Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen !

win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen !


Log-Analyse und Auswertung: win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen !

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 23.01.2015, 19:48   #1
eundkst
 
win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen ! - Beitrag

win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen !


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-11-2013 (ATTENTION: ====> FRST version is 421 days old and could be outdated)
Ran by KS (administrator) on KS-PC on 19-01-2015 18:41:35
Running from C:\Users\KS\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\HelpPane.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [5227112 2015-01-18] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [ControlCenter4] - C:\Program Files\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [IndexSearch] - C:\Program Files\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM\...\Run: [PDFHook] - C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [PDF5 Registry Controller] - C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-29] (Google Inc.)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKCU\...\Run: [Device Detector] - DevDetect.exe -autorun
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKCU\...\Run: [Google Update] - C:\Users\KS\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-13] (Google Inc.)
HKCU\...\Run: [Google+ Auto Backup] - C:\Users\KS\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKCU\...\Run: [CCleaner Monitoring] - C:\Program Files\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd)
HKCU\...\RunOnce: [Application Restart #3] - C:\Program Files\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session https://program.avast.com/api/?action=2&p_age=552&p_bld=chr2;tris4&p_cid=1&p_cpv=100664585&p_elm=43&p_idw=0&p_iid=0&p_inf=49&p_lan=1031&p_lci=1031&p_let=24&p_lex=173&p_lic=0&p_lid= de-de&p_lng=de&p_lqa=0&p_lst=0&p_lsu=24&p_man=0&p_osv=6.1&p_pro=0&p_rcv=1&p_reh=1200&p_rew=1920&p_tra=15232&p_tri=2&p_trt=5&p_uid=1e2f&p_vbd=1289&p_vep=6 &p_ves=0&p_wnf=16 [856904 2015-01-09] (Google Inc.)
MountPoints2: {7489ee53-e73a-11df-ae7c-4c0f6e128eda} - wscript go.vbs
HKU\UpdatusUser\...\Run: [KiesPreload] - "C:\Program Files\Samsung\Kies\Kies.exe" /preload
HKU\UpdatusUser\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\UpdatusUser\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2010-07-29] (Google Inc.)
HKU\UpdatusUser\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
AppInit_DLLs: C:\Windows\System32\acaptuser32.dll [ 2013-05-08] (Adobe Systems Incorporated)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\KS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\KS\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=dspp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x49260A3B6908CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hppp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hppp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=dspp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hppp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=dspp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hppp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=dspp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&q={searchTerms}
URLSearchHook: HKLM - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
URLSearchHook: HKLM - (No Name) - {c9508125-4747-4733-b048-e4b82dc9716d} - No File
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1421585375&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=dspp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=dspp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM - {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=dspp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&ts=1421585432&type=default&q={search Terms}
SearchScopes: HKCU - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&ts=1421585432&type=default&q={search Terms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=dspp&ts=1421585425&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&ts=1421585432&type=default&q={search Terms}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&ts=1421585432&type=default&q={search Terms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&ts=1421585432&type=default&q={search Terms}
SearchScopes: HKCU - {AA6DAABE-6AC1-43D0-8DC4-2D5A2D9513BD} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&ts=1421585432&type=default&q={search Terms}
SearchScopes: HKCU - {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&ts=1421585432&type=default&q={search Terms}
SearchScopes: HKCU - {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&ts=1421585432&type=default&q={search Terms}
SearchScopes: HKCU - {EB1F792D-A62A-4EDB-B502-8B1CC4B9D067} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=ST3320820AS_5QF4CYPQXXXX5QF4CYPQ&ts=1421585432&type=default&q={search Terms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - No File
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\XTab\SupTab.dll (Thinknice Co. Limited)
BHO: No Name - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - No File
BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
BHO: No Name - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO: No Name - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - No File
BHO: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: No Name - {AF949550-9094-4807-95EC-D1C317803333} - No File
BHO: No Name - {c9508125-4747-4733-b048-e4b82dc9716d} - No File
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {567d4d94-8077-4682-b887-945f3d644116} - No File
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {C9508125-4747-4733-B048-E4B82DC9716D} - No File
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Toolbar: HKCU - No Name - {567D4D94-8077-4682-B887-945F3D644116} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655
FF user.js: detected! => C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\user.js
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: mystartsearch
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\KS\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\KS\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\KS\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\KS\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll No File
FF SearchPlugin: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\searchplugins\google-avast.xml
FF SearchPlugin: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\searchplugins\mystartsearch-1.xml
FF SearchPlugin: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\searchplugins\mystartsearch.xml
FF SearchPlugin: C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: leethax - C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\Extensions\leethax@leethax.net.xpi
FF Extension: speeddial - C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: tabmix - C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: prefs - C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\extensions\fftoolbar2014@etech.com
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\1w06fufu.default-1382298312655\extensions\faststartff@gmail.com
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\

Chrome:
=======
CHR RestoreOnStartup: "urls_to_restore_on_startup": null
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\KS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0
CHR Extension: (Avast Online Security) - C:\Users\KS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0
CHR Extension: (Google Wallet) - C:\Users\KS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0
CHR HKLM\...\Chrome\Extension: [cfigonhgidedenkkhlilmefgodjpefna] - C:\Users\KS\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\KS\AppData\Local\speedial.crx
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-03-28] (Advanced Micro Devices, Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-14] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-12-14] (Avast Software)
S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] ()
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.)
S2 IHProtect Service; C:\Program Files\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
S2 MCSWASVR; C:\Program Files\Telekom\Mediencenter\WebDAV.AdminService.exe [16016 2010-07-09] (Deutsche Telekom AG)
S2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
S2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S2 Verifies and fixes application compatibility issues; C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [91304 2015-01-12] ()
S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-18] (SysTool PasSame LIMITED)
S2 xmkysecqun32; C:\Program Files\003\xmkysecqun32.exe [541696 2014-06-24] ()
S2 HPSLPSVC; C:\Users\KS\AppData\Local\Temp\7zS6AAF\hpslpsvc32.dll [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-14] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-14] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-12-14] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-14] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-14] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-14] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [206248 2014-12-14] ()
S1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [265800 2010-05-15] (EldoS Corporation)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2014-03-19] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2014-03-19] (Logitech, Inc.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2014-03-19] (Logitech, Inc.)
S3 MSI_DVD_010507; C:\Program Files\MSI\MSIWDev\DVDSYS32_100507.sys [22328 2010-05-10] (Your Corporation)
S3 MSI_MSIBIOS_010507; C:\Program Files\MSI\MSIWDev\msibios32_100507.sys [25912 2010-05-10] (Your Corporation)
S3 MSI_VGASYS_010507; C:\Program Files\MSI\MSIWDev\VGASYS32_100507.sys [16696 2010-05-10] ()
S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors)
S1 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-12-15] ()
S3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-12-14] (Avast Software)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [117760 2011-02-25] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [164864 2011-02-25] (VIA Technologies, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2008-10-28] (X10 Wireless Technology, Inc.)
S3 amdiox86; system32\DRIVERS\amdiox86.sys [x]
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S3 NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys [x]
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib.sys [x]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2015-01-19 18:41 - 2015-01-19 18:43 - 00026542 _____ C:\Users\KS\Downloads\FRST.txt
2015-01-19 18:41 - 2015-01-19 18:41 - 00000000 ____D C:\FRST
2015-01-19 18:40 - 2015-01-19 18:40 - 01091583 _____ (Farbar) C:\Users\KS\Downloads\FRST.exe
2015-01-19 18:40 - 2015-01-19 18:40 - 01091583 _____ (Farbar) C:\Users\KS\Downloads\FRST(1).exe
2015-01-19 17:11 - 2015-01-19 17:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2015-01-19 17:11 - 2015-01-19 17:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
2015-01-19 17:09 - 2015-01-19 17:09 - 00000197 _____ C:\Windows\system32\2015-01-19-16-09-45.014-AvastVBoxSVC.exe-4384.log
2015-01-19 17:08 - 2015-01-19 17:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-01-19 17:08 - 2015-01-19 17:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-01-19 16:35 - 2015-01-19 16:35 - 05249448 _____ (ParetoLogic Inc.) C:\Users\KS\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-01-19 15:21 - 2015-01-19 15:22 - 00000197 _____ C:\Windows\system32\2015-01-19-14-21-48.097-AvastVBoxSVC.exe-5508.log
2015-01-19 00:26 - 2015-01-19 00:26 - 00000197 _____ C:\Windows\system32\2015-01-18-23-26-28.012-AvastVBoxSVC.exe-5608.log
2015-01-19 00:13 - 2015-01-19 17:04 - 00006592 _____ C:\Windows\DPINST.LOG
2015-01-19 00:10 - 2015-01-19 00:10 - 00000196 _____ C:\Users\KS\Documents\cc_20150119_001008.reg
2015-01-18 23:40 - 2015-01-18 23:40 - 00000562 _____ C:\Windows\PFRO.log
2015-01-18 20:39 - 2015-01-18 20:39 - 00000197 _____ C:\Windows\system32\2015-01-18-19-39-24.099-AvastVBoxSVC.exe-5264.log
2015-01-18 20:37 - 2015-01-19 17:35 - 00000448 _____ C:\Windows\setupact.log
2015-01-18 20:37 - 2015-01-18 20:37 - 00000000 _____ C:\Windows\setuperr.log
2015-01-18 16:48 - 2015-01-18 16:48 - 08889112 _____ C:\Users\KS\Downloads\Driver_USB(1).7z
2015-01-18 16:47 - 2015-01-18 16:48 - 08009577 _____ C:\Users\KS\Downloads\MtkDroidTools(1).7z
2015-01-18 14:54 - 2015-01-18 14:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-01-18 14:10 - 2015-01-18 14:10 - 00000197 _____ C:\Windows\system32\2015-01-18-13-10-31.040-AvastVBoxSVC.exe-5344.log
2015-01-18 13:59 - 2015-01-18 13:59 - 00000197 _____ C:\Windows\system32\2015-01-18-12-59-29.073-AvastVBoxSVC.exe-1804.log
2015-01-18 13:58 - 2015-01-18 13:58 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-01-18 13:50 - 2015-01-18 20:59 - 00000000 ____D C:\Users\KS\AppData\Roaming\mystartsearch
2015-01-18 13:50 - 2015-01-18 13:58 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-01-18 13:50 - 2015-01-18 13:50 - 00000000 ____D C:\Program Files\XTab
2015-01-18 13:49 - 2015-01-18 13:49 - 00000000 ____D C:\Program Files\Driver Identifier
2015-01-18 13:43 - 2015-01-18 13:43 - 00638888 _____ (Oracle Corporation) C:\Users\KS\Downloads\jxpiinstall(1).exe
2015-01-18 13:26 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-18 13:26 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-18 13:24 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-18 13:24 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-18 13:24 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-18 13:24 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-18 13:20 - 2015-01-18 13:20 - 00000197 _____ C:\Windows\system32\2015-01-18-12-20-02.058-AvastVBoxSVC.exe-6044.log
2015-01-18 12:03 - 2015-01-19 17:11 - 00258643 _____ C:\Windows\WindowsUpdate.log
2015-01-18 11:46 - 2015-01-18 11:47 - 00000632 _____ C:\Users\KS\Documents\cc_20150118_114653.reg
2015-01-18 11:38 - 2015-01-18 11:38 - 00000197 _____ C:\Windows\system32\2015-01-18-10-38-13.001-AvastVBoxSVC.exe-3996.log
2015-01-18 11:31 - 2015-01-18 11:31 - 00000197 _____ C:\Windows\system32\2015-01-18-10-31-48.049-AvastVBoxSVC.exe-2068.log
2015-01-17 23:48 - 2015-01-17 23:48 - 00000000 ____D C:\Users\Default\AppData\Local\Apple
2015-01-17 23:48 - 2015-01-17 23:48 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple
2015-01-17 23:41 - 2015-01-17 23:41 - 00000197 _____ C:\Windows\system32\2015-01-17-22-41-20.082-AvastVBoxSVC.exe-5724.log

==================== One Month Modified Files and Folders =======

2015-01-19 18:43 - 2015-01-19 18:41 - 00026542 _____ C:\Users\KS\Downloads\FRST.txt
2015-01-19 18:41 - 2015-01-19 18:41 - 00000000 ____D C:\FRST
2015-01-19 18:40 - 2015-01-19 18:40 - 01091583 _____ (Farbar) C:\Users\KS\Downloads\FRST.exe
2015-01-19 18:40 - 2015-01-19 18:40 - 01091583 _____ (Farbar) C:\Users\KS\Downloads\FRST(1).exe
2015-01-19 18:07 - 2014-06-25 12:07 - 00000276 _____ C:\Windows\Tasks\FF Watcher {84E5D227-76F8-4A9F-8346-C1A634A7D805}.job
2015-01-19 17:50 - 2012-03-29 09:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-19 17:35 - 2015-01-18 20:37 - 00000448 _____ C:\Windows\setupact.log
2015-01-19 17:19 - 2014-05-13 13:51 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2689239643-3006566012-3091252529-1001UA.job
2015-01-19 17:16 - 2009-07-14 05:34 - 00023312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-19 17:16 - 2009-07-14 05:34 - 00023312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-19 17:11 - 2015-01-19 17:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2015-01-19 17:11 - 2015-01-19 17:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
2015-01-19 17:11 - 2015-01-18 12:03 - 00258643 _____ C:\Windows\WindowsUpdate.log
2015-01-19 17:10 - 2015-01-19 17:08 - 00000000 ____D C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-01-19 17:10 - 2015-01-19 17:08 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-01-19 17:10 - 2014-10-23 18:51 - 00000000 ____D C:\ProgramData\Package Cache
2015-01-19 17:09 - 2015-01-19 17:09 - 00000197 _____ C:\Windows\system32\2015-01-19-16-09-45.014-AvastVBoxSVC.exe-4384.log
2015-01-19 17:07 - 2014-08-02 19:11 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-01-19 17:06 - 2013-12-13 14:42 - 00000000 ____D C:\Users\KS\AppData\Roaming\ControlCenter4
2015-01-19 17:05 - 2010-05-14 22:59 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-19 17:05 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-01-19 17:04 - 2015-01-19 00:13 - 00006592 _____ C:\Windows\DPINST.LOG
2015-01-19 17:03 - 2014-02-03 12:58 - 00000000 ____D C:\ProgramData\ParetoLogic
2015-01-19 16:35 - 2015-01-19 16:35 - 05249448 _____ (ParetoLogic Inc.) C:\Users\KS\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-01-19 15:23 - 2010-11-02 00:31 - 00002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-19 15:22 - 2015-01-19 15:21 - 00000197 _____ C:\Windows\system32\2015-01-19-14-21-48.097-AvastVBoxSVC.exe-5508.log
2015-01-19 00:26 - 2015-01-19 00:26 - 00000197 _____ C:\Windows\system32\2015-01-18-23-26-28.012-AvastVBoxSVC.exe-5608.log
2015-01-19 00:10 - 2015-01-19 00:10 - 00000196 _____ C:\Users\KS\Documents\cc_20150119_001008.reg
2015-01-18 23:40 - 2015-01-18 23:40 - 00000562 _____ C:\Windows\PFRO.log
2015-01-18 20:59 - 2015-01-18 13:50 - 00000000 ____D C:\Users\KS\AppData\Roaming\mystartsearch
2015-01-18 20:39 - 2015-01-18 20:39 - 00000197 _____ C:\Windows\system32\2015-01-18-19-39-24.099-AvastVBoxSVC.exe-5264.log
2015-01-18 20:37 - 2015-01-18 20:37 - 00000000 _____ C:\Windows\setuperr.log
2015-01-18 20:37 - 2012-04-29 12:29 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-01-18 20:04 - 2014-08-18 07:57 - 00000000 ____D C:\Users\KS\AppData\Local\Adobe
2015-01-18 20:04 - 2012-03-29 09:16 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-18 20:04 - 2011-05-20 08:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-18 19:29 - 2012-07-25 21:24 - 00000916 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2689239643-3006566012-3091252529-1001UA.job
2015-01-18 17:46 - 2010-02-14 18:40 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-01-18 17:36 - 2010-05-18 10:28 - 00000000 ____D C:\Program Files\DIFX
2015-01-18 16:48 - 2015-01-18 16:48 - 08889112 _____ C:\Users\KS\Downloads\Driver_USB(1).7z
2015-01-18 16:48 - 2015-01-18 16:47 - 08009577 _____ C:\Users\KS\Downloads\MtkDroidTools(1).7z
2015-01-18 14:54 - 2015-01-18 14:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-01-18 14:33 - 2010-02-14 22:45 - 00001057 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-18 14:29 - 2013-03-13 12:09 - 00000000 ____D C:\Users\KS\AppData\Roaming\Dropbox
2015-01-18 14:23 - 2013-07-14 02:14 - 00000000 ____D C:\Windows\system32\MRT
2015-01-18 14:16 - 2010-02-17 12:07 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-18 14:10 - 2015-01-18 14:10 - 00000197 _____ C:\Windows\system32\2015-01-18-13-10-31.040-AvastVBoxSVC.exe-5344.log
2015-01-18 13:59 - 2015-01-18 13:59 - 00000197 _____ C:\Windows\system32\2015-01-18-12-59-29.073-AvastVBoxSVC.exe-1804.log
2015-01-18 13:58 - 2015-01-18 13:58 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-01-18 13:58 - 2015-01-18 13:50 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-01-18 13:50 - 2015-01-18 13:50 - 00000000 ____D C:\Program Files\XTab
2015-01-18 13:49 - 2015-01-18 13:49 - 00000000 ____D C:\Program Files\Driver Identifier
2015-01-18 13:49 - 2013-08-05 23:32 - 00001278 _____ C:\Users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-18 13:49 - 2011-03-15 19:47 - 00001569 _____ C:\Users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-18 13:43 - 2015-01-18 13:43 - 00638888 _____ (Oracle Corporation) C:\Users\KS\Downloads\jxpiinstall(1).exe
2015-01-18 13:20 - 2015-01-18 13:20 - 00000197 _____ C:\Windows\system32\2015-01-18-12-20-02.058-AvastVBoxSVC.exe-6044.log
2015-01-18 11:47 - 2015-01-18 11:46 - 00000632 _____ C:\Users\KS\Documents\cc_20150118_114653.reg
2015-01-18 11:43 - 2010-02-20 13:29 - 00000000 ____D C:\Users\KS\AppData\Roaming\BitTorrent
2015-01-18 11:38 - 2015-01-18 11:38 - 00000197 _____ C:\Windows\system32\2015-01-18-10-38-13.001-AvastVBoxSVC.exe-3996.log
2015-01-18 11:31 - 2015-01-18 11:31 - 00000197 _____ C:\Windows\system32\2015-01-18-10-31-48.049-AvastVBoxSVC.exe-2068.log
2015-01-18 11:27 - 2010-02-14 18:41 - 00000000 ____D C:\Users\KS
2015-01-18 11:27 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2015-01-18 11:26 - 2010-02-14 19:29 - 00000000 ____D C:\Users\KS\AppData\Roaming\GHISLER
2015-01-18 11:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2015-01-17 23:48 - 2015-01-17 23:48 - 00000000 ____D C:\Users\Default\AppData\Local\Apple
2015-01-17 23:48 - 2015-01-17 23:48 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple
2015-01-17 23:41 - 2015-01-17 23:41 - 00000197 _____ C:\Windows\system32\2015-01-17-22-41-20.082-AvastVBoxSVC.exe-5724.log
2015-01-17 23:38 - 2013-03-13 23:03 - 00000000 ___RD C:\Users\KS\Dropbox
2015-01-08 09:55 - 2010-03-11 23:19 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\KS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3azirc.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe
[2014-10-20 18:27] - [2014-07-17 02:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-12-16 13:14

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-11-2013
Ran by KS at 2015-01-19 18:44:18
Running from C:\Users\KS\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 15.0.0.249)
Adobe Flash Player 16 ActiveX (Version: 16.0.0.257)
Adobe Flash Player 16 NPAPI (Version: 16.0.0.257)
AOL Deutschland Toolbar
Avast Free Antivirus (Version: 10.0.2208)
CCleaner (Version: 5.00)
Crystal Reports Basic Runtime for Visual Studio 2008 (Version: 10.5.0.0)
DriverIdentifier 3.8
Dropbox (HKCU Version: 3.0.3)
Google Chrome (Version: 39.0.2171.99)
Google Drive (Version: 1.18.7821.2489)
Google Update Helper (Version: 1.3.25.11)
Google+ Auto Backup (HKCU Version: 1.0.26.151)
Internet-TV für Windows Media Center (Version: 4.2.2.0)
Lenovo Smart Assistant 1.03 (Version: 1.03.0.0)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Fix it Center (Version: 1.0.0100)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.30514.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (Version: 11.0.61030.0)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (Version: 12.0.21005.1)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Move Media Player
Mozilla Firefox 35.0 (x86 de) (Version: 35.0)
MyFreeCodec
Nero Abstract Themes (Version: 16.0.10002)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero Blu-ray Player (Version: 12.1.20081)
Nero Core Components (Version: 11.4.0012)
Nero Info (Version: 16.0.1003)
Nero Kwik Themes Basic (Version: 16.0.10002)
Nero MediaHome (Version: 1.26.5300)
Nero SharedVideoCodecs (Version: 1.0.16006)
Nero Update (Version: 11.0.13600.45.0)
Prerequisite installer (Version: 16.0.0000)
Realtek Ethernet Controller Driver (Version: 7.86.508.2014)
Samsung Kies3 (Version: 3.2.14113.3)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.49.0)
SlimDrivers
TomTom HOME (Version: 2.9.8)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Total Commander (Remove or Repair) (Version: 8.50)
Ultimate Codec Packages
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Ultimate Codec
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Versandhelfer (Version: 1.6)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (Version: 06/15/2009 6.2.0.9000)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Driver Package - Lenovo Inc. (WinUSB) AndroidUsbDeviceClass (04/28/2012 4.0.0000.00000) (Version: 04/28/2012 4.0.0000.00000)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)

==================== Restore Points =========================

02-12-2014 08:03:47 Windows Update
04-12-2014 21:54:11 Installed Samsung Kies3
08-12-2014 20:33:07 Removed Catalyst Control Center - Branding
08-12-2014 20:33:58 Removed ATI AVIVO Codecs
08-12-2014 20:34:22 Removed Catalyst Control Center Graphics Previews Common
08-12-2014 22:29:09 Revo Uninstaller's restore point - AMD Catalyst Install Manager
08-12-2014 22:29:27 Removed AMD Catalyst Install Manager
08-12-2014 22:31:52 Revo Uninstaller's restore point - AMD Catalyst Install Manager
09-12-2014 07:56:42 Windows Update
10-12-2014 14:16:33 Windows Update
10-12-2014 19:13:29 SlimDrivers Installing Drivers
10-12-2014 19:14:31 Installiert Realtek Ethernet Controller Driver
12-12-2014 12:08:42 Windows Update
14-12-2014 22:54:26 avast! antivirus system restore point
16-12-2014 08:32:04 Windows Update
19-12-2014 00:10:48 Windows Update
17-01-2015 22:46:14 Windows Update
17-01-2015 23:01:43 Windows Update
18-01-2015 12:20:49 Windows Update
18-01-2015 13:15:25 Windows Update
19-01-2015 16:09:47 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0733D720-AC3C-479D-810C-3EC5AA136C4B} - System32\Tasks\{E86EF3DC-9E99-49C3-BD4C-37B0F85A386E} => Firefox.exe
Task: {302F8CBA-D325-4FD1-8CC4-44B37ADA6F15} - System32\Tasks\{626911E7-F6D8-4111-AEB9-65DCD79894A6} => C:\Windows\System32\spool\drivers\w32x86\3\CAPPSWK.EXE
Task: {38B103F6-060C-4B27-8BE1-AF2843C6B99B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2689239643-3006566012-3091252529-1001Core => C:\Users\KS\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-13] (Google Inc.)
Task: {38D127CA-643C-4E2A-969D-2D392D2A297F} - System32\Tasks\SlimDrivers Startup => C:\Program Files\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {59A1F2A8-B320-4562-AFF1-ABE72CDFE960} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe
Task: {5AA51859-365B-4CBB-8585-977F6E1438B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {5B7438AB-3F25-4E40-8717-E4C3FB539E94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {5D98041A-8791-4300-B78D-D8B09FF424CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2689239643-3006566012-3091252529-1001UA => C:\Users\KS\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-13] (Google Inc.)
Task: {6136EBAC-27B6-49C7-97F6-68490BEBC617} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {67E1F1FE-6F14-4EE0-A696-B0E0559B7B25} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\invagent.dll [2014-12-04] (Microsoft Corporation)
Task: {8EF9C463-B03F-47DF-A04B-248C386D4E6F} - System32\Tasks\{DD8596A6-88F3-4836-9DF5-969DE42396D7} => C:\Windows\System32\spool\drivers\w32x86\3\CAPPSWK.EXE
Task: {95AAEB31-48B7-49DF-AEC4-14CB99177417} - System32\Tasks\FF Watcher {84E5D227-76F8-4A9F-8346-C1A634A7D805} => C:\Program Files\V-bates\PrefHelper.exe
Task: {AD0CA1ED-8CF8-4D4A-9461-EE99111E0AAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AE55ED13-41BB-41ED-9761-40C5DE26321D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-18] (Adobe Systems Incorporated)
Task: {AED3BDF2-5D53-4CEF-8CA4-8A850EAF491E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2689239643-3006566012-3091252529-1001UA => C:\Users\KS\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-25] (Facebook Inc.)
Task: {B55997C6-8AF6-43C3-B76E-86F8D947C13A} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {C02A9BE7-5B16-4729-8211-8B412B91F356} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\System32\appraiser.dll [2014-12-04] (Microsoft Corporation)
Task: {C1C6BCEE-4CC3-4142-A228-A2AD904831FA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2689239643-3006566012-3091252529-1001Core => C:\Users\KS\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-25] (Facebook Inc.)
Task: {CD5F7CE4-27B4-47C2-9179-3E7EFF2933BF} - System32\Tasks\{E6B362F6-E6AD-482C-B774-6AA47C4923E2} => C:\Windows\System32\spool\drivers\w32x86\3\CAPPSWK.EXE
Task: {CEC7DC91-EB9D-4886-A108-1090335DE9A6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-14] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2689239643-3006566012-3091252529-1001Core.job => C:\Users\KS\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2689239643-3006566012-3091252529-1001UA.job => C:\Users\KS\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FF Watcher {84E5D227-76F8-4A9F-8346-C1A634A7D805}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2689239643-3006566012-3091252529-1001Core.job => C:\Users\KS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2689239643-3006566012-3091252529-1001UA.job => C:\Users\KS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:0FB38B7E7A2E43B7
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
AlternateDataStreams: C:\Users\KS\AppData\Roaming\default.rss:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Faulty Device Manager Devices =============

Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2015 05:33:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba10
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0004b1e4
ID des fehlerhaften Prozesses: 0x410
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3

Error: (01/19/2015 05:07:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ONENOTEM.EXE, Version: 12.0.6500.5000, Zeitstempel: 0x49a6b036
Name des fehlerhaften Moduls: rapi.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x465eef68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x73e342ff
ID des fehlerhaften Prozesses: 0xbe4
Startzeit der fehlerhaften Anwendung: 0xONENOTEM.EXE0
Pfad der fehlerhaften Anwendung: ONENOTEM.EXE1
Pfad des fehlerhaften Moduls: ONENOTEM.EXE2
Berichtskennung: ONENOTEM.EXE3

Error: (01/19/2015 05:06:51 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2015/01/19 17:06:51.816]: [00002356]: Initialize TwdsMain Class failed!

Error: (01/19/2015 05:06:51 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2015/01/19 17:06:51.816]: [00002356]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (01/19/2015 03:20:55 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ONENOTEM.EXE, Version: 12.0.6500.5000, Zeitstempel: 0x49a6b036
Name des fehlerhaften Moduls: rapi.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x465eef68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6a8642ff
ID des fehlerhaften Prozesses: 0xea8
Startzeit der fehlerhaften Anwendung: 0xONENOTEM.EXE0
Pfad der fehlerhaften Anwendung: ONENOTEM.EXE1
Pfad des fehlerhaften Moduls: ONENOTEM.EXE2
Berichtskennung: ONENOTEM.EXE3

Error: (01/19/2015 00:24:48 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ONENOTEM.EXE, Version: 12.0.6500.5000, Zeitstempel: 0x49a6b036
Name des fehlerhaften Moduls: rapi.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x465eef68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x69f742ff
ID des fehlerhaften Prozesses: 0xf04
Startzeit der fehlerhaften Anwendung: 0xONENOTEM.EXE0
Pfad der fehlerhaften Anwendung: ONENOTEM.EXE1
Pfad des fehlerhaften Moduls: ONENOTEM.EXE2
Berichtskennung: ONENOTEM.EXE3

Error: (01/18/2015 11:44:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ONENOTEM.EXE, Version: 12.0.6500.5000, Zeitstempel: 0x49a6b036
Name des fehlerhaften Moduls: rapi.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x465eef68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6a3942ff
ID des fehlerhaften Prozesses: 0xf48
Startzeit der fehlerhaften Anwendung: 0xONENOTEM.EXE0
Pfad der fehlerhaften Anwendung: ONENOTEM.EXE1
Pfad des fehlerhaften Moduls: ONENOTEM.EXE2
Berichtskennung: ONENOTEM.EXE3

Error: (01/18/2015 08:47:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ONENOTEM.EXE, Version: 12.0.6500.5000, Zeitstempel: 0x49a6b036
Name des fehlerhaften Moduls: rapi.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x465eef68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x718442ff
ID des fehlerhaften Prozesses: 0xef8
Startzeit der fehlerhaften Anwendung: 0xONENOTEM.EXE0
Pfad der fehlerhaften Anwendung: ONENOTEM.EXE1
Pfad des fehlerhaften Moduls: ONENOTEM.EXE2
Berichtskennung: ONENOTEM.EXE3

Error: (01/18/2015 08:39:32 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/18/2015 08:39:32 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (01/19/2015 06:41:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (01/19/2015 06:41:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (01/19/2015 06:41:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (01/19/2015 06:41:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (01/19/2015 06:41:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (01/19/2015 06:41:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (01/19/2015 06:38:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (01/19/2015 06:38:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (01/19/2015 06:38:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (01/19/2015 06:38:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068


Microsoft Office Sessions:
=========================
Error: (07/26/2014 08:15:52 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 55 seconds with 0 seconds of active time. This session ended with a crash.

Error: (07/01/2013 08:09:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 41292 seconds with 1560 seconds of active time. This session ended with a crash.

Error: (05/11/2013 00:28:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 66 seconds with 60 seconds of active time. This session ended with a crash.

Error: (05/11/2013 00:27:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3490 seconds with 120 seconds of active time. This session ended with a crash.

Error: (02/28/2013 08:28:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 57 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/15/2013 04:06:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 20088 seconds with 720 seconds of active time. This session ended with a crash.

Error: (12/11/2012 11:37:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/13/2012 09:51:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 624 seconds with 60 seconds of active time. This session ended with a crash.

Error: (10/30/2012 08:26:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4160 seconds with 300 seconds of active time. This session ended with a crash.

Error: (10/22/2012 00:10:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 26 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2014-02-03 13:27:44.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\McAfee\SITEAD~1\sahook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-02-03 13:27:27.507
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\McAfee\SITEAD~1\sahook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 3327.43 MB
Available physical RAM: 2701.04 MB
Total Pagefile: 6653.15 MB
Available Pagefile: 6068.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:187.37 GB) (Free:94.78 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:24.82 GB) (Free:4.54 GB) FAT32
Drive e: (DATA) (Fixed) (Total:298.08 GB) (Free:127.97 GB) NTFS
Drive f: () (Fixed) (Total:85.89 GB) (Free:85.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 06680895)
Partition 1: (Not Active) - (Size=298 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 8BA11F9C)
Partition 1: (Active) - (Size=187 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=86 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=OF Extended)

==================== End Of Log ============================

wer kann mir weiterhelfen

Alt 23.01.2015, 19:55   #2
schrauber
/// the machine
/// TB-Ausbilder
 
win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen ! - Standard

win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen !


hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________

__________________
Antwort

Themen zu win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen !
adobe, antivirus, avg, bonjour, browser, cid, defender, email, error, excel, failed, fatal error, flash player, google, helper, homepage, iexplore.exe, mozilla, protectwindowsmanager.exe, realtek, registry, revo uninstaller, scan, secure search, security, services.exe, software, svchost.exe, trackid, windows, wscript, ändern


« Suche drindend guten hacker | Sicherheitswarnung zu meinem Internetzugang durch die Telekom »


Ähnliche Themen: win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen !


  1. Windows7 erkennt mein Passwort nicht mehr und ich habe keinen Zugriff auf meinen Laptop
    Log-Analyse und Auswertung - 12.03.2015 (11)
  2. Mein Freund kann nichts mehr öffnen...
    Plagegeister aller Art und deren Bekämpfung - 28.12.2013 (12)
  3. pc fährt nicht mehr hoch, habe einen interpol trojaner
    Plagegeister aller Art und deren Bekämpfung - 27.10.2013 (3)
  4. Sony Vaio (ca.5 Jahre alt) fährt nach Polizeivirus nicht mehr hoch.Es lässt sich auch nicht mehr laden.
    Netzwerk und Hardware - 06.09.2013 (1)
  5. Pc langer piepton und danach fährt er nicht mehr hoch
    Netzwerk und Hardware - 28.10.2012 (12)
  6. Kann nichts mehr öffnen (ZeroAccess)
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (4)
  7. Kann Malware nicht installieren weil ich auf nichts mehr zugriff habe!
    Plagegeister aller Art und deren Bekämpfung - 14.06.2012 (1)
  8. XP fährt nich mehr richtig hoch/kann sich nicht an Domäne anmelden.
    Alles rund um Windows - 22.03.2012 (8)
  9. soll 50€ bezahlen sonst habe ich keinen zugriff mehr auf meinen rechner
    Plagegeister aller Art und deren Bekämpfung - 14.02.2012 (14)
  10. Keinen Zugriff auf externe Festplatte mehr [Recycle... kann nicht gefunden werden]
    Plagegeister aller Art und deren Bekämpfung - 24.05.2011 (21)
  11. Security Tool - NICHTS geht mehr! Keine .exe lässt sich mehr öffnen!
    Plagegeister aller Art und deren Bekämpfung - 16.07.2010 (2)
  12. Generic host process for win 32 - danach keinen Ton mehr
    Log-Analyse und Auswertung - 26.09.2009 (5)
  13. Nach einem Virus habe ich keinen Zugriff mehr auf meine Eigene Dateien
    Plagegeister aller Art und deren Bekämpfung - 11.03.2009 (5)
  14. ich kann keinen Arbeitsplatz etc. mehr öffnen
    Log-Analyse und Auswertung - 27.05.2008 (1)
  15. Ich habe keinen Zugriff mehr...
    Alles rund um Windows - 23.05.2008 (10)
  16. Hallo ich habe ein Werbe POP-UP virus kann nicht mehr normal surfen
    Log-Analyse und Auswertung - 20.10.2006 (1)
  17. Winocx32.exe Wurm ? Kann nichts mehr öffnen ! Wer kann mir helfen ?
    Plagegeister aller Art und deren Bekämpfung - 20.06.2004 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen ! - Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-11-2013 ( ATTENTION: ====> FRST version is 421 days old and could be outdated ) Ran by KS (administrator) on - win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen !...
Archiv
Du betrachtest: win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen ! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19