Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
windows 7 komplettüberholung

windows 7 komplettüberholung


Plagegeister aller Art und deren Bekämpfung: windows 7 komplettüberholung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.11.2013, 16:45   #1
joko355
 
windows 7 komplettüberholung - Standard

windows 7 komplettüberholung


Hier sind die Log-Files:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013
Ran by Jakob (administrator) on JAKOB-PC on 15-11-2013 16:33:02
Running from C:\Users\Jakob\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(O2Micro International) C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\SweetIM.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATIHTU.EXE
(Google Inc.) C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\SocialSafe\SocialSafe files\native-helpers\SocialSafe.Helper.exe
(Google Inc.) C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Google Inc.) C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM\...\Run: [SweetIM] - C:\Program Files\SweetIM\Messenger\SweetIM.exe [114992 2011-12-05] (SweetIM Technologies Ltd.)
HKLM\...\Run: [LG Intelligent Update] - C:\Program Files\lg_swupdate\GiljabiStart.exe [251184 2012-08-26] (BIT LEADER)
HKLM\...\Run: [Nikon Message Center 2] - C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [BlueStacks Agent] - C:\Program Files\BlueStacks\HD-Agent.exe [601928 2013-07-17] (BlueStack Systems, Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-17] (Google Inc.)
HKCU\...\Run: [Userinit] - C:\Users\Jakob\AppData\Roaming\appconf32.exe [50640 2008-12-09] ()
HKCU\...\Run: [Facebook Update] - C:\Users\Jakob\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-13] (Facebook Inc.)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\System32\spool\drivers\w32x86\3\E_TATIHTU.EXE [219008 2011-04-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [48673A71F032C83FD6D65F46E613C50B444BA859._service_run] - C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [KSS] - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202296 2012-04-25] (Kaspersky Lab ZAO)
HKCU\...\Run: [SocialSafe.Helper] - C:\Program Files\SocialSafe\SocialSafe files\native-helpers\SocialSafe.Helper.exe [15360 2013-07-04] ()
HKCU\...\Run: [GoogleChromeAutoLaunch_0FA11CA23544AA882AAEF034CE5E0F0D] - C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
Startup: C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk -> C:\Users\Jakob\AppData\Roaming\BrowserCompanion\tbhcn.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x174B7D887E74CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.youtube.com/?gl=DE&hl=de
hxxp://www.google.de/
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - (No Name) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} -  No File
URLSearchHook: HKCU - (No Name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} -  No File
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=4.0007002"
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=4.0007002"
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=17350&babsrc=SP_ss&mntrId=7ca6f8940000000000000019dbeb8d08
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=17350&babsrc=SP_ss&mntrId=7ca6f8940000000000000019dbeb8d08
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE449
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://www.bigseekpro.com/search/browser/pivotstickfigure/{E71AD82D-3313-4827-A01B-A66E6F604CB8}?q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb106/?search={searchTerms}&loc=IB_DS&a=6PQjk2xZ65&i=26
SearchScopes: HKCU - {D5FA8FF0-9C4F-41A5-8BBE-BF0D6A94BFBF} URL = hxxp://de.search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20111042,16987,0,8,0
SearchScopes: HKCU - {D894115B-0879-4E13-BE1C-5C58EE454969} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000SSDE&apn_uid=202793FD-53B2-41C4-8242-80CB38D85878&apn_sauid=50EA5042-5D96-43C9-9309-8ABEF1014A38
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=4.0007002"
BHO: Browser Companion Helper - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll ( )
BHO: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.5.3\PriceGongIE.dll (PriceGong)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll ( )
BHO: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} -  No File
Toolbar: HKLM - SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\h4lwm88v.default
FF user.js: detected! => C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\h4lwm88v.default\user.js
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Users\Jakob\Downloads\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Jakob\AppData\Local\Roblox\Versions\version-97c0e76356f746a6\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jakob\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Jakob\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Jakob\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Jakob\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jakob\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jakob\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Jakob\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [crossriderapp1950@crossrider.com] - C:\Users\Jakob\AppData\Local\RewardsArcadeSuite\1950\Firefox
FF Extension: RewardsArcade Suite - C:\Users\Jakob\AppData\Local\RewardsArcadeSuite\1950\Firefox
FF HKCU\...\Firefox\Extensions: [{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] - C:\Program Files\PriceGong\2.5.3\FF
FF Extension: PriceGong - C:\Program Files\PriceGong\2.5.3\FF

Chrome: 
=======
CHR RestoreOnStartup: "https://www.facebook.com/", "https://www.google.com/", "hxxp://www.youtube.com/"
CHR DefaultSearchURL: (Google) - hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE449
CHR DefaultSuggestURL: (Google) -       "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Users\Jakob\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Jakob\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jakob\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Media Go Detector) - C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Jakob\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Jakob\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\Jakob\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Jakob\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Jakob\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Jakob\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Picasa) - C:\Users\Jakob\Downloads\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
CHR Extension: (Google Docs) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Doodle God 2) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\bimbgfgldkfaikjoemccnihllhbdodce\2.3.1_1
CHR Extension: (YouTube) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Little Alchemy) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.15.7_1
CHR Extension: (Google Wallet) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files\PriceGong\2.5.3\pricegong.crx
CHR HKLM\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files\BrowserCompanion\blabbers-ch.crx
CHR HKLM\...\Chrome\Extension: [ielefkgbofdpglioecfjcbikholflklb] - C:\Users\Jakob\AppData\Local\RewardsArcadeSuite\1950\Chrome\rewardsarcade-suite.crx

========================== Services (Whitelisted) =================

S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-07-17] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-07-17] (BlueStack Systems, Inc.)
R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [130944 2011-04-24] (SEIKO EPSON CORPORATION)
R2 KSS; C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202296 2012-04-25] (Kaspersky Lab ZAO)
R2 o2flash; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [65536 2007-02-12] (O2Micro International)

==================== Drivers (Whitelisted) ====================

R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-07-17] (BlueStack Systems)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2013-02-18] (Phoenix Technologies)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-15 16:33 - 2013-11-15 16:37 - 00019217 _____ C:\Users\Jakob\Downloads\FRST.txt
2013-11-15 16:32 - 2013-11-15 16:32 - 00000000 ____D C:\FRST
2013-11-15 16:31 - 2013-11-15 16:31 - 01090529 _____ (Farbar) C:\Users\Jakob\Downloads\FRST.exe
2013-11-14 16:47 - 2013-11-14 16:47 - 00050477 _____ C:\Users\Jakob\Downloads\Defogger.exe
2013-11-14 16:22 - 2013-11-14 16:22 - 00001013 _____ C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-11-14 16:22 - 2013-11-14 16:22 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-11-14 16:22 - 2013-05-13 14:24 - 00000214 _____ C:\Users\Public\Desktop\LionSea Software.url
2013-11-14 16:20 - 2013-11-14 16:21 - 04285072 _____ (LionSea Software                                            ) C:\Users\Jakob\Downloads\setup.exe
2013-11-03 14:50 - 2013-11-03 14:50 - 00000000 ____D C:\Users\Jakob\Documents\ROBLOX
2013-11-02 20:38 - 2013-11-02 20:38 - 00000000 ____D C:\Users\Jakob\Documents\DIE SIEDLER - DEdK
2013-11-02 19:17 - 2013-11-02 19:17 - 00002463 _____ C:\Users\Public\Desktop\DIE SIEDLER - Das Erbe der Könige.lnk
2013-11-02 19:13 - 2013-11-02 19:13 - 00000000 ____D C:\Program Files\Ubisoft
2013-11-02 16:17 - 2013-11-02 16:17 - 00001198 _____ C:\Windows\PFRO.log
2013-11-01 19:19 - 2013-11-01 19:19 - 00000000 ____D C:\Users\Jakob\Documents\PC Speed Maximizer
2013-11-01 19:16 - 2013-11-01 19:16 - 00000000 ____D C:\ProgramData\APN
2013-11-01 19:16 - 2013-11-01 19:16 - 00000000 ____D C:\FFOutput
2013-11-01 19:16 - 2013-06-06 21:41 - 00489392 _____ (Ask Partner Network) C:\Users\Jakob\Documents\APNSetup1.exe
2013-11-01 19:15 - 2013-11-14 16:15 - 00000288 _____ C:\Windows\Tasks\FoxTab.job
2013-11-01 19:15 - 2013-11-02 11:20 - 00000000 ____D C:\Program Files\BonanzaDealsLive
2013-11-01 19:15 - 2013-11-02 10:52 - 00000000 ____D C:\Program Files\FreeTime
2013-11-01 19:15 - 2013-11-01 19:15 - 00000000 ____D C:\Users\Jakob\AppData\Roaming\FoxTab
2013-11-01 19:15 - 2013-11-01 19:15 - 00000000 ____D C:\Users\Jakob\AppData\Local\BonanzaDealsLive
2013-11-01 19:15 - 2013-11-01 19:15 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-11-01 19:14 - 2013-11-02 10:52 - 00000000 ____D C:\Program Files\BonanzaDeals
2013-11-01 19:14 - 2013-11-01 19:13 - 52657859 _____ C:\Users\Jakob\Downloads\ffactory3_install [1].exe
2013-11-01 19:13 - 2013-11-01 19:13 - 00596568 _____ C:\Users\Jakob\Downloads\ffactory3_install.exe
2013-10-30 11:42 - 2013-10-31 16:15 - 00001348 _____ C:\Users\Jakob\Desktop\ROBLOX Player.lnk
2013-10-30 11:41 - 2013-11-03 11:24 - 00001360 _____ C:\Users\Jakob\Desktop\ROBLOX Studio 2013.lnk
2013-10-30 11:41 - 2013-11-03 11:24 - 00000000 ____D C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2013-10-30 11:41 - 2013-10-30 11:41 - 00542576 _____ (ROBLOX Corporation) C:\Users\Jakob\Downloads\RobloxPlayerLauncher.exe
2013-10-30 11:35 - 2013-11-15 16:25 - 00001568 _____ C:\Windows\setupact.log
2013-10-30 11:35 - 2013-10-30 11:35 - 00410576 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-30 11:35 - 2013-10-30 11:35 - 00000000 _____ C:\Windows\setuperr.log
2013-10-28 18:46 - 2013-10-28 18:46 - 00112864 _____ C:\Users\Jakob\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-28 18:45 - 2013-10-28 18:45 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-28 18:43 - 2013-10-28 18:44 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-10-28 18:43 - 2013-10-28 18:44 - 00000000 ____D C:\Program Files\iTunes
2013-10-28 18:43 - 2013-10-28 18:43 - 00000000 ____D C:\Program Files\iPod
2013-10-19 15:10 - 2013-10-19 15:10 - 00000000 ____D C:\Users\Jakob\Documents\Fax
2013-10-19 11:59 - 2013-10-19 11:59 - 00290994 _____ C:\Users\Jakob\Documents\kjgkljh.odg

==================== One Month Modified Files and Folders =======

2013-11-15 16:37 - 2013-11-15 16:33 - 00019217 _____ C:\Users\Jakob\Downloads\FRST.txt
2013-11-15 16:37 - 2013-07-23 14:24 - 19541590 _____ C:\Users\Jakob\AppData\Local\SocialSafe-Helper.log
2013-11-15 16:37 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-15 16:37 - 2009-07-14 05:34 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-15 16:32 - 2013-11-15 16:32 - 00000000 ____D C:\FRST
2013-11-15 16:31 - 2013-11-15 16:31 - 01090529 _____ (Farbar) C:\Users\Jakob\Downloads\FRST.exe
2013-11-15 16:30 - 2011-09-16 13:49 - 01945502 _____ C:\Windows\WindowsUpdate.log
2013-11-15 16:27 - 2012-05-23 15:17 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000UA.job
2013-11-15 16:27 - 2012-05-23 15:17 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000Core.job
2013-11-15 16:27 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-11-15 16:26 - 2012-03-19 16:58 - 00000378 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2013-11-15 16:26 - 2011-09-16 16:01 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-15 16:25 - 2013-10-30 11:35 - 00001568 _____ C:\Windows\setupact.log
2013-11-15 16:25 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-14 17:03 - 2011-11-22 15:44 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000UA.job
2013-11-14 17:03 - 2011-09-16 16:01 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-14 16:59 - 2013-02-18 16:16 - 00007605 _____ C:\Users\Jakob\AppData\Local\resmon.resmoncfg
2013-11-14 16:47 - 2013-11-14 16:47 - 00050477 _____ C:\Users\Jakob\Downloads\Defogger.exe
2013-11-14 16:47 - 2013-09-08 07:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-14 16:22 - 2013-11-14 16:22 - 00001013 _____ C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-11-14 16:22 - 2013-11-14 16:22 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-11-14 16:21 - 2013-11-14 16:20 - 04285072 _____ (LionSea Software                                            ) C:\Users\Jakob\Downloads\setup.exe
2013-11-14 16:15 - 2013-11-01 19:15 - 00000288 _____ C:\Windows\Tasks\FoxTab.job
2013-11-10 19:04 - 2013-04-22 14:16 - 00000000 ____D C:\Users\Jakob\AppData\Roaming\Mozilla
2013-11-03 14:50 - 2013-11-03 14:50 - 00000000 ____D C:\Users\Jakob\Documents\ROBLOX
2013-11-03 11:24 - 2013-10-30 11:41 - 00001360 _____ C:\Users\Jakob\Desktop\ROBLOX Studio 2013.lnk
2013-11-03 11:24 - 2013-10-30 11:41 - 00000000 ____D C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2013-11-03 11:11 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-11-02 20:38 - 2013-11-02 20:38 - 00000000 ____D C:\Users\Jakob\Documents\DIE SIEDLER - DEdK
2013-11-02 19:17 - 2013-11-02 19:17 - 00002463 _____ C:\Users\Public\Desktop\DIE SIEDLER - Das Erbe der Könige.lnk
2013-11-02 19:14 - 2012-08-26 16:28 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-02 19:13 - 2013-11-02 19:13 - 00000000 ____D C:\Program Files\Ubisoft
2013-11-02 19:13 - 2012-08-26 16:28 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-11-02 16:17 - 2013-11-02 16:17 - 00001198 _____ C:\Windows\PFRO.log
2013-11-02 12:03 - 2011-11-22 15:44 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000Core.job
2013-11-02 11:20 - 2013-11-01 19:15 - 00000000 ____D C:\Program Files\BonanzaDealsLive
2013-11-02 10:52 - 2013-11-01 19:15 - 00000000 ____D C:\Program Files\FreeTime
2013-11-02 10:52 - 2013-11-01 19:14 - 00000000 ____D C:\Program Files\BonanzaDeals
2013-11-01 19:19 - 2013-11-01 19:19 - 00000000 ____D C:\Users\Jakob\Documents\PC Speed Maximizer
2013-11-01 19:16 - 2013-11-01 19:16 - 00000000 ____D C:\ProgramData\APN
2013-11-01 19:16 - 2013-11-01 19:16 - 00000000 ____D C:\FFOutput
2013-11-01 19:15 - 2013-11-01 19:15 - 00000000 ____D C:\Users\Jakob\AppData\Roaming\FoxTab
2013-11-01 19:15 - 2013-11-01 19:15 - 00000000 ____D C:\Users\Jakob\AppData\Local\BonanzaDealsLive
2013-11-01 19:15 - 2013-11-01 19:15 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-11-01 19:13 - 2013-11-01 19:14 - 52657859 _____ C:\Users\Jakob\Downloads\ffactory3_install [1].exe
2013-11-01 19:13 - 2013-11-01 19:13 - 00596568 _____ C:\Users\Jakob\Downloads\ffactory3_install.exe
2013-11-01 19:05 - 2011-09-16 15:03 - 00000000 ____D C:\Users\Jakob
2013-11-01 12:39 - 2011-09-16 15:05 - 01527740 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-31 16:15 - 2013-10-30 11:42 - 00001348 _____ C:\Users\Jakob\Desktop\ROBLOX Player.lnk
2013-10-30 12:15 - 2011-09-18 13:21 - 00000000 ____D C:\Users\Jakob\AppData\Local\Roblox
2013-10-30 11:41 - 2013-10-30 11:41 - 00542576 _____ (ROBLOX Corporation) C:\Users\Jakob\Downloads\RobloxPlayerLauncher.exe
2013-10-30 11:35 - 2013-10-30 11:35 - 00410576 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-30 11:35 - 2013-10-30 11:35 - 00000000 _____ C:\Windows\setuperr.log
2013-10-28 18:46 - 2013-10-28 18:46 - 00112864 _____ C:\Users\Jakob\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-28 18:45 - 2013-10-28 18:45 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-28 18:44 - 2013-10-28 18:43 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-10-28 18:44 - 2013-10-28 18:43 - 00000000 ____D C:\Program Files\iTunes
2013-10-28 18:43 - 2013-10-28 18:43 - 00000000 ____D C:\Program Files\iPod
2013-10-28 18:43 - 2013-02-21 17:59 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-10-19 15:10 - 2013-10-19 15:10 - 00000000 ____D C:\Users\Jakob\Documents\Fax
2013-10-19 11:59 - 2013-10-19 11:59 - 00290994 _____ C:\Users\Jakob\Documents\kjgkljh.odg
2013-10-19 11:13 - 2013-09-22 13:14 - 00002364 _____ C:\Users\Jakob\Desktop\Google Chrome.lnk

Files to move or delete:
====================
C:\ProgramData\l_u0_0.pad
C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLeu.DAT
C:\ProgramData\PKP_DLev.DAT


Some content of TEMP:
====================
C:\Users\Jakob\AppData\Local\Temp\1095uninstall.exe
C:\Users\Jakob\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Jakob\AppData\Local\Temp\setup.exe
C:\Users\Jakob\AppData\Local\Temp\Sqlite3.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-13 18:50

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-11-2013
Ran by Jakob at 2013-11-15 16:38:19
Running from C:\Users\Jakob\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Download Assistant (Version: 1.2)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.169)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Artweaver Free 3.0 (Version: 3.0)
Ask Toolbar (Version: 1.14.1.0)
Ask Toolbar Updater (HKCU Version: 1.2.0.20007)
Auslogics Disk Defrag (Version: 3.6)
BlueStacks App Player (Version: 0.7.16.910)
BlueStacks Notification Center (Version: 0.7.16.910)
Bonjour (Version: 3.0.0.10)
BrowserCompanion
CCleaner (Version: 4.04)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
DIE SIEDLER - Das Erbe der Könige (Version: 1.00.0000)
DriverAgent by eSupport.com
EPSON BX535WD Series Printer Uninstall
EVEREST Home Edition v2.20 (Version: 2.20)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
File Type Assistant
Free File Viewer 2011
Google Chrome (HKCU Version: 30.0.1599.101)
Google Talk Plugin (Version: 4.9.1.16010)
Google Update Helper (Version: 1.3.21.165)
iTunes (Version: 11.1.2.32)
Java Auto Updater (Version: 2.0.6.1)
Java(TM) 6 Update 22 (Version: 6.0.220)
Java(TM) 6 Update 29 (Version: 6.0.290)
Kaspersky Security Scan (Version: 12.0.1.117)
LG Intelligent Update (Version: 3.02.0717.01)
LG Smart Cam (Version: 1.0007.0818.01)
LG USB Modem driver
Macromedia Shockwave Player
Media Go (Version: 2.5.290)
Media Go Video Playback Engine 1.120.102.05010 (Version: 1.120.102.05010)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works Suite-Add-Ins für Microsoft Word (Version: 8.0.0.0000)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MotoHelper MergeModules (Version: 1.2.0)
Mozilla Firefox 20.0.1 (x86 de) (Version: 20.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nikon Message Center 2 (Version: 2.1.0)
O2Micro Flash Memory Card Reader Driver Installer(x86) (Version: 3.09)
OpenOffice.org 3.3 (Version: 3.3.9567)
PhotoFiltre 7
Picasa 3 (Version: 3.9)
Picture Control Utility (Version: 1.4.4)
PlayStation(R)Store (Version: 4.16.2.15545)
PriceGong 2.5.3 (Version: 2.5.3)
RewardsArcadeSuite
ROBLOX Player for Jakob
ROBLOX Studio 2013 for Jakob
Setup-Start von Microsoft Works Suite 2006
Short Movie Creator (Version: 1.2.0)
Skype™ 6.3 (Version: 6.3.105)
SmartPCFixer 4.2 (Version: 4.2)
SocialSafe (Version: 6.5.6)
SweetIM for Messenger 3.6 (Version: 3.6.0003)
SweetIM Toolbar for Internet Explorer 4.2 (Version: 4.2.0004)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Works Update (Version: 8.0.0.0000)

==================== Restore Points  =========================

22-09-2013 17:00:06 Windows-Sicherung
30-09-2013 15:23:40 Windows-Sicherung
07-10-2013 12:27:45 Windows-Sicherung
14-10-2013 16:47:38 Windows-Sicherung
27-10-2013 23:47:29 Windows-Sicherung
02-11-2013 18:13:54 Installiert DIE SIEDLER - Das Erbe der Könige
10-11-2013 18:00:05 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {21F71B14-783B-484A-B6A1-A483BFA739DF} - System32\Tasks\4668 => C:\Users\Jakob\AppData\Local\Temp\launchie.vbsC:\Users\Jakob\AppData\Local\Temp\launchie.vbs //B
Task: {2A4A70BC-5F85-4F1E-8197-63A8C1FD3C94} - System32\Tasks\ProgramUpdateCheck => C:\Program Files\File Type Assistant\tsassist.exe [2012-02-28] (Trusted Software ApS)
Task: {2C641F6B-5C6D-4A53-878F-D35856258C08} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000Core => C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-17] (Google Inc.)
Task: {31A2B443-4448-4557-B919-FF75F3E3BF7B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000UA => C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-17] (Google Inc.)
Task: {73FF3597-70FC-4EF4-9C30-5CFAC25915E8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000UA => C:\Users\Jakob\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {78AFDA9D-F2D2-4F44-AD1C-B4D4A19B99FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-16] (Google Inc.)
Task: {8050FE79-283A-40D7-A8A9-D0F9A2E78C75} - System32\Tasks\0 => Iexplore.exe 
Task: {882F7300-11DD-4323-8270-2F652252FFBE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000Core => C:\Users\Jakob\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {901223B4-22DE-4A35-B4C7-B2FE8216882F} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe [2011-03-11] (Bitberry Software)
Task: {A7D4D7DA-4DB4-47F3-970C-1DB6893CB723} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-16] (Google Inc.)
Task: {BD4CC980-C8B8-490E-A8C0-C1DB0122B8A4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {C4FB6EB4-7148-400E-9334-BCF372BFBA79} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2012-01-03] ()
Task: {EA24164E-A8F1-44BC-A0EE-A7BA01DB9F00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-08] (Adobe Systems Incorporated)
Task: {EC545D63-3641-415E-8F46-B902A169CF2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {FA06579A-09E3-4C8F-BFFA-01EF62319114} - System32\Tasks\FoxTab => C:\Users\Jakob\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000Core.job => C:\Users\Jakob\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000UA.job => C:\Users\Jakob\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\Jakob\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000Core.job => C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-755383823-662421271-3748031501-1000UA.job => C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-08-31 11:57 - 2012-08-31 11:57 - 00007424 _____ () C:\Users\Jakob\AppData\Roaming\BAcroIEHelpe205.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-01-17 16:19 - 2012-03-12 17:12 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2013-10-19 11:13 - 2013-10-09 01:01 - 00698832 _____ () C:\Users\Jakob\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-19 11:13 - 2013-10-09 01:01 - 00099792 _____ () C:\Users\Jakob\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll
2013-10-19 11:13 - 2013-10-09 01:02 - 04055504 _____ () C:\Users\Jakob\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-19 11:13 - 2013-10-09 01:02 - 00415184 _____ () C:\Users\Jakob\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-19 11:13 - 2013-10-09 01:01 - 01604560 _____ () C:\Users\Jakob\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2013-10-19 11:13 - 2013-10-09 01:02 - 13584336 _____ () C:\Users\Jakob\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2013 04:28:00 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 30.0.1599.101, Zeitstempel: 0x52547456
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00097c81
ID des fehlerhaften Prozesses: 0xfb0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (11/15/2013 04:25:31 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/14/2013 05:03:05 PM) (Source: MsiInstaller) (User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.

Error: (11/14/2013 04:58:29 PM) (Source: MsiInstaller) (User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.

Error: (11/14/2013 04:54:28 PM) (Source: MsiInstaller) (User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.

Error: (11/14/2013 04:49:04 PM) (Source: MsiInstaller) (User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.

Error: (11/14/2013 04:44:05 PM) (Source: MsiInstaller) (User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.

Error: (11/14/2013 04:40:37 PM) (Source: MsiInstaller) (User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.

Error: (11/14/2013 04:35:58 PM) (Source: MsiInstaller) (User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.

Error: (11/14/2013 04:27:25 PM) (Source: MsiInstaller) (User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.


System errors:
=============
Error: (11/15/2013 04:25:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (11/15/2013 04:25:18 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (11/15/2013 04:25:18 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (11/14/2013 05:04:41 PM) (Source: DCOM) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/14/2013 02:29:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (11/14/2013 02:29:00 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (11/14/2013 02:29:00 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (11/13/2013 02:38:54 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (11/13/2013 02:31:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (11/13/2013 02:31:41 PM) (Source: atikmdag) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================
Error: (11/15/2013 04:28:00 PM) (Source: Application Error)(User: )
Description: chrome.exe30.0.1599.10152547456ntdll.dll6.1.7601.1820551db96c5c000000d00097c81fb001cee21741c34bc7C:\Users\Jakob\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\SYSTEM32\ntdll.dll82708762-4e0a-11e3-ba4f-0019dbeb8d08

Error: (11/15/2013 04:25:31 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/14/2013 05:03:05 PM) (Source: MsiInstaller)(User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 04:58:29 PM) (Source: MsiInstaller)(User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 04:54:28 PM) (Source: MsiInstaller)(User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 04:49:04 PM) (Source: MsiInstaller)(User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 04:44:05 PM) (Source: MsiInstaller)(User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 04:40:37 PM) (Source: MsiInstaller)(User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 04:35:58 PM) (Source: MsiInstaller)(User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 04:27:25 PM) (Source: MsiInstaller)(User: Jakob-PC)
Description: Produkt: Ask Toolbar -- Fehler 2738. Für die benutzerdefinierte Aktion  konnte nicht auf die VBScript-Laufzeitumgebung zugegriffen werden.(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info =========================== 

Percentage of memory in use: 54%
Total physical RAM: 2047.37 MB
Available physical RAM: 937.75 MB
Total Pagefile: 4094.73 MB
Available Pagefile: 2666.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.79 GB) (Free:156.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: FA08A7E4)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Antwort

Themen zu windows 7 komplettüberholung
adware.gameplaylab, backdoor.agent.vr, cpu auslastung, java/exploit.cve-2012-0507.cu, pup.blabbers, pup.optional.babylon.a, pup.optional.bonanzadeals.a, pup.optional.browsefox.a, pup.optional.conduit.a, pup.optional.crossrider.m, pup.optional.installcore.a, pup.optional.installiq.a, pup.optional.ironpremium.ic, pup.optional.pricegong.a, pup.optional.softonic.a, pup.optional.sweetim, pup.optional.sweetim.a, pup.optional.sweetpacks, pup.soge, trojan.banker, trojan.banker.gen, win32/adware.yontoo.b, win32/spy.banker.yqr, win32/spy.banker.yun, win32/spy.banker.yzt


« Weisser Bidschirm | GUV Trojaner mit Cam löschen »


Ähnliche Themen: windows 7 komplettüberholung


  1. Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows
    Log-Analyse und Auswertung - 24.11.2015 (14)
  2. Windows 8, Windows 7, Android, Windows Phone - Websiten werden auf adfoc.us umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (7)
  3. Windows 7: Windows-Sicherheitscenter und Windows Defender funktionieren nicht mehr, Services.exe verseucht?
    Log-Analyse und Auswertung - 07.01.2014 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema windows 7 komplettüberholung - Hier sind die Log-Files: FRST Logfile: FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013 Ran by Jakob (administrator) on JAKOB-PC - windows 7 komplettüberholung...

Alle Zeitangaben in WEZ +1. Es ist jetzt 21:15 Uhr.

Kontakt - Trojaner-Board - Archiv - Datenschutzerklärung - Nach oben

Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: windows 7 komplettüberholung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131