Windows 8: Grün unterlegte Wörter im Browser

vincentfrey · 26.01.2014, 22:16

Hallo Leute,

Ich habe seit ungefähr zwei Wochen ein winziges Problem mit meinem Browser.
Einige Wörter sind grün unterlegt und doppelt unterstrichen. Wenn man mit dem Cursor über diese geht, öffnet sich ein kleines Fenser.

Ist das ein Virus? Und wie kann ich ihn beheben?

Ich benutze einen Windows 8 Aspire V3-571G von Acer.

Hilfe wird dankend angenommen!

schrauber · 26.01.2014, 22:52

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

vincentfrey · 27.01.2014, 15:22

Danke für die Hilfe!!!

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014
Ran by Vincent (administrator) on VINCENT-PC on 27-01-2014 15:16:32
Running from C:\Users\Vincent\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-07-28] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] - "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/
SearchScopes: HKLM - DefaultScope {37251830-82D0-48C1-9141-8C3E670DB351} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {37251830-82D0-48C1-9141-8C3E670DB351} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {37251830-82D0-48C1-9141-8C3E670DB351} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {37251830-82D0-48C1-9141-8C3E670DB351} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {37251830-82D0-48C1-9141-8C3E670DB351} URL = 
SearchScopes: HKCU - {37251830-82D0-48C1-9141-8C3E670DB351} URL = 
BHO: groeatsaoVer - {70BDE819-B128-3495-E219-7E140F6A2ACA} - C:\Program Files (x86)\groeatsaoVer\9sMonszA.x64.dll ()
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: groeatsaoVer - {70BDE819-B128-3495-E219-7E140F6A2ACA} - C:\Program Files (x86)\groeatsaoVer\9sMonszA.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\6brlyu3g.default
FF Homepage: about:home|hxxp://www.giga.de/software/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: BYTubeD - Bulk YouTube video Downloader - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\6brlyu3g.default\Extensions\bytubed@cs213.cse.iitk.ac.in [2013-08-28]
FF Extension: ggreatsaver - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\6brlyu3g.default\Extensions\oauopzkf@lhtxo.edu [2014-01-06]
FF Extension: Adblock Plus - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\6brlyu3g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-28]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (ggreatsaver) - C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijdoameckgacjccjejankgeghcjbpbna [2014-01-06]

==================== Services (Whitelisted) =================

U2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
U2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
U3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
U3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
U2 ETDService; C:\Program Files\Elantech\ETDService.exe [92560 2013-07-28] (ELAN Microelectronics Corp.)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
U2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
U3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
U2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-09] ()
U2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-27] (Dritek System INC.)
U2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
U3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
U1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
U3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-27] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-27 15:16 - 2014-01-27 15:16 - 00013887 _____ C:\Users\Vincent\Desktop\FRST.txt
2014-01-27 15:16 - 2014-01-27 15:16 - 00000000 ____D C:\FRST
2014-01-27 15:15 - 2014-01-27 15:15 - 02078208 _____ (Farbar) C:\Users\Vincent\Desktop\FRST64.exe
2014-01-26 21:54 - 2014-01-26 21:54 - 00000106 ____H C:\Users\Vincent\Desktop\.~lock.krBer.odt#
2014-01-26 21:54 - 2014-01-26 21:54 - 00000106 ____H C:\Users\Vincent\Desktop\.~lock.Bewerbung.odt#
2014-01-24 14:48 - 2014-01-24 14:48 - 00018386 _____ C:\Users\Vincent\Desktop\krBer.odt
2014-01-24 13:21 - 2014-01-27 15:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-24 13:21 - 2014-01-25 20:07 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-21 15:03 - 2014-01-21 15:03 - 00000381 _____ C:\Users\Vincent\Desktop\lastschrift.txt
2014-01-20 22:45 - 2014-01-20 22:45 - 00017373 _____ C:\Users\Vincent\Desktop\Bewerbung.odt
2014-01-15 20:59 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-15 20:59 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-15 20:59 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-15 20:59 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-15 20:59 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-15 20:59 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-15 20:59 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-15 20:59 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-15 20:59 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-15 20:59 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-15 20:59 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-15 20:55 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 20:55 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 20:55 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 20:55 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-09 20:55 - 2014-01-09 21:37 - 231404576 _____ (Ubisoft) C:\Users\Vincent\Downloads\FarCry3_mp_dlc.exe
2014-01-09 20:26 - 2014-01-09 20:36 - 00000000 ____D C:\Users\Vincent\AppData\Local\Ubisoft Game Launcher
2014-01-09 20:21 - 2014-01-09 20:21 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-09 19:58 - 2014-01-09 20:21 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2014-01-09 19:54 - 2014-01-09 19:54 - 00000000 ____D C:\Program Files (x86)\Origin Games
2014-01-09 17:08 - 2014-01-09 17:08 - 00000000 ____D C:\Users\Vincent\Downloads\surgeonsimulator2013_win
2014-01-09 17:07 - 2014-01-09 17:08 - 25773910 _____ C:\Users\Vincent\Downloads\surgeonsimulator2013_win.zip
2014-01-09 17:01 - 2014-01-09 17:01 - 00943872 _____ C:\Users\Vincent\Downloads\Surgeon-Simulator-2013-Setup.exe
2014-01-08 16:41 - 2014-01-08 16:43 - 00000000 ____D C:\Users\Vincent\AppData\Local\DayZ
2014-01-08 16:41 - 2014-01-08 16:41 - 00000000 ____D C:\Users\Vincent\Documents\DayZ
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Vincent\AppData\Local\Torch
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Vincent\AppData\Local\Google
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Vincent\AppData\Local\Comodo
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Torch
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Google
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Comodo
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Gast\AppData\Local\Torch
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Gast\AppData\Local\Google
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Gast\AppData\Local\Comodo
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Gast
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Torch
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comodo
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\ProgramData\groeatsaoVer
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\ProgramData\93ba841e67a354a3
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Program Files (x86)\groeatsaoVer
2014-01-06 21:39 - 2014-01-06 21:39 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-06 21:25 - 2014-01-06 21:25 - 00334104 _____ (SoftWarehouse) C:\Users\Vincent\Downloads\Will_Smith_-_Men_in_black_HQ.mp3.exe
2014-01-05 17:15 - 2014-01-05 17:24 - 19085014 _____ C:\Users\Vincent\Downloads\driver_wlan_usb.zip
2014-01-05 17:11 - 2014-01-05 17:11 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\InstallShield
2013-12-31 13:24 - 2013-12-31 13:24 - 00675988 _____ C:\Users\Vincent\Desktop\Minecraft(1).exe
2013-12-31 13:21 - 2013-12-31 13:21 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\NVIDIA
2013-12-31 13:20 - 2014-01-22 21:29 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\.minecraft
2013-12-31 13:20 - 2013-12-31 13:20 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-31 13:20 - 2013-12-31 13:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-31 13:20 - 2013-12-31 13:20 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-31 13:20 - 2013-12-31 13:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-31 13:20 - 2013-12-31 13:20 - 00000000 ____D C:\ProgramData\Sun
2013-12-31 13:20 - 2013-12-31 13:20 - 00000000 ____D C:\ProgramData\Oracle
2013-12-31 13:20 - 2013-12-31 13:20 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-31 13:18 - 2013-12-31 13:18 - 00915368 _____ (Oracle Corporation) C:\Users\Vincent\Downloads\jxpiinstall(2).exe
2013-12-31 13:18 - 2013-12-31 13:18 - 00675988 _____ C:\Users\Vincent\Downloads\Minecraft.exe

==================== One Month Modified Files and Folders =======

2014-01-27 15:16 - 2014-01-27 15:16 - 00013887 _____ C:\Users\Vincent\Desktop\FRST.txt
2014-01-27 15:16 - 2014-01-27 15:16 - 00000000 ____D C:\FRST
2014-01-27 15:15 - 2014-01-27 15:15 - 02078208 _____ (Farbar) C:\Users\Vincent\Desktop\FRST64.exe
2014-01-27 15:11 - 2014-01-24 13:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-27 15:06 - 2013-07-28 17:07 - 01510665 _____ C:\Windows\WindowsUpdate.log
2014-01-27 14:56 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-26 21:54 - 2014-01-26 21:54 - 00000106 ____H C:\Users\Vincent\Desktop\.~lock.krBer.odt#
2014-01-26 21:54 - 2014-01-26 21:54 - 00000106 ____H C:\Users\Vincent\Desktop\.~lock.Bewerbung.odt#
2014-01-25 20:16 - 2012-08-27 17:12 - 00753134 _____ C:\Windows\system32\perfh007.dat
2014-01-25 20:16 - 2012-08-27 17:12 - 00155826 _____ C:\Windows\system32\perfc007.dat
2014-01-25 20:16 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-25 20:10 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-25 20:08 - 2012-07-26 06:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2014-01-25 20:07 - 2014-01-24 13:21 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-25 20:07 - 2013-07-28 17:19 - 00000000 ____D C:\Users\Vincent\AppData\Local\Adobe
2014-01-24 14:48 - 2014-01-24 14:48 - 00018386 _____ C:\Users\Vincent\Desktop\krBer.odt
2014-01-22 21:29 - 2013-12-31 13:20 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\.minecraft
2014-01-22 21:24 - 2013-07-28 17:57 - 00000000 ____D C:\Users\Vincent\Documents\Bluetooth Folder
2014-01-22 20:51 - 2013-07-28 18:27 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-21 15:03 - 2014-01-21 15:03 - 00000381 _____ C:\Users\Vincent\Desktop\lastschrift.txt
2014-01-20 22:45 - 2014-01-20 22:45 - 00017373 _____ C:\Users\Vincent\Desktop\Bewerbung.odt
2014-01-19 16:31 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2014-01-19 08:33 - 2013-07-28 17:14 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-15 21:29 - 2013-07-31 17:38 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 21:27 - 2013-07-30 11:50 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 21:27 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-14 14:52 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2014-01-10 13:31 - 2013-08-01 10:23 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-368746121-363493086-3490673531-1002
2014-01-10 12:15 - 2013-07-31 21:52 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-10 12:15 - 2013-07-31 21:47 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-10 12:08 - 2013-07-31 21:47 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-09 23:03 - 2013-07-28 21:51 - 00000000 ____D C:\Users\Vincent\AppData\Local\CrashDumps
2014-01-09 22:44 - 2013-07-31 21:52 - 00000000 ____D C:\Users\Vincent\AppData\Local\PunkBuster
2014-01-09 21:37 - 2014-01-09 20:55 - 231404576 _____ (Ubisoft) C:\Users\Vincent\Downloads\FarCry3_mp_dlc.exe
2014-01-09 20:36 - 2014-01-09 20:26 - 00000000 ____D C:\Users\Vincent\AppData\Local\Ubisoft Game Launcher
2014-01-09 20:21 - 2014-01-09 20:21 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-09 20:21 - 2014-01-09 19:58 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2014-01-09 20:21 - 2013-07-31 21:47 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-09 20:20 - 2013-07-31 21:46 - 00097400 _____ C:\Windows\DirectX.log
2014-01-09 19:58 - 2012-08-03 03:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-09 19:54 - 2014-01-09 19:54 - 00000000 ____D C:\Program Files (x86)\Origin Games
2014-01-09 19:51 - 2013-07-31 12:10 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-09 17:08 - 2014-01-09 17:08 - 00000000 ____D C:\Users\Vincent\Downloads\surgeonsimulator2013_win
2014-01-09 17:08 - 2014-01-09 17:07 - 25773910 _____ C:\Users\Vincent\Downloads\surgeonsimulator2013_win.zip
2014-01-09 17:01 - 2014-01-09 17:01 - 00943872 _____ C:\Users\Vincent\Downloads\Surgeon-Simulator-2013-Setup.exe
2014-01-09 09:02 - 2013-08-01 10:17 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-08-01 10:17 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 16:43 - 2014-01-08 16:41 - 00000000 ____D C:\Users\Vincent\AppData\Local\DayZ
2014-01-08 16:41 - 2014-01-08 16:41 - 00000000 ____D C:\Users\Vincent\Documents\DayZ
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Vincent\AppData\Local\Torch
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Vincent\AppData\Local\Google
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Vincent\AppData\Local\Comodo
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Torch
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Google
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Comodo
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Gast\AppData\Local\Torch
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Gast\AppData\Local\Google
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Gast\AppData\Local\Comodo
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Gast
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Torch
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comodo
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\ProgramData\groeatsaoVer
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\ProgramData\93ba841e67a354a3
2014-01-06 21:40 - 2014-01-06 21:40 - 00000000 ____D C:\Program Files (x86)\groeatsaoVer
2014-01-06 21:39 - 2014-01-06 21:39 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-06 21:25 - 2014-01-06 21:25 - 00334104 _____ (SoftWarehouse) C:\Users\Vincent\Downloads\Will_Smith_-_Men_in_black_HQ.mp3.exe
2014-01-05 17:24 - 2014-01-05 17:15 - 19085014 _____ C:\Users\Vincent\Downloads\driver_wlan_usb.zip
2014-01-05 17:11 - 2014-01-05 17:11 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\InstallShield
2014-01-04 17:35 - 2012-07-26 08:21 - 00034380 _____ C:\Windows\setupact.log
2014-01-04 10:42 - 2012-12-29 14:38 - 00000000 ___RD C:\Users\Vincent\Desktop\Dies Das
2013-12-31 13:24 - 2013-12-31 13:24 - 00675988 _____ C:\Users\Vincent\Desktop\Minecraft(1).exe
2013-12-31 13:21 - 2013-12-31 13:21 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\NVIDIA
2013-12-31 13:20 - 2013-12-31 13:20 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-31 13:20 - 2013-12-31 13:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-31 13:20 - 2013-12-31 13:20 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-31 13:20 - 2013-12-31 13:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-31 13:20 - 2013-12-31 13:20 - 00000000 ____D C:\ProgramData\Sun
2013-12-31 13:20 - 2013-12-31 13:20 - 00000000 ____D C:\ProgramData\Oracle
2013-12-31 13:20 - 2013-12-31 13:20 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-31 13:18 - 2013-12-31 13:18 - 00915368 _____ (Oracle Corporation) C:\Users\Vincent\Downloads\jxpiinstall(2).exe
2013-12-31 13:18 - 2013-12-31 13:18 - 00675988 _____ C:\Users\Vincent\Downloads\Minecraft.exe

Files to move or delete:
====================
C:\Users\Vincent\jagex_cl_runescape_LIVE.dat
C:\Users\Vincent\random.dat


Some content of TEMP:
====================
C:\Users\Vincent\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Vincent\AppData\Local\Temp\sdapskill.exe
C:\Users\Vincent\AppData\Local\Temp\sonarinst.exe
C:\Users\Vincent\AppData\Local\Temp\TsuB2A1557E.dll
C:\Users\Vincent\AppData\Local\Temp\_is36E2.exe
C:\Users\Vincent\AppData\Local\Temp\_isA706.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 17:39

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014
Ran by Vincent at 2014-01-27 15:17:52
Running from C:\Users\Vincent\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (Version: 1.00.3003 - Acer Incorporated)
Acer Instant Update Service (Version: 1.00.3012 - Acer Incorporated)
Acer Power Management (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (x32 Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (x32 Version: 1.00.3103 - Acer Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (Version: 15.4.4.2 - Broadcom Corporation)
clear.fi Media (x32 Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (x32 Version: 2.01.3107 - Acer Incorporated)
Counter-Strike: Global Offensive (x32 Version:  - Valve)
Counter-Strike: Source (x32 Version:  - Valve)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819 - CyberLink Corp.) Hidden
DayZ (x32 Version:  - Bohemia Interactive)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dolby Home Theater v4 (x32 Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dota 2 (x32 Version:  - Valve)
eBay Worldwide (x32 Version: 2.3.0630 - OEM)
ETDWare PS/2-X64 11.6.11.002_WHQL (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
Far Cry 3 (x32 Version: 1.05 - Ubisoft)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
groeatsaoVer (x32 Version: 3.2.0.1219 - Greeatsaver) <==== ATTENTION
Identity Card (x32 Version: 2.00.3002 - Acer Incorporated)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (x32 Version: 7.0.4 - Acer Inc.)
Live Updater (x32 Version: 2.00.3002 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Norton Online Backup (x32 Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Office Addin (x32 Version: 2.01.3102 - Acer)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Origin (x32 Version: 9.3.1.4482 - Electronic Arts, Inc.)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Portal 2 (x32 Version:  - Valve)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (x32 Version: 11.41 - Qualcomm Atheros)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Spotify (x32 Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Tomb Raider (x32 Version:  - Crystal Dynamics)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (x32 Version: 2.0 - Ubisoft)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32 Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1 - Microsoft Corporation)
WildTangent Games (x32 Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

24-01-2014 13:13:50 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {201BCA45-E795-4149-AE9A-ECFDFA1FFC94} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {30CB288C-6BF9-42BE-AE51-0CFA6103CBE5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {3AD8DA80-8A85-4CF6-945E-37C11C0673E4} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {3B00A1D6-9FBE-4ABB-B7C3-67B974B75E0E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {41D7949E-B659-4F93-833A-5E01E5F838B9} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {94EA158F-FA27-41BB-AF2C-9CBF20927675} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {9ED32C6B-1544-4B98-9098-99B228E2955E} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-07-13] ()
Task: {A59EC215-70A5-44FD-820E-F99ECC7D97A1} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-07-13] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E7686900-B771-44F2-84C8-2F722735CD0B} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F12B3F45-26B6-4742-BA5C-35984FBAED97} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-25] (Adobe Systems Incorporated)
Task: {FD5869C3-622D-447F-966D-D1203F1AB49C} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-01-28 13:45 - 2013-01-28 13:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 13:42 - 2013-01-28 13:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2012-08-10 09:54 - 2012-08-08 16:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-31 00:04 - 2012-07-31 00:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-27 07:32 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-21 22:27 - 2013-12-21 22:27 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


==================== Memory info =========================== 

Percentage of memory in use: 28%
Total physical RAM: 8007.27 MB
Available physical RAM: 5732.7 MB
Total Pagefile: 25415.27 MB
Available Pagefile: 22961.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:679.19 GB) (Free:515.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 80B7B62A)

Partition: GPT Partition Type
==================== End Of Log ============================

schrauber · 28.01.2014, 11:21

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Windows 8: Grün unterlegte Wörter im Browser

Plagegeister aller Art und deren Bekämpfung: Windows 8: Grün unterlegte Wörter im Browser