Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
PDF aus falscher DHL-Mail geöffnet - Infektion?

PDF aus falscher DHL-Mail geöffnet - Infektion?


Plagegeister aller Art und deren Bekämpfung: PDF aus falscher DHL-Mail geöffnet - Infektion?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 13.05.2015, 09:02   #1
KJ777
 
PDF aus falscher DHL-Mail geöffnet - Infektion? - Standard

PDF aus falscher DHL-Mail geöffnet - Infektion?


Hallo zusammen,

ich bin einer der Vielen, die eine falsche DHL-Paketankündigung bekommen haben.
In einem völlig unkonzentrierten Augenblick hab ich leider das PDF im Anhang der Mail geöffnet und dann erst auf den falschen Absender geguckt...

Ich hab jetzt ein ziemlich ungutes Gefühl, dass ich mir da was eingefangen haben könnte.
Avira findet nichts.

Es wär toll, wenn Ihr mir helfen könntet! Vielen Dank schon mal!


Der Scan mit FRST hat Folgendes ergeben:

FRST.txt:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Dennis (administrator) on DENNIS-NETBOOK on 12-05-2015 13:03:23
Running from C:\Users\Dennis\Desktop
Loaded Profiles: Dennis (Available profiles: Dennis)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2892072 2012-01-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-12-09] (Alcor Micro Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2004360 2015-04-28] (APN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2014-11-19] (Cisco Systems, Inc.)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3906071262-4254700570-2007420806-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-3906071262-4254700570-2007420806-1001\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3906071262-4254700570-2007420806-1001\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3906071262-4254700570-2007420806-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [450048 2011-09-13] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2012-03-30]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2014-01-18]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk [2013-08-23]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3906071262-4254700570-2007420806-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKU\S-1-5-21-3906071262-4254700570-2007420806-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
URLSearchHook: HKU\S-1-5-21-3906071262-4254700570-2007420806-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3906071262-4254700570-2007420806-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3906071262-4254700570-2007420806-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: No Name -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: No Name -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} ->  No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\698gjqsz.default
FF NewTab: https://safesearch.avira.com/#?source=newtab
FF Homepage: www.google.com
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\698gjqsz.default\searchplugins\ask-search.xml [2015-04-01]
FF SearchPlugin: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\698gjqsz.default\searchplugins\avira-safesearch.xml [2015-02-27]
FF Extension: Avira Browser Safety - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\698gjqsz.default\Extensions\abs@avira.com [2015-04-28]
FF Extension: Avira SafeSearch - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\698gjqsz.default\Extensions\safesearch@avira.com [2015-04-28]
FF Extension: Search App by Ask - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\698gjqsz.default\Extensions\toolbar_ORJ-SPE@apn.ask.com.xpi [2015-04-28]
FF Extension: Shopping App by Ask - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\698gjqsz.default\Extensions\toolbar_ORJ-ST-SPE@apn.ask.com.xpi [2015-01-31]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-01-14]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-28] (APN LLC.)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2015-03-19] (The OpenVPN Project)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-01-18] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2012-03-26] (Apple Inc.) [File not signed]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.)
S0 mfewfpk; system32\drivers\mfewfpk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-12 13:03 - 2015-05-12 13:04 - 00019300 _____ () C:\Users\Dennis\Desktop\FRST.txt
2015-05-12 13:03 - 2015-05-12 13:03 - 00000000 ____D () C:\FRST
2015-05-12 13:02 - 2015-05-12 13:02 - 02102784 _____ (Farbar) C:\Users\Dennis\Desktop\FRST64.exe
2015-05-12 12:59 - 2015-05-12 13:00 - 00000474 _____ () C:\Users\Dennis\Desktop\defogger_disable.log
2015-05-12 12:59 - 2015-05-12 12:59 - 00000000 _____ () C:\Users\Dennis\defogger_reenable
2015-05-12 12:42 - 2015-05-12 12:42 - 00050477 _____ () C:\Users\Dennis\Desktop\Defogger.exe
2015-05-11 21:00 - 2015-05-11 21:00 - 00000017 _____ () C:\Windows\SysWOW64\shortcut_ex.dat
2015-05-05 08:55 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-05-05 08:55 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-29 22:45 - 2015-04-29 22:45 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-29 22:45 - 2015-04-29 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-27 19:24 - 2015-04-27 19:24 - 00000000 __SHD () C:\Users\Dennis\AppData\Local\EmieUserList
2015-04-27 19:24 - 2015-04-27 19:24 - 00000000 __SHD () C:\Users\Dennis\AppData\Local\EmieSiteList
2015-04-27 19:24 - 2015-04-27 19:24 - 00000000 __SHD () C:\Users\Dennis\AppData\Local\EmieBrowserModeList
2015-04-27 19:23 - 2015-04-27 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-04-27 09:53 - 2015-04-27 09:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-12 12:59 - 2012-09-29 11:20 - 00000000 ____D () C:\Users\Dennis
2015-05-12 12:59 - 2012-04-28 12:07 - 01806679 _____ () C:\Windows\WindowsUpdate.log
2015-05-12 12:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-12 12:54 - 2009-07-14 06:51 - 00079333 _____ () C:\Windows\setupact.log
2015-05-12 12:31 - 2012-03-30 09:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-12 09:56 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-12 09:56 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-11 20:56 - 2012-04-28 21:49 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2015-05-11 20:56 - 2012-04-28 21:49 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2015-05-11 20:56 - 2009-07-14 07:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-11 11:20 - 2015-01-14 19:13 - 00000000 ____D () C:\Users\Dennis\Documents\Citavi 4
2015-05-07 17:54 - 2015-01-14 19:13 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Swiss Academic Software
2015-05-05 11:06 - 2014-09-08 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-05 11:04 - 2014-09-08 18:56 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 11:04 - 2014-09-08 18:56 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-04 10:43 - 2012-09-29 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2015-04-29 22:45 - 2012-03-30 08:48 - 00000000 ____D () C:\ProgramData\Skype
2015-04-29 14:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-28 09:12 - 2012-09-29 12:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-27 19:23 - 2014-01-18 18:24 - 00000000 ____D () C:\ProgramData\Cisco
2015-04-27 19:23 - 2014-01-18 18:24 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-04-20 19:51 - 2012-10-11 10:33 - 00000000 ____D () C:\Users\Dennis\Desktop\Dennis ***********
2015-04-18 19:36 - 2013-08-20 20:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-18 19:25 - 2012-10-30 11:48 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-17 11:32 - 2012-03-30 09:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-17 11:32 - 2012-03-30 09:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-17 11:32 - 2012-03-30 09:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 13:25 - 2013-04-16 20:58 - 00000000 ____D () C:\Users\Dennis\Desktop\Jemöös

==================== Files in the root of some directories =======

2013-08-23 16:12 - 2013-08-23 16:12 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Dennis\AppData\Local\Temp\APNSetup.exe
C:\Users\Dennis\AppData\Local\Temp\avgnt.exe
C:\Users\Dennis\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Dennis\AppData\Local\Temp\GdiPlus.dll
C:\Users\Dennis\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\Dennis\AppData\Local\Temp\install_flashplayer11x32au_mssd_aaa_aih.exe
C:\Users\Dennis\AppData\Local\Temp\install_flashplayer11x32_mssd_aih(1).exe
C:\Users\Dennis\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\Dennis\AppData\Local\Temp\install_flashplayer11x32_mssd_aih_1.exe
C:\Users\Dennis\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Dennis\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Dennis\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Dennis\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Dennis\AppData\Local\Temp\neoNCSetup64.exe
C:\Users\Dennis\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\Dennis\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Dennis\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 11:18

==================== End Of Log ============================

Und hier Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Dennis at 2015-05-12 13:05:55
Running from C:\Users\Dennis\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3906071262-4254700570-2007420806-500 - Administrator - Disabled)
Dennis (S-1-5-21-3906071262-4254700570-2007420806-1001 - Administrator - Enabled) => C:\Users\Dennis
Gast (S-1-5-21-3906071262-4254700570-2007420806-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3906071262-4254700570-2007420806-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2624.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2624.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.1107.1418 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.5.42.69774 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.42.69774 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{029CA27F-8D5C-AC3C-319B-FA50664CE9F9}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.06073 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.06073 - Cisco Systems, Inc.) Hidden
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 10.6.8.1_WHQL (HKLM\...\Elantech) (Version: 10.6.8.1 - ELAN Microelectronic Corp.)
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.1.2 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
HP Officejet 4620 series - Grundlegende Software für das Gerät (HKLM\...\{B16F9E6E-1388-472C-98C3-F32D397EF85D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Hilfe (HKLM-x32\...\{72EDA2AC-2908-4BB3-97E5-4F9DDEBF9731}) (Version: 6.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.1 - IBM Corp)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Juniper Networks Network Connect 7.4.0 (HKLM-x32\...\Juniper Network Connect 7.4.0) (Version: 7.4.0.30667 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-3906071262-4254700570-2007420806-1001\...\Juniper_Setup_Client) (Version: 7.4.9.45013 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Acer Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.6-I003  (HKLM\...\OpenVPN) (Version: 2.3.6-I003 - )
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.0 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6581 - Realtek Semiconductor Corp.)
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1C01}) (Version: 12.28.1.169 - APN, LLC) <==== ATTENTION
Shopping App by Ask (HKLM-x32\...\{4F524A2D-5354-2D53-5045-A758B70C1C01}) (Version: 12.28.1.170 - APN, LLC)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skip-Bo - Castaway Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Studie zur Verbesserung von HP Officejet 4620 series Produkten (HKLM\...\{ABBC6F00-E9C9-4B1E-B046-8FFD7BA3A456}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Tradewinds Legends (x32 Version: 2.2.0.95 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

18-04-2015 19:25:05 Windows Update
29-04-2015 14:01:38 Geplanter Prüfpunkt
29-04-2015 22:44:22 Windows Update
05-05-2015 13:46:21 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09A39150-F1B5-418C-99DD-1745E1601CA2} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: {5E85ECB5-2BE5-46D1-939C-8B7BC6505713} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {63BFC99D-2DC6-465D-AFBC-1F282A265D95} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {63D006ED-C349-40B8-B843-0C467E0D8E67} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {824239F4-5CE9-4BE6-823E-C7BD97B35D6B} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {AE57F148-430D-44B9-84FC-D4074773E4BC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {BABCF2B8-2170-4621-9293-1C7B508D2A6C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {D01BC184-688F-4E10-8895-4259BD72099D} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {D690E73A-7FAD-491D-B738-E858A2A0A4F5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {EBE23BE5-9D62-4BD8-A1ED-7B56166EA363} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2009-01-22 01:45 - 2009-01-22 01:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2014-11-19 17:36 - 2014-11-19 17:36 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3906071262-4254700570-2007420806-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{6A330F0B-ED4F-451D-BD44-FB196A8AE224}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{399A0002-E05B-4D0F-9299-A58B0427C6BE}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7F24FDD8-53D3-4E9B-8928-7CD1D85B2543}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{5956D57B-B465-481A-93D8-E11313CD2B66}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3A40C42A-FA7D-4709-B0BE-E917BB00CF0F}] => (Allow) LPort=2869
FirewallRules: [{CDF636E4-7EF6-4F07-94EE-213E966F7863}] => (Allow) LPort=1900
FirewallRules: [{A2ED00FB-DA9C-4887-9399-D42AD2AE9DA1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{0FF2CDFA-C832-4301-A29C-CF79A5CF06C5}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\VC.exe
FirewallRules: [{649244A4-B941-4115-8A57-562C7498428D}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
FirewallRules: [{761C2DD0-25CD-4D4B-879E-CAE12DA2566C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{E472670A-A667-4543-AB6A-FB993952FBAA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1061CFC5-2D2A-445A-85C6-6CB03497DB99}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5088ADF8-5EF1-4776-B72E-BDC0601EF53C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{63A1AAE3-8E5A-4AC1-94C8-24606570BE0C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E2E4DA79-DBCB-4768-8B5A-F0394947F102}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{683B3307-983E-496D-8FBD-26AB9E057625}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{B9AB6FD2-F367-4B6A-885D-044E76AF0B37}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{04D0F0BF-4644-4794-AABF-CC18DF066562}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{CDFB0A4C-39FC-4D90-8767-44DA9C5A2FC0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{6E746893-2905-4842-9531-656EBB24447E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B863845A-888D-4818-9B20-7F56739A8E8B}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\FaxApplications.exe
FirewallRules: [{8CB45F6C-F1B9-44D8-9D0F-FE114BED48AC}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\DigitalWizards.exe
FirewallRules: [{50FC4C13-115C-489A-A0C2-88A8F0E24031}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\SendAFax.exe
FirewallRules: [{244562D7-F831-4B25-982D-7D5B774660BC}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\DeviceSetup.exe
FirewallRules: [{E8AE8666-E7FB-4B12-AEA4-6C2CD3E79F24}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{7077FEA5-C4F8-44A2-88D0-71D1E29EACEC}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{519EC5A1-01E3-4190-A6A3-E5164422324E}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{F7EE9E22-B40C-4661-8D8E-6895242B9B53}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5627CA1C-1660-4C3E-9314-D7A449DAB5E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5FA93AEC-E45D-4F40-AFBB-343EC0619F11}C:\program files\ibm\spss\statistics\22\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\22\stats.exe
FirewallRules: [UDP Query User{E200B8BD-8D0C-4932-BC29-7859868D5187}C:\program files\ibm\spss\statistics\22\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\22\stats.exe
FirewallRules: [TCP Query User{573B46BD-5131-407A-B3BA-555FAC2CE101}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{5380B983-5588-44B0-BF10-463F4CEB9F27}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2015 00:55:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2015 00:50:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 15.0.10.430 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 182c

Startzeit: 01d08c9d883aa1ae

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 7882071a-f894-11e4-b8c8-a7db53d490af

Error: (05/12/2015 11:16:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/12/2015 10:49:13 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/12/2015 10:27:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/12/2015 09:49:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2015 11:10:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/08/2015 03:18:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/08/2015 00:45:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/08/2015 10:03:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/12/2015 00:56:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
mfewfpk

Error: (05/12/2015 00:55:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (05/12/2015 09:48:46 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
mfewfpk

Error: (05/11/2015 11:09:56 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
mfewfpk

Error: (05/08/2015 06:24:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.

Error: (05/08/2015 06:24:07 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.

Error: (05/08/2015 06:24:07 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.

Error: (05/08/2015 06:24:06 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.

Error: (05/08/2015 05:05:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

Error: (05/08/2015 05:05:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.


Microsoft Office Sessions:
=========================
Error: (05/12/2015 00:55:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2015 00:50:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe15.0.10.430182c01d08c9d883aa1ae60000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe7882071a-f894-11e4-b8c8-a7db53d490af

Error: (05/12/2015 11:16:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe

Error: (05/12/2015 10:49:13 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe

Error: (05/12/2015 10:27:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe

Error: (05/12/2015 09:49:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2015 11:10:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/08/2015 03:18:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe

Error: (05/08/2015 00:45:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe

Error: (05/08/2015 10:03:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: AMD C-60 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 37%
Total physical RAM: 3817.37 MB
Available physical RAM: 2367.73 MB
Total Pagefile: 7632.92 MB
Available Pagefile: 5902.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:322.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DEC65B9A)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Themen zu PDF aus falscher DHL-Mail geöffnet - Infektion?
adware, antivir, antivirus, bonjour, browser, fehler, firefox, flash player, home, homepage, installation, launch, mozilla, netzwerk, newtab, officejet, programm, realtek, registry, required, rundll, scan, security, siteadvisor, software, svchost.exe, system, udp, windows


« Trojan-Downloader.Win32.Upatre.tbz | Adware geht nicht mehr weg »


Ähnliche Themen: PDF aus falscher DHL-Mail geöffnet - Infektion?


  1. Wahrscheinliche infektion mit Trojaner, Information durch e-mail von t-online
    Log-Analyse und Auswertung - 12.08.2015 (19)
  2. Telekom Adbuse-Mail: Infektion APT?
    Log-Analyse und Auswertung - 06.07.2015 (2)
  3. DHL Mail geöffnet
    Alles rund um Mac OSX & Linux - 12.06.2015 (9)
  4. DHL Mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 21.03.2015 (13)
  5. Ups e-mail geöffnet
    Log-Analyse und Auswertung - 08.03.2015 (5)
  6. Anhang von falscher Zalando-Email geöffnet, Virus oder Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 18.11.2014 (11)
  7. Android: ELSTER-Spam-Mail geöffnet (angebliche Mail v. Finanzamt)
    Plagegeister aller Art und deren Bekämpfung - 24.09.2014 (3)
  8. ELSTER Spam-Mail geöffnet (angebliche Mail v. Finanzamt)
    Smartphone, Tablet & Handy Security - 23.09.2014 (5)
  9. zip Datei Anhang von falscher telecom Rechnung geöffnet, Avira findet keinen Virus, ist dann alles in Ordnung?
    Log-Analyse und Auswertung - 17.06.2014 (11)
  10. Datei in falscher Telekom-Rechnung geöffnet - Avir findet Trojaner
    Plagegeister aller Art und deren Bekämpfung - 14.06.2014 (9)
  11. mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 13.06.2014 (11)
  12. E-Mail von Media Center GmbH - Abo 39€ - E-Mail, nicht Anhang geöffnet, Antivirenprogramm meldet sich.
    Plagegeister aller Art und deren Bekämpfung - 24.04.2014 (5)
  13. Dateianhang geöffnet :( Infektion?
    Plagegeister aller Art und deren Bekämpfung - 07.02.2014 (9)
  14. .exe aus Mail geöffnet
    Log-Analyse und Auswertung - 17.11.2013 (10)
  15. Warnung vor falscher PayPal Mail
    Antiviren-, Firewall- und andere Schutzprogramme - 28.06.2013 (1)
  16. Trojaner nach falscher Deutsche-Post e-mail.
    Log-Analyse und Auswertung - 13.06.2012 (1)
  17. falscher google link wird geöffnet, bitte log auswerten
    Log-Analyse und Auswertung - 09.09.2008 (13)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PDF aus falscher DHL-Mail geöffnet - Infektion? - Hallo zusammen, ich bin einer der Vielen, die eine falsche DHL-Paketankündigung bekommen haben. In einem völlig unkonzentrierten Augenblick hab ich leider das PDF im Anhang der Mail geöffnet und dann - PDF aus falscher DHL-Mail geöffnet - Infektion?...
Archiv
Du betrachtest: PDF aus falscher DHL-Mail geöffnet - Infektion? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27