:\FRST
2014-11-07 17:27 - 2014-11-08 15:57 - 01107968 _____ (Farbar) C:\Users\Kirstin\Downloads\FRST.exe
2014-11-07 17:25 - 2014-11-07 17:25 - 00000000 _____ () C:\Users\Kirstin\defogger_reenable
2014-11-07 17:24 - 2014-11-07 17:24 - 00050477 _____ () C:\Users\Kirstin\Downloads\Defogger.exe
2014-11-07 15:30 - 2013-04-10 00:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-11-07 14:25 - 2014-11-07 14:25 - 00000000 ____D () C:\Windows\pss
2014-11-07 12:21 - 2014-11-07 12:22 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-03 15:40 - 2014-11-03 15:42 - 00000000 ____D () C:\Users\Kirstin\AppData\Local\.elfohilfe
2014-11-03 15:35 - 2014-11-03 15:36 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\elsterformular
2014-11-03 15:34 - 2014-11-03 15:35 - 00000000 ____D () C:\ProgramData\elsterformular
2014-11-03 15:34 - 2014-11-03 15:34 - 00001249 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-11-03 15:34 - 2014-11-03 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-11-03 15:32 - 2014-11-03 15:34 - 00000000 ____D () C:\Program Files\images
2014-11-03 15:32 - 2014-11-03 15:34 - 00000000 ____D () C:\Program Files\hilfe
2014-11-03 15:32 - 2014-11-03 15:34 - 00000000 ____D () C:\Program Files\bin
2014-11-03 15:32 - 2014-11-03 15:32 - 00000000 ____D () C:\Program Files\dict
2014-11-03 15:29 - 2014-11-03 15:30 - 120739144 _____ (Landesfinanzdirektion Thüringen) C:\Users\Kirstin\Downloads\ElsterFormular-15.3.20141009u.exe
2014-11-02 23:58 - 2014-11-07 15:22 - 00000000 ___RD () C:\Users\Kirstin\Dropbox
2014-11-02 23:58 - 2014-11-02 23:58 - 00001003 _____ () C:\Users\Kirstin\Desktop\Dropbox.lnk
2014-11-02 23:53 - 2014-11-02 23:53 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-02 23:49 - 2014-11-07 11:59 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\Dropbox
2014-11-02 23:48 - 2014-11-02 23:48 - 00323672 _____ (Dropbox, Inc.) C:\Users\Kirstin\Downloads\DropboxInstaller.exe
2014-10-29 20:57 - 2014-10-29 20:58 - 91931728 _____ (The GIMP Team ) C:\Users\Kirstin\Downloads\gimp-2.8.14-setup-1.exe
2014-10-25 22:37 - 2014-10-25 22:37 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\dvdcss
2014-10-25 21:07 - 2014-10-25 22:45 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\vlc
2014-10-25 21:01 - 2014-10-25 21:01 - 00000000 ____D () C:\Program Files\VideoLAN
2014-10-24 11:30 - 2014-10-24 11:30 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-24 11:29 - 2014-10-24 11:29 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-24 11:29 - 2014-10-24 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-24 11:29 - 2014-10-24 11:29 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-24 11:29 - 2014-10-24 11:29 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-24 11:29 - 2014-10-24 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-24 11:29 - 2014-10-24 11:29 - 00000000 ____D () C:\Program Files\Java
2014-10-17 22:14 - 2014-10-17 22:14 - 00000874 _____ () C:\Users\Kirstin\AppData\Local\recently-used.xbel
2014-10-16 21:51 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-16 21:51 - 2014-08-19 03:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-16 21:51 - 2014-08-19 03:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-16 21:51 - 2014-08-19 03:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-16 21:51 - 2014-08-19 03:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-16 21:51 - 2014-08-19 02:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-16 21:51 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-16 21:51 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-16 21:51 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-16 21:51 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-16 21:51 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-16 21:51 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-16 21:51 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-16 21:51 - 2014-07-07 02:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-16 21:51 - 2014-06-28 01:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-16 21:51 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-16 21:51 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-16 20:02 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 20:02 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 20:02 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 20:02 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 20:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 20:02 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 20:02 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 20:02 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 20:01 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 20:01 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 20:01 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 20:01 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 20:01 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 20:01 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 20:01 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 20:01 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 20:01 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 20:01 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 20:01 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 20:01 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 20:01 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 20:01 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 20:01 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 20:01 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 20:01 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 20:01 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 20:01 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 20:01 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 20:01 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 20:01 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 20:01 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 20:01 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 20:01 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 20:01 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 20:01 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 20:01 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 20:01 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 20:01 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 20:01 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 20:01 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 20:01 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 20:01 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 20:01 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-16 20:01 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-16 20:01 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-16 20:00 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 20:00 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 19:59 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 20:37 - 2014-10-14 20:37 - 00000000 ____D () C:\Users\Kirstin\AppData\Roaming\LG Electronics
2014-10-14 20:28 - 2014-10-14 20:28 - 00000000 ____D () C:\Users\Kirstin\AppData\Local\LG Electronics
2014-10-14 20:28 - 2014-10-14 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2014-10-14 20:25 - 2014-10-14 20:26 - 00000000 ____D () C:\Program Files\LG Electronics
2014-10-14 19:47 - 2014-10-14 19:58 - 234529496 _____ (LG Electronics) C:\Users\Kirstin\Downloads\LGPCSuite_Setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 15:35 - 2014-06-20 15:15 - 01868347 _____ () C:\Windows\WindowsUpdate.log
2014-11-08 15:26 - 2014-07-13 22:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 15:10 - 2014-06-21 12:59 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-08 14:44 - 2010-11-20 22:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 14:38 - 2009-07-14 05:34 - 00032368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-08 14:38 - 2009-07-14 05:34 - 00032368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-08 14:21 - 2014-06-21 12:59 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-08 14:20 - 2014-08-04 21:32 - 00014114 _____ () C:\Windows\setupact.log
2014-11-08 14:20 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-08 09:51 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-07 20:46 - 2014-09-20 07:31 - 00008428 _____ () C:\Windows\PFRO.log
2014-11-07 20:45 - 2014-09-21 16:08 - 00000000 ____D () C:\AdwCleaner
2014-11-07 20:11 - 2014-09-21 16:26 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-07 19:42 - 2014-09-21 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-07 19:42 - 2014-09-21 16:25 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-11-07 19:22 - 2014-07-18 14:23 - 00000000 ____D () C:\ProgramData\EPSON
2014-11-07 17:25 - 2014-06-20 15:26 - 00000000 ____D () C:\Users\Kirstin
2014-11-07 15:24 - 2014-06-20 16:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-07 14:18 - 2014-06-25 16:36 - 00000000 ____D () C:\Windows\Minidump
2014-10-30 12:24 - 2014-06-20 16:02 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 21:22 - 2014-06-22 13:33 - 00000000 ____D () C:\Users\Kirstin\.gimp-2.8
2014-10-29 21:06 - 2014-06-20 23:02 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-10-25 20:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-24 11:30 - 2014-10-01 09:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 12:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-10-17 12:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-17 11:09 - 2009-07-14 05:33 - 00286616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 11:07 - 2014-06-20 20:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-17 11:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-16 23:57 - 2014-06-20 17:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 23:52 - 2014-06-20 17:53 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Kirstin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp06yquy.dll
C:\Users\Kirstin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Kirstin\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Kirstin\AppData\Local\Temp\setup.exe
C:\Users\Kirstin\AppData\Local\Temp\sqlite3.dll
C:\Users\Kirstin\AppData\Local\Temp\vcredist9_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-07 16:38

==================== End Of Log ============================
--- --- ---


und addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-11-2014 01
Ran by Kirstin at 2014-11-08 15:59:22
Running from C:\Users\Kirstin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Brother MFL-Pro Suite DCP-J4110DW (HKLM\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.41 - Dropbox, Inc.)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.3.20141009 - Landesfinanzdirektion Thüringen)
FreeOCR v5.0 (HKLM\...\freeocr_is1) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Launch Manager V1.4.7 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.4.7 - Wistron Corp.)
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.18.20140626 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{15A5D29A-F209-49FD-BA47-5E4C882FF496}) (Version: 3.12.1.0 - LG Electronics)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
Mozilla Firefox 33.0.3 (x86 de) (HKLM\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PDF24 Creator 6.5.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
sv.net (HKLM\...\sv.net) (Version: 14.1 - ITSG GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.0.0 - Synaptics)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1049084713-579978419-3497640582-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kirstin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

07-11-2014 14:45:54 Windows Update
07-11-2014 18:16:57 Revo Uninstaller's restore point - YTD Video Downloader 4.8.1
07-11-2014 18:20:53 Revo Uninstaller's restore point - EPSON-Drucker-Software

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10288478-23FA-4E8A-8188-80520E88FD90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {5B61258E-11B8-434F-92FC-03CE2733DE35} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {7B8D1A74-605A-47F9-8241-650F1AD0AF6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-21] (Google Inc.)
Task: {8B5C41C7-AC8D-4AD0-A65D-8F868EE30DA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-21] (Google Inc.)
Task: {BABDB8BD-3131-46E3-B272-5122C611CFA7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-18 09:47 - 2012-09-18 14:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2014-07-18 09:47 - 2012-09-18 14:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2014-06-21 10:38 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2014-06-20 16:28 - 2007-09-01 13:03 - 00032768 _____ () C:\Program Files\Launch Manager\LaunchAp.exe
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56chs.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00057344 _____ () C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
2007-02-26 11:34 - 2007-02-26 11:34 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
2014-11-07 12:21 - 2014-11-07 12:22 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Kirstin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1049084713-579978419-3497640582-500 - Administrator - Disabled)
Gast (S-1-5-21-1049084713-579978419-3497640582-501 - Limited - Disabled)
Kirstin (S-1-5-21-1049084713-579978419-3497640582-1000 - Administrator - Enabled) => C:\Users\Kirstin

==================== Faulty Device Manager Devices =============

Name: MpKsle6f9bb20
Description: MpKsle6f9bb20
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKsle6f9bb20
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2014 02:21:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2014 09:45:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/07/2014 09:45:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (11/08/2014 02:21:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2014 09:45:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz
Percentage of memory in use: 82%
Total physical RAM: 1014.18 MB
Available physical RAM: 179.64 MB
Total Pagefile: 4014.18 MB
Available Pagefile: 3016.12 MB
Total Virtual: 2047.88 MB
Available Virtual: 1920.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:44.68 GB) (Free:17.29 GB) NTFS
Drive d: (Programme) (Fixed) (Total:20 GB) (Free:19.91 GB) NTFS
Drive e: (Daten) (Fixed) (Total:37.11 GB) (Free:9.74 GB) NTFS
Drive f: (MyDrive) (Fixed) (Total:931.51 GB) (Free:609.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D12E4C6A)
Partition 1: (Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=101.8 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 50B95581)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Jetzt bin ich gespannt. Im Moment scheint mich Firefox wieder zu mögen!

Soweit schon mal Danke!


Alt 09.11.2014, 08:22   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen. - Standard

Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.


Java updaten.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
--> Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.

Alt 10.11.2014, 21:52   #7
kiki-berlin
 
Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen. - Standard

Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.


Ich habe fertig!

das hat mir der Java-Test gesagt, also aktuell?!

<Herzlichen Glückwunsch.
Sie haben die empfohlene Java-Version installiert (Version 7 Update 71)>

Mein altes Läppi läuft wieder, eben genau so schnell, wie ein solches antikes Teil das kann. Vielen Dank dafür!

Ich bin wieder begeistert, wie unkompliziert das funktioniert, wenn man weiß, was zu tun ist! Und so wie es aussieht, werden wir zügig wieder voneinander hören, das nächste Sorgenkind wartet schon. Da habe ich die Vorarbeit schon fertig, damit es losgehen kann.

Vielen Dank Schrauber, Du bist mein Held!

kiki-berlin

Alt 11.11.2014, 16:53   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen. - Standard

Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.


Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.
bluescreen 0x0000009f, device driver, downloader, fehlercode %nt-autorität607, fehlercode 24, fehlercode windows, flash player, keine reaktion, launch, memory.dmp, msil/solimba.c, prima, programm, revo uninstaller, skript beschädigt, software, svchost.exe, vcredist, win32/downloadguide.a, win32/softonicdownloader.a, win32/sweetim.c, windows7, ytd video downloader 4.8.1 entfernen


« Windows 8: Trojaner mit blauen Links und grünen Pfeilen beim surfen mit chrome und firefox | G DATA INTERNET SECURITY "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert." »


Ähnliche Themen: Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.


  1. Windows 7 Reagiert nicht mehr
    Alles rund um Windows - 02.03.2022 (12)
  2. Firefox nach Virenfund extrem langsam + Warnung: Nicht antwortendes Skript
    Log-Analyse und Auswertung - 18.11.2015 (51)
  3. Windows 7: Verdacht auf Trojaner/Bitdefender reagiert nicht mehr
    Log-Analyse und Auswertung - 24.06.2015 (24)
  4. Windows XP: Laptop sehr langsam geworden,oder er reagiert nicht mehr
    Log-Analyse und Auswertung - 30.05.2015 (41)
  5. Netbook,Windows 7Starter läuft langsam oder reagiert gar nicht mehr
    Log-Analyse und Auswertung - 28.04.2015 (55)
  6. Windows Vista hängt sich nach kurzer Standby auf und reagiert nicht mehr.
    Alles rund um Windows - 12.10.2014 (3)
  7. Ein Skript auf dieser Seite ist eventuell beschäftigt oder es antwortet nicht mehr. Sie können das Skript jetzt stoppen, im Debugger öffnen
    Plagegeister aller Art und deren Bekämpfung - 20.09.2014 (7)
  8. Firefox Meldung: Skript antwortet nicht: skript: chrome://updatescan/content/scan.js:189
    Plagegeister aller Art und deren Bekämpfung - 18.07.2014 (7)
  9. Immernoch Windows Explorer reagiert nicht mehr beim öffnen von Ordner etc.
    Plagegeister aller Art und deren Bekämpfung - 01.01.2014 (14)
  10. Windows Office Word reagiert nicht mehr
    Alles rund um Windows - 30.12.2013 (2)
  11. Windows-Explorer reagiert nicht mehr beim Öffnen Ordner etc.
    Plagegeister aller Art und deren Bekämpfung - 21.12.2013 (26)
  12. Windows Sicherheitscenter reagiert nicht mehr.Bereinigen nicht möglich
    Log-Analyse und Auswertung - 08.12.2013 (15)
  13. Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund.
    Plagegeister aller Art und deren Bekämpfung - 26.11.2013 (7)
  14. Firefox reagiert nicht mehr ohne Keine Rückmeldung!
    Log-Analyse und Auswertung - 05.07.2013 (7)
  15. Windows XP startet nicht mehr, Tastatur reagiert nicht
    Alles rund um Windows - 22.07.2012 (13)
  16. Windows startet nicht mehr, Tastatur reagiert nicht
    Alles rund um Windows - 27.07.2011 (15)
  17. Nach Virus löschen kein Doppelklick mehr möglich Windows findes Skript dat nicht.
    Plagegeister aller Art und deren Bekämpfung - 26.02.2010 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen. - Hallo, Mein Medion-Laptop habe ich im Frühjahr von XP auf Windows 7 umgestellt. Zuerst lief alles prima, aber zunehmend bekomme ich Probleme: In Firefox bricht hin und wieder die Anzeige - Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen....
Archiv
Du betrachtest: Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55