Unbekanntes Symbol in Taskleiste

achab · 23.01.2014, 14:45

Hi Leute,

hab ein merkwürdiges Symbol, das ich weder anklicken, noch irgend woanders finden kann, in meiner Taskleiste entdeckt, ich kann nicht sagen seit wann es da ist, es ist mir eben erst aufgefallen. Nachdem ich google von unten nach oben abgesucht habe, habe ich nun das Bedenken, dass es ein Virus sein könnte.

Ich habe vor ca. einer Stunde den Virus "Nationzoom" ,wie auf der folgenden Seite beschrieben, entfernt. (hxxp://praxistipps.chip.de/nationzoom-virus-entfernen-so-gehts_20339)
Daraufhin hab ich mir den CC Cleaner und Malwarebytes Anti-Malware heruntergeladen und alles entfernt, was diese mir als schädlich angezeigt haben. Nach dem Neustart fiel mir dann das Symbol auf.

Nun zur Frage, Kennt es jemand? Bzw. Wie kann Ich herausfinden was es ist?

hxxp://img1.bildupload.com/75eef5eba71a41f7195d0d3f76455ac8.jpg <- Symbol

Hoffe jemand kann mir helfen.

Achab

schrauber · 23.01.2014, 15:16

hi,

was passiert wenn Du mit dem Mauszeiger auf das Symbol gehst, nicht klickst sondern einfach mit dem Mauszeiger drauf bleibst? Kommt ein Popup Fenster mit Text?

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

achab · 23.01.2014, 17:38

Dann passiert nichts.

Hab ich.

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-01-2014
Ran by Dominik (administrator) on DOMINIK-PC on 23-01-2014 17:32:00
Running from C:\Users\Dominik\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\ProgramData\dlprotect.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() D:\Spiele\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() D:\Spiele\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\LoLLauncher.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
HKLM\...\Run: [P2Go_Menu] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-14] (CyberLink Corp.)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13605408 2009-04-17] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [92704 2009-04-17] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [540576 2009-04-21] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2008-08-18] (ASUS)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [8392704 2009-03-04] (ASUS)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2008-09-30] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] - C:\Windows\AsScrProlog.exe [47672 2009-08-05] ()
HKLM\...\Run: [ACMON] - C:\Program Files\ASUS\Splendid\ACMON.exe [851968 2008-10-01] (ATK)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35184 2008-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Download Protect] - C:\ProgramData\dlprotect.exe [12800 2013-12-13] ()
HKCU\...\Run: [SRS Premium Sound] - C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [3405048 2009-04-07] (SRS Labs, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1387119775&from=tugs&uid=ST9320325AS_5VD0TF99XXXX5VD0TF99
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1387119775&from=tugs&uid=ST9320325AS_5VD0TF99XXXX5VD0TF99
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387119775&from=tugs&uid=ST9320325AS_5VD0TF99XXXX5VD0TF99&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1387119775&from=tugs&uid=ST9320325AS_5VD0TF99XXXX5VD0TF99&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1387119775&from=tugs&uid=ST9320325AS_5VD0TF99XXXX5VD0TF99
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387119775&from=tugs&uid=ST9320325AS_5VD0TF99XXXX5VD0TF99&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387119775&from=tugs&uid=ST9320325AS_5VD0TF99XXXX5VD0TF99&q={searchTerms}
SearchScopes: HKLM - {49810F71-3CD9-4577-9482-BAB5435DDE98} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317893&CUI=UN31446083721415328&UM=2
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR HomePage: hxxp://www.nationzoom.com/?type=hp&ts=1387119775&from=tugs&uid=ST9320325AS_5VD0TF99XXXX5VD0TF99
CHR Extension: (Extended Protection) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2013-12-15]
CHR Extension: (Adblock Plus) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-23]
CHR Extension: (Google Wallet) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-12-15]
CHR HKLM\...\Chrome\Extension: [jbaaieplnliapedmcbfgfijinolepige] - C:\Users\Dominik\AppData\Local\CRE\jbaaieplnliapedmcbfgfijinolepige.crx [2013-12-11]
CHR HKCU\...\Chrome\Extension: [jbaaieplnliapedmcbfgfijinolepige] - C:\Users\Dominik\AppData\Local\CRE\jbaaieplnliapedmcbfgfijinolepige.crx [2013-12-11]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-22] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-14] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 SRS_VolSync_Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [70880 2009-04-07] (SRS Labs, Inc.)
S2 Update Storimbo; "C:\Program Files\Storimbo\updateStorimbo.exe" [x]
S2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe -service [x]

==================== Drivers (Whitelisted) ====================

R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-22] (Avira Operations GmbH & Co. KG)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [90112 2009-04-21] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2008-11-03] ( )
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2008-12-24] (ATK0100)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1752704 2008-08-11] ()
R3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_i386.sys [233128 2009-04-01] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-22] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [x]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S1 SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS [x]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-23 17:32 - 2014-01-23 17:32 - 00013202 _____ C:\Users\Dominik\Downloads\FRST.txt
2014-01-23 17:31 - 2014-01-23 17:31 - 00000000 ____D C:\FRST
2014-01-23 17:30 - 2014-01-23 17:31 - 01222144 _____ (Farbar) C:\Users\Dominik\Downloads\FRST.exe
2014-01-23 15:07 - 2014-01-23 15:07 - 00602856 _____ C:\Users\Dominik\Downloads\GIMP_Setup_Download.exe
2014-01-23 15:07 - 2014-01-23 15:07 - 00482736 _____ C:\Users\Dominik\Downloads\Setup_V2.exe
2014-01-23 15:07 - 2014-01-23 15:07 - 00000000 ____D C:\Users\Dominik\Documents\Optimizer Pro
2014-01-23 14:53 - 2014-01-23 14:53 - 00000108 _____ C:\Users\Dominik\Desktop\Unbekanntes Symbol in Taskleiste - Trojaner-Board.url
2014-01-23 14:18 - 2014-01-23 14:18 - 00100432 _____ C:\Users\Dominik\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-23 14:16 - 2014-01-23 14:17 - 00372096 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-23 14:16 - 2014-01-23 14:16 - 00008720 _____ C:\Windows\PFRO.log
2014-01-23 14:04 - 2014-01-23 14:04 - 00021864 _____ C:\Users\Dominik\Documents\cc_20140123_140423.reg
2014-01-23 14:02 - 2014-01-23 14:02 - 00000000 ____D C:\Program Files\CCleaner
2014-01-23 14:00 - 2014-01-23 14:00 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Malwarebytes
2014-01-23 14:00 - 2014-01-23 14:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-23 13:58 - 2014-01-23 14:00 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Dominik\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-23 13:58 - 2014-01-23 13:59 - 03571656 _____ (Piriform Ltd) C:\Users\Dominik\Downloads\ccsetup409_slim.exe
2014-01-23 12:20 - 2014-01-23 13:38 - 1140326507 _____ (Igor Pavlov) C:\Users\Dominik\Downloads\Forsaken_Client_v3.exe
2014-01-22 21:44 - 2014-01-22 21:44 - 00000101 _____ C:\Users\Dominik\Desktop\→ Hotel Paris 17e - Hotel Abrial - Site Officiel.url
2014-01-22 21:44 - 2014-01-22 21:44 - 00000079 _____ C:\Users\Dominik\Desktop\Reisen online buchen - günstig Urlaub bei viaSol-Reisen.de.url
2014-01-13 21:20 - 2013-12-18 06:13 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-09 15:57 - 2014-01-23 17:24 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2014-01-09 15:57 - 2014-01-09 15:57 - 00001880 _____ C:\Users\Public\Desktop\Skype.lnk
2014-01-09 15:57 - 2014-01-09 15:57 - 00000000 ___RD C:\Program Files\Skype
2014-01-09 15:57 - 2014-01-09 15:57 - 00000000 ____D C:\ProgramData\Skype
2014-01-09 15:57 - 2014-01-09 15:57 - 00000000 ____D C:\Program Files\Common Files\Skype
2014-01-03 23:32 - 2014-01-03 23:32 - 00000000 _____ C:\extensions.sqlite

==================== One Month Modified Files and Folders =======

2014-01-23 17:32 - 2014-01-23 17:32 - 00013202 _____ C:\Users\Dominik\Downloads\FRST.txt
2014-01-23 17:31 - 2014-01-23 17:31 - 00000000 ____D C:\FRST
2014-01-23 17:31 - 2014-01-23 17:30 - 01222144 _____ (Farbar) C:\Users\Dominik\Downloads\FRST.exe
2014-01-23 17:31 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-23 17:31 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-23 17:28 - 2009-08-05 20:26 - 01666388 _____ C:\Windows\WindowsUpdate.log
2014-01-23 17:24 - 2014-01-09 15:57 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2014-01-23 16:53 - 2013-12-05 01:22 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-23 15:22 - 2013-12-14 20:58 - 00109067 _____ C:\ProgramData\nvModes.001
2014-01-23 15:20 - 2006-11-02 11:33 - 01445310 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-23 15:14 - 2013-12-13 16:57 - 00000000 ____D C:\Users\Dominik\AppData\Local\Conduit
2014-01-23 15:12 - 2013-12-05 01:22 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-23 15:12 - 2009-08-05 21:17 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2014-01-23 15:12 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-23 15:11 - 2006-11-02 14:01 - 00013076 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-23 15:08 - 2013-12-15 16:03 - 00000000 ____D C:\ProgramData\WPM
2014-01-23 15:08 - 2013-12-13 17:09 - 00000000 ____D C:\Users\Dominik\AppData\Local\SwvUpdater
2014-01-23 15:07 - 2014-01-23 15:07 - 00602856 _____ C:\Users\Dominik\Downloads\GIMP_Setup_Download.exe
2014-01-23 15:07 - 2014-01-23 15:07 - 00482736 _____ C:\Users\Dominik\Downloads\Setup_V2.exe
2014-01-23 15:07 - 2014-01-23 15:07 - 00000000 ____D C:\Users\Dominik\Documents\Optimizer Pro
2014-01-23 15:07 - 2013-12-13 16:58 - 00000000 ____D C:\ProgramData\Conduit
2014-01-23 14:53 - 2014-01-23 14:53 - 00000108 _____ C:\Users\Dominik\Desktop\Unbekanntes Symbol in Taskleiste - Trojaner-Board.url
2014-01-23 14:18 - 2014-01-23 14:18 - 00100432 _____ C:\Users\Dominik\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-23 14:17 - 2014-01-23 14:16 - 00372096 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-23 14:16 - 2014-01-23 14:16 - 00008720 _____ C:\Windows\PFRO.log
2014-01-23 14:16 - 2009-08-05 20:41 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-23 14:04 - 2014-01-23 14:04 - 00021864 _____ C:\Users\Dominik\Documents\cc_20140123_140423.reg
2014-01-23 14:03 - 2008-04-16 12:27 - 00000000 ____D C:\Windows\Panther
2014-01-23 14:02 - 2014-01-23 14:02 - 00000000 ____D C:\Program Files\CCleaner
2014-01-23 14:00 - 2014-01-23 14:00 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Malwarebytes
2014-01-23 14:00 - 2014-01-23 14:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-23 14:00 - 2014-01-23 13:58 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Dominik\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-23 13:59 - 2014-01-23 13:58 - 03571656 _____ (Piriform Ltd) C:\Users\Dominik\Downloads\ccsetup409_slim.exe
2014-01-23 13:57 - 2013-12-05 00:52 - 00000956 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-23 13:56 - 2013-12-13 16:54 - 00109067 _____ C:\ProgramData\nvModes.dat
2014-01-23 13:38 - 2014-01-23 12:20 - 1140326507 _____ (Igor Pavlov) C:\Users\Dominik\Downloads\Forsaken_Client_v3.exe
2014-01-22 21:44 - 2014-01-22 21:44 - 00000101 _____ C:\Users\Dominik\Desktop\→ Hotel Paris 17e - Hotel Abrial - Site Officiel.url
2014-01-22 21:44 - 2014-01-22 21:44 - 00000079 _____ C:\Users\Dominik\Desktop\Reisen online buchen - günstig Urlaub bei viaSol-Reisen.de.url
2014-01-16 23:57 - 2013-12-05 01:27 - 00002162 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-16 17:31 - 2013-12-05 11:46 - 00000000 ____D C:\Program Files\Common Files\Steam
2014-01-16 02:49 - 2013-12-05 11:42 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 02:49 - 2009-08-05 20:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 02:47 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-09 15:57 - 2014-01-09 15:57 - 00001880 _____ C:\Users\Public\Desktop\Skype.lnk
2014-01-09 15:57 - 2014-01-09 15:57 - 00000000 ___RD C:\Program Files\Skype
2014-01-09 15:57 - 2014-01-09 15:57 - 00000000 ____D C:\ProgramData\Skype
2014-01-09 15:57 - 2014-01-09 15:57 - 00000000 ____D C:\Program Files\Common Files\Skype
2014-01-07 22:17 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\NDF
2014-01-03 23:32 - 2014-01-03 23:32 - 00000000 _____ C:\extensions.sqlite

Files to move or delete:
====================
C:\ProgramData\dlprotect.exe


Some content of TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\avgnt.exe
C:\Users\Dominik\AppData\Local\Temp\tbRadi.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-23 15:19

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-01-2014
Ran by Dominik at 2014-01-23 17:32:23
Running from C:\Users\Dominik\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

2007 Microsoft Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Flash Player 9 ActiveX (Version: 9 - Adobe Systems)
Adobe Reader 9.0.1 - Deutsch (Version: 9.0.1 - Adobe Systems Incorporated)
AmIcoSingLun (Version: 1.1.104.1 - Alcor Micro Co., Ltd.)
AmIcoSingLun (Version: 1.1.104.1 - Alcor Micro Co., Ltd.) Hidden
ASUS FancyStart (Version: 1.0.4 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (Version: 3.0.20 - ASUS)
ASUS Power4Gear Hybrid (Version: 1.1.13 - ASUS)
ASUS SmartLogon (Version: 1.0.0006 - ASUS)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0025 - ASUS)
ASUS Virtual Camera (Version: 1.0.15 - asus)
Asus_Camera_ScreenSaver (Version: 2.0.0008 - ASUS)
Atheros Client Installation Program (Version: 7.0 - Atheros)
ATK Generic Function Service (Version: 1.00.0008 - ATK)
ATK Hotkey (Version: 1.0.0049 - ASUS)
ATK Media (Version: 2.0.0005 - ASUS)
ATKOSD2 (Version: 7.0.0003 - ASUS)
Avira Free Antivirus (Version: 14.0.2.286 - Avira)
CCleaner (Version: 4.09 - Piriform)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
CyberLink LabelPrint (Version: 2.0.2908 - CyberLink Corp.)
CyberLink Power2Go (Version: 6.0.1924 - CyberLink Corp.)
CyberLink Power2Go (Version: 6.0.1924 - CyberLink Corp.) Hidden
ETDWare PS/2-x86 7.0.5.3 WHQL (Version:  - )
GIMP 2.8.8 (Version: 2.8.8 - The GIMP Team)
Google Chrome (Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
League of Legends (Version: 1.02.0000 - Riot Games)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (Version:  - Microsoft)
Microsoft Office Excel MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (Version:  - Microsoft)
Microsoft Office Outlook Connector (Version: 12.0.6414.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (Version:  - Microsoft)
Microsoft Office PowerPoint MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (Version:  - Microsoft)
Microsoft Office Word MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (Version:  - Microsoft)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
Multimedia Card Reader (Version: 1.01.0000.00 -  )
Multimedia Card Reader (Version: 1.01.0000.00 -  ) Hidden
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
NVIDIA Drivers (Version: 1.3 - NVIDIA Corporation)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0004 - Realtek)
Realtek High Definition Audio Driver (Version: 6.0.1.5817 - Realtek Semiconductor Corp.)
Reloop ASIO Driver 1.15 (Version: 1.15 - Reloop)
Skype™ 6.1 (Version: 6.1.129 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
SRS Premium Sound (Version: 1.09.0300 - SRS Labs, Inc.)
Update for 2007 Microsoft Office System (KB967642) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (Version:  - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (Version:  - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (Version:  - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (Version:  - Microsoft)
USB 2.0 1.3M UVC WebCam (Version:  - )
VLC media player 2.1.1 (Version: 2.1.1 - VideoLAN)
Windows Live Anmelde-Assistent (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Movie Maker-Betaversion (Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (Version:  - )

==================== Restore Points  =========================

08-01-2014 23:00:01 Geplanter Prüfpunkt
09-01-2014 23:30:15 Geplanter Prüfpunkt
13-01-2014 20:19:52 Windows Update
15-01-2014 18:01:37 Geplanter Prüfpunkt
16-01-2014 01:46:35 Windows Update
16-01-2014 14:38:33 Geplanter Prüfpunkt
19-01-2014 22:24:07 Geplanter Prüfpunkt
21-01-2014 03:18:25 Geplanter Prüfpunkt
21-01-2014 08:58:27 Windows Update
21-01-2014 23:00:03 Geplanter Prüfpunkt
22-01-2014 23:00:03 Geplanter Prüfpunkt
23-01-2014 14:09:10 Removed Microsoft Silverlight

==================== Hosts content: ==========================

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1F2D2893-C9C4-49F5-95CC-C431588C268D} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {2490EB52-F3DF-4547-97F1-E5EDCA108616} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {4096F6BA-DBF0-431C-B404-035E91BFAC9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-05] (Google Inc.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {929217D0-6A31-49CA-8833-39985272005A} - System32\Tasks\ASUS P4G => C:\Program files\P4G\BatteryLife.exe [2009-04-02] (ATK)
Task: {9B2BD763-9619-4FA4-98B9-843E4003BB94} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2008-12-09] (ASUS)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EDD2B1CF-2B48-40FD-A1B6-AA42F543B79D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-05] (Google Inc.)
Task: {F6898000-0993-4B9C-9E04-BB8C3D1813DE} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-08-20 23:49 - 2008-08-20 23:49 - 00016384 _____ () C:\Program files\P4G\DevMng.dll
2009-02-04 17:44 - 2009-02-04 17:44 - 00023040 _____ () C:\Program files\P4G\OvrClk.dll
2009-08-05 21:10 - 2007-03-10 00:16 - 00106496 _____ () C:\Program Files\ATKGFNEX\AGFNEX.dll
2007-11-12 23:41 - 2007-11-12 23:41 - 00106496 _____ () C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll
2009-08-05 21:05 - 2009-03-24 12:10 - 01034784 _____ () C:\Windows\system32\RTCOM\RTCOMDLL.dll
2009-04-20 23:57 - 2009-04-20 23:57 - 00225280 _____ () C:\Program Files\asus\VirtualCamera\virtualCamera.ax
2013-12-05 02:26 - 2014-01-19 22:54 - 00126816 _____ () D:\Spiele\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\RiotLauncher.dll
2014-01-16 23:57 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-16 23:57 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-16 23:57 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-16 23:57 - 2014-01-11 11:29 - 13615896 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/23/2014 03:13:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2014 02:18:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2014 00:27:48 AM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1764
Anfangszeit: 01cf156e08da1861
Zeitpunkt der Beendigung: 4

Error: (01/16/2014 03:47:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2014 01:36:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/13/2014 09:05:27 PM) (Source: SkypeUpdate) (User: )
Description: File C:\Windows\TEMP\SKYD289.tmp has invalid signature.

Error: (01/13/2014 09:03:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/07/2014 10:48:23 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung League of Legends.exe, Version 3.15.0.260, Zeitstempel 0x52b20b88, fehlerhaftes Modul League of Legends.exe, Version 3.15.0.260, Zeitstempel 0x52b20b88, Ausnahmecode 0xc0000005, Fehleroffset 0x00060527,
Prozess-ID 0xb70, Anwendungsstartzeit League of Legends.exe0.

Error: (01/07/2014 10:00:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/19/2013 07:32:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/23/2014 03:15:56 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (01/23/2014 03:13:36 PM) (Source: Service Control Manager) (User: )
Description: SRTSP
SRTSPX

Error: (01/23/2014 03:13:36 PM) (Source: Service Control Manager) (User: )
Description: Update Storimbo%%3

Error: (01/23/2014 03:13:36 PM) (Source: Service Control Manager) (User: )
Description: Wpm Service%%2

Error: (01/23/2014 02:21:06 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (01/23/2014 02:18:44 PM) (Source: Service Control Manager) (User: )
Description: SRTSP
SRTSPX

Error: (01/16/2014 03:48:06 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (01/16/2014 03:47:52 PM) (Source: Service Control Manager) (User: )
Description: SRTSP
SRTSPX

Error: (01/16/2014 03:47:52 PM) (Source: Service Control Manager) (User: )
Description: Util Storimbo%%2

Error: (01/16/2014 03:47:52 PM) (Source: Service Control Manager) (User: )
Description: Norton Internet Security%%3


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-12-05 15:58:57.645
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 15:58:57.411
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 15:58:57.177
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 15:58:56.958
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-12-05 15:58:56.740
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 3582.31 MB
Available physical RAM: 2175.96 MB
Total Pagefile: 7356.25 MB
Available Pagefile: 5872.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.12 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:91.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Fixed) (Total:137.33 GB) (Free:89.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=12 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=137 GB) - (Type=OF Extended)

==================== End Of Log ============================

schrauber · 24.01.2014, 09:51

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.

Starte die sc-cleaner.exe mit einem Doppelclick.
Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
Eine Logdatei wird sich öffnen (sc-cleaner.txt).
Poste den Inhalt mit deiner nächsten Antwort.

und ein frisches FRST log bitte.

Unbekanntes Symbol in Taskleiste

Plagegeister aller Art und deren Bekämpfung: Unbekanntes Symbol in Taskleiste