Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 8: Pop-up Fenster und sich selbst öffnende Tabs.

Windows 8: Pop-up Fenster und sich selbst öffnende Tabs.


Log-Analyse und Auswertung: Windows 8: Pop-up Fenster und sich selbst öffnende Tabs.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 04.04.2014, 14:26   #1
Ma-iiii
 
Windows 8: Pop-up Fenster und sich selbst öffnende Tabs. - Standard

Windows 8: Pop-up Fenster und sich selbst öffnende Tabs.


Hallo liebes Trojaner-Board.

Seit mehreren Wochen besteht das Problem, dass sich beim Öffnen neuer Webseiten oder beim Klicken auf einen Link ein neuer Tab mit der Bitte zum Installieren des Flash Players öffnet. Vom Adobe Flash Player ist hier aber wahrscheinlich nicht die Rede. Zusätzlich öffnen sich Pop-up Fenster, in denen gesagt wird, dass der PC gescannt wird und der PC aufgrund verschiedenster Anwendungen zu langsam sei. Zusätzlich, wie auch auf dieser Webseite sieht man einige geschriebene Wörter doppelt und blau unterstrichen als Link, wobei ich darauf noch nicht geklickt habe um zu sehen wohin diese Verlinkung führt. Als letztes "Symptom" ist eine vermehrte und plötzliche Öffnung von Pop-up Fenstern mit verschiedenster Werbung zu beobachten.

Ich hoffe ihr könnt mit helfen und schonmal im Vorraus vielen lieben Dank für eure Mühen!

defogger_disable
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:40 on 04/04/2014 (Heike)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by ***** (administrator) on HEIKE on 04-04-2014 14:42:40
Running from C:\Users\*****\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016432 2013-03-07] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [548864 2009-02-04] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] ( (Atheros Communications))
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-03-07] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-03-07] (NVIDIA Corporation)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T&q={searchTerms}
SearchScopes: HKLM - {8E2F353B-9A3A-40E6-A291-7876503006E6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T&q={searchTerms}
SearchScopes: HKLM-x32 - {8E2F353B-9A3A-40E6-A291-7876503006E6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393571665&from=tugs&uid=TOSHIBAXMQ01ABF050_73DCW0G6TXX73DCW0G6T&q={searchTerms}
SearchScopes: HKCU - {8E2F353B-9A3A-40E6-A291-7876503006E6} URL = 
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: MediaPlayerEnhance - {11111111-1111-1111-1111-110411411150} - C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-bho64.dll (Feven)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MediaPlayerEnhance - {11111111-1111-1111-1111-110411411150} - C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-bho.dll (Feven)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbjvg716.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbjvg716.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbjvg716.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbjvg716.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbjvg716.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbjvg716.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MediaPlayerEnhance - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbjvg716.default\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com [2014-03-14]
FF Extension: WEB.DE MailCheck - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbjvg716.default\Extensions\toolbar@web.de.xpi [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ahf4wxo4.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [710976 2014-01-27] ()
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-28] (Cherished Technololgy LIMITED)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-07] (Synaptics Incorporated)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S2 SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-04 14:42 - 2014-04-04 14:42 - 00020438 _____ () C:\Users\*****\Desktop\FRST.txt
2014-04-04 14:42 - 2014-04-04 14:42 - 00000000 ____D () C:\FRST
2014-04-04 14:41 - 2014-04-04 14:41 - 02157056 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-04-04 14:40 - 2014-04-04 14:40 - 00000484 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-04-04 14:40 - 2014-04-04 14:40 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-04-04 14:38 - 2014-04-04 14:38 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-03-21 11:00 - 2014-03-21 11:00 - 06708928 _____ (TomTom International B.V.) C:\Users\*****\Downloads\InstallMyDriveConnect.exe
2014-03-19 16:26 - 2014-03-19 16:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-19 14:57 - 2014-03-19 15:01 - 00031232 ___SH () C:\Users\*****\Downloads\Thumbs.db
2014-03-14 09:34 - 2014-02-23 10:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 09:34 - 2014-02-23 10:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 09:34 - 2014-02-23 10:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-14 09:34 - 2014-02-23 10:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-14 09:34 - 2014-02-23 10:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 09:34 - 2014-02-23 10:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 09:34 - 2014-02-23 10:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 09:34 - 2014-02-23 10:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 09:34 - 2014-02-23 10:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 09:34 - 2014-02-23 10:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 09:34 - 2014-02-23 10:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 09:34 - 2014-02-23 10:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-14 09:34 - 2014-02-23 10:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-14 09:34 - 2014-02-23 10:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 09:34 - 2014-02-23 10:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 09:34 - 2014-02-23 10:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 09:34 - 2014-02-23 08:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 09:34 - 2014-02-23 08:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 09:34 - 2014-02-23 08:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 09:34 - 2014-02-23 08:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 09:34 - 2014-02-23 08:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 09:34 - 2014-02-23 08:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 09:34 - 2014-02-23 06:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-03-14 09:34 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 09:34 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-14 09:34 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-14 09:33 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 09:33 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 09:33 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 09:33 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 09:33 - 2013-12-07 08:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-14 09:33 - 2013-12-07 07:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-08 15:00 - 2014-03-08 15:00 - 00000000 ____D () C:\Program Files\SavingsBull
2014-03-05 11:24 - 2014-03-05 11:24 - 00000000 __SHD () C:\Recovery
2014-03-05 11:16 - 2014-03-05 11:16 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-03-05 10:58 - 2014-03-05 10:58 - 00000712 _____ () C:\Windows\DtcInstall.log
2014-03-05 10:56 - 2014-03-05 10:57 - 00001563 _____ () C:\Windows\comsetup.log
2014-03-05 10:54 - 2014-03-05 11:01 - 00520446 _____ () C:\Windows\setupact.log
2014-03-05 10:54 - 2014-03-05 11:01 - 00032388 _____ () C:\Windows\diagwrn.xml
2014-03-05 10:54 - 2014-03-05 11:01 - 00032388 _____ () C:\Windows\diagerr.xml
2014-03-05 10:54 - 2014-03-05 10:54 - 00000000 _____ () C:\Windows\setuperr.log

==================== One Month Modified Files and Folders =======

2014-04-04 14:42 - 2014-04-04 14:42 - 00020438 _____ () C:\Users\*****\Desktop\FRST.txt
2014-04-04 14:42 - 2014-04-04 14:42 - 00000000 ____D () C:\FRST
2014-04-04 14:41 - 2014-04-04 14:41 - 02157056 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-04-04 14:40 - 2014-04-04 14:40 - 00000484 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-04-04 14:40 - 2014-04-04 14:40 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-04-04 14:40 - 2014-02-15 23:18 - 00000000 ____D () C:\Users\*****
2014-04-04 14:38 - 2014-04-04 14:38 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-04-04 14:21 - 2014-03-04 16:37 - 01245970 _____ () C:\Windows\WindowsUpdate.log
2014-04-04 14:21 - 2014-02-28 09:16 - 00002430 _____ () C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job
2014-04-04 14:16 - 2014-02-28 09:16 - 00001630 _____ () C:\Windows\Tasks\MediaPlayerEnhance-updater.job
2014-04-04 14:16 - 2014-02-28 09:16 - 00001586 _____ () C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job
2014-04-04 14:16 - 2014-02-28 09:16 - 00001484 _____ () C:\Windows\Tasks\MediaPlayerEnhance-enabler.job
2014-04-04 14:15 - 2014-02-28 09:15 - 00003144 _____ () C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job
2014-04-04 14:06 - 2014-02-15 23:26 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2839397568-1600097902-707492972-1002
2014-04-04 14:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-29 19:50 - 2014-02-16 00:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-23 15:14 - 2014-02-16 00:29 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-21 11:14 - 2013-10-09 00:48 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-03-21 11:14 - 2013-10-09 00:48 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-03-21 11:14 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-21 11:00 - 2014-03-21 11:00 - 06708928 _____ (TomTom International B.V.) C:\Users\*****\Downloads\InstallMyDriveConnect.exe
2014-03-19 17:05 - 2014-02-15 23:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 16:26 - 2014-03-19 16:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-19 15:01 - 2014-03-19 14:57 - 00031232 ___SH () C:\Users\*****\Downloads\Thumbs.db
2014-03-19 14:58 - 2014-02-16 00:49 - 00000000 ___RD () C:\Users\*****\Documents\Eigene Dateien alt
2014-03-19 14:32 - 2014-02-16 00:47 - 00000000 ____D () C:\Users\*****\Documents\Downloads alt
2014-03-19 13:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-18 12:47 - 2014-02-18 12:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 12:45 - 2014-02-18 12:35 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 12:45 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-16 11:38 - 2014-02-15 23:20 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-16 11:38 - 2014-02-15 23:20 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-16 11:37 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 11:36 - 2014-03-04 18:19 - 00001460 _____ () C:\Windows\PFRO.log
2014-03-15 20:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-03-15 20:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 20:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 20:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-15 20:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-12 08:50 - 2014-02-16 00:05 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-08 18:19 - 2014-02-15 23:19 - 00000000 ____D () C:\Users\*****\AppData\Local\VirtualStore
2014-03-08 15:00 - 2014-03-08 15:00 - 00000000 ____D () C:\Program Files\SavingsBull
2014-03-05 11:52 - 2013-11-14 10:24 - 00000000 ___HD () C:\$Windows.~BT
2014-03-05 11:45 - 2014-02-15 23:18 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-05 11:45 - 2013-10-08 15:25 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-03-05 11:45 - 2013-10-08 15:18 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-05 11:45 - 2013-10-08 15:17 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-05 11:45 - 2013-10-08 15:17 - 00000000 ____D () C:\Windows\system32\NV
2014-03-05 11:45 - 2013-10-08 15:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-05 11:45 - 2013-10-08 15:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-05 11:45 - 2013-10-08 14:56 - 00000000 ____D () C:\Program Files\Intel
2014-03-05 11:45 - 2013-08-02 16:59 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-05 11:45 - 2013-08-02 16:53 - 00000000 ____D () C:\ProgramData\PRICache
2014-03-05 11:45 - 2012-07-26 10:18 - 00000000 ____D () C:\Windows\DigitalLocker
2014-03-05 11:45 - 2012-07-26 10:12 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-03-05 11:45 - 2012-07-26 10:12 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-03-05 11:45 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\spool
2014-03-05 11:45 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\Recovery
2014-03-05 11:45 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\IME
2014-03-05 11:45 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Help
2014-03-05 11:45 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-05 11:45 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-03-05 11:45 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-03-05 11:45 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\system32\WCN
2014-03-05 11:45 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\SysWOW64\SMI
2014-03-05 11:45 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-03-05 11:37 - 2013-10-08 15:47 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2014-03-05 11:37 - 2013-10-08 15:47 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2014-03-05 11:24 - 2014-03-05 11:24 - 00000000 __SHD () C:\Recovery
2014-03-05 11:16 - 2014-03-05 11:16 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-03-05 11:01 - 2014-03-05 10:54 - 00520446 _____ () C:\Windows\setupact.log
2014-03-05 11:01 - 2014-03-05 10:54 - 00032388 _____ () C:\Windows\diagwrn.xml
2014-03-05 11:01 - 2014-03-05 10:54 - 00032388 _____ () C:\Windows\diagerr.xml
2014-03-05 10:58 - 2014-03-05 10:58 - 00000712 _____ () C:\Windows\DtcInstall.log
2014-03-05 10:57 - 2014-03-05 10:56 - 00001563 _____ () C:\Windows\comsetup.log
2014-03-05 10:56 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Registration
2014-03-05 10:54 - 2014-03-05 10:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-05 04:28 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-03-05 02:53 - 2014-02-15 23:18 - 00000000 ____D () C:\Users\*****\AppData\Local\Packages
2014-03-05 00:52 - 2014-02-18 10:17 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-05 00:52 - 2014-02-18 10:17 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-18 12:44

==================== End Of Log ============================
--- --- ---



Addition
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by ***** at 2014-04-04 14:43:18
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
NVIDIA Grafiktreiber 311.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.41 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.41 (Version: 311.41 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.0 - Tracker Software Products Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.31 - Synaptics Incorporated)

==================== Restore Points  =========================

05-03-2014 08:20:46 Windows Update
12-03-2014 13:01:30 Geplanter Prüfpunkt
18-03-2014 10:45:06 Windows Update
21-03-2014 12:07:22 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03028265-831A-4808-A6F6-AAEFCCDE99C7} - System32\Tasks\MediaPlayerEnhance-firefoxinstaller => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-firefoxinstaller.exe [2014-02-28] (Feven) <==== ATTENTION
Task: {096BEE5B-0EEB-46FF-9063-B89915DAA3C6} - System32\Tasks\MediaPlayerEnhance-chromeinstaller => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-chromeinstaller.exe [2014-02-28] (Feven) <==== ATTENTION
Task: {14D54D20-ED4E-47FB-8224-E6E357F0DE1E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2A67373B-94EA-4F04-A7DE-F1088AD90AD7} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {3DAAE470-8D17-435A-8592-93B0F345D581} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {4B355C8A-86CD-4093-9742-DE90F8E3B171} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {6391432F-C19E-44F9-93F8-B5ADE170316E} - System32\Tasks\MediaPlayerEnhance-codedownloader => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-codedownloader.exe [2014-02-28] (Feven) <==== ATTENTION
Task: {6D05B6E1-7920-4A4E-A569-3CB7C0C2F508} - System32\Tasks\MediaPlayerEnhance-updater => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-updater.exe [2014-02-28] (Feven) <==== ATTENTION
Task: {6E66AE2A-CC7D-4123-BD4C-CF326C15C176} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-03-19] (Microsoft Corporation)
Task: {709FD972-1CB1-4E58-84BE-758EC36E0C8B} - System32\Tasks\MediaPlayerEnhance-enabler => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-enabler.exe [2014-02-28] (Feven) <==== ATTENTION
Task: {819C0E6B-C399-4A1D-91F4-837AC730F658} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {88206111-9B75-4AA6-BF35-FD2B1A2FA3A6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {A4B456F7-F527-423D-89FD-08DEDEE54244} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A8BBF1A2-4910-4E54-844D-BD34F2475F7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D727F8AA-67AA-401F-B38A-7B6A6D4AAAE8} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)
Task: {E193093F-0153-400E-B1F3-38E0ECA1F9A5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F69F0305-4D37-4E39-8618-6061FFFD1DFC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-03-19] (Microsoft Corporation)
Task: {F9EFA2E2-04FA-4E63-ACD0-E248FB22A55B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\MediaPlayerEnhance-enabler.job => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\MediaPlayerEnhance-updater.job => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-updater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-02-23 11:57 - 2008-06-04 16:53 - 00027648 _____ () C:\Windows\System32\spd__l6.dll
2014-01-27 22:45 - 2014-01-27 22:45 - 00710976 _____ () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
2014-03-23 15:13 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-02-16 00:29 - 2014-01-02 19:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-02-28 18:05 - 2013-02-28 18:05 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 18:02 - 2013-02-28 18:02 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-28 18:06 - 2013-02-28 18:06 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-02-23 11:57 - 2009-02-04 19:55 - 00548864 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2014-02-23 11:57 - 2008-07-22 11:00 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2014-02-16 00:09 - 2013-12-09 12:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-16 00:13 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-02-16 00:13 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-16 00:13 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-16 00:13 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-16 00:13 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-10-08 15:10 - 2013-03-20 09:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-02-16 12:41 - 2014-02-16 12:41 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-03-19 16:26 - 2014-03-19 16:26 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/27/2014 07:40:23 PM) (Source: Desktop Window Manager) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (03/16/2014 11:43:44 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (03/05/2014 06:49:43 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (03/05/2014 05:45:30 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (03/05/2014 05:37:22 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (03/05/2014 00:06:44 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (03/05/2014 11:58:24 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (03/04/2014 06:39:28 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (03/04/2014 06:35:14 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (03/04/2014 06:26:51 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.


System errors:
=============
Error: (03/21/2014 02:07:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: TomTom - Other hardware - TomTom

Error: (03/21/2014 11:31:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: TomTom - Other hardware - TomTom

Error: (03/21/2014 11:20:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: TomTom - Other hardware - TomTom

Error: (03/21/2014 11:10:54 AM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{4A0A6E8D-B7A6-461E-8921-B2DBD7D020ED} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (03/16/2014 11:37:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/16/2014 11:37:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/16/2014 11:37:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/05/2014 05:30:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/05/2014 05:30:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/05/2014 05:30:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (03/27/2014 07:40:23 PM) (Source: Desktop Window Manager)(User: )
Description: 0x8898008d

Error: (03/16/2014 11:43:44 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/05/2014 06:49:43 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/05/2014 05:45:30 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/05/2014 05:37:22 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/05/2014 00:06:44 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/05/2014 11:58:24 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/04/2014 06:39:28 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/04/2014 06:35:14 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/04/2014 06:26:51 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 8072.27 MB
Available physical RAM: 4758 MB
Total Pagefile: 9288.27 MB
Available Pagefile: 5297.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.75 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.61 GB) (Free:402.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 9D1A719B)

Partition: GPT Partition Type.

==================== End Of Log ============================
--- --- ---



GMER
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-04 14:55:19
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000035 TOSHIBA_MQ01ABF050 rev.AM001J 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\HEIKER~1\AppData\Local\Temp\kgloipoc.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\System32\LogonUI.exe[3880] C:\Windows\System32\MSIMG32.dll!GradientFill + 690                                                000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[3880] C:\Windows\System32\MSIMG32.dll!GradientFill + 698                                                000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[3880] C:\Windows\System32\MSIMG32.dll!TransparentBlt + 246                                              000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[4028] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306  000007ff06e5177a 4 bytes [E5, 06, FF, 07]
.text   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[4028] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314  000007ff06e51782 4 bytes [E5, 06, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[4836] C:\Windows\System32\MSIMG32.dll!GradientFill + 690                                                000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[4836] C:\Windows\System32\MSIMG32.dll!GradientFill + 698                                                000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[4836] C:\Windows\System32\MSIMG32.dll!TransparentBlt + 246                                              000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[5696] C:\Windows\System32\MSIMG32.dll!GradientFill + 690                                                000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[5696] C:\Windows\System32\MSIMG32.dll!GradientFill + 698                                                000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[5696] C:\Windows\System32\MSIMG32.dll!TransparentBlt + 246                                              000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[8100] C:\Windows\System32\MSIMG32.dll!GradientFill + 690                                                000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[8100] C:\Windows\System32\MSIMG32.dll!GradientFill + 698                                                000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\LogonUI.exe[8100] C:\Windows\System32\MSIMG32.dll!TransparentBlt + 246                                              000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\dwm.exe[1144] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                    000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\dwm.exe[1144] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                    000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\dwm.exe[1144] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                  000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2844] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                       000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2844] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                       000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2844] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                     000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[852] C:\Windows\system32\MSIMG32.dll!GradientFill + 690                                                  000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[852] C:\Windows\system32\MSIMG32.dll!GradientFill + 698                                                  000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[852] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246                                                000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[852] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                        000007ff06e5177a 4 bytes [E5, 06, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[852] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                        000007ff06e51782 4 bytes [E5, 06, FF, 07]
.text   C:\Windows\system32\taskhostex.exe[600] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                              000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\taskhostex.exe[600] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                              000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\taskhostex.exe[600] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                            000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\Explorer.EXE[3800] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                        000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\Explorer.EXE[3800] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                        000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\Explorer.EXE[3800] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                      000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[7224] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                         000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[7224] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                         000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[7224] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                       000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe[6692] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                          000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe[6692] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                          000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe[6692] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                        000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\wbem\unsecapp.exe[6332] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                          000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\wbem\unsecapp.exe[6332] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                          000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\wbem\unsecapp.exe[6332] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                        000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[672] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690            000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[672] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698            000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[672] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246          000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[672] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 742                000007fef6731b32 4 bytes [73, F6, FE, 07]
.text   C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[672] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 750                000007fef6731b3a 4 bytes [73, F6, FE, 07]
.text   C:\Windows\System32\igfxtray.exe[6880] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                               000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\igfxtray.exe[6880] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                               000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\igfxtray.exe[6880] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                             000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\igfxsrvc.exe[8096] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                               000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\igfxsrvc.exe[8096] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                               000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\igfxsrvc.exe[8096] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                             000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\hkcmd.exe[7504] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                  000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\hkcmd.exe[7504] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                  000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\hkcmd.exe[7504] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\igfxpers.exe[6336] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                               000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\igfxpers.exe[6336] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                               000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\System32\igfxpers.exe[6336] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                             000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe[1484] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690    000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe[1484] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698    000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe[1484] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246  000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[7492] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[7492] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[7492] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                              000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[7480] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                 000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[7480] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                 000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[7480] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                               000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[360] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                         000007ff06e5177a 4 bytes [E5, 06, FF, 07]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[360] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                         000007ff06e51782 4 bytes [E5, 06, FF, 07]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[360] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                   000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[360] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                   000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[360] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                 000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[7832] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                     000007ff06e5177a 4 bytes [E5, 06, FF, 07]
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[7832] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                     000007ff06e51782 4 bytes [E5, 06, FF, 07]
.text   C:\Windows\Samsung\PanelMgr\caller64.exe[2160] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                       000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\Samsung\PanelMgr\caller64.exe[2160] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                       000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\Samsung\PanelMgr\caller64.exe[2160] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                     000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\igfxext.exe[2624] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\igfxext.exe[2624] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\igfxext.exe[2624] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                              000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\wbem\unsecapp.exe[7364] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                          000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\wbem\unsecapp.exe[7364] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                          000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Windows\system32\wbem\unsecapp.exe[7364] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                        000007ff0472165a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[3680] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                    000007ff04721532 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[3680] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                    000007ff0472153a 4 bytes [72, 04, FF, 07]
.text   C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[3680] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                  000007ff0472165a 4 bytes [72, 04, FF, 07]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [4992:3520]                                                                                               fffff960009655e8
Thread  C:\Windows\SYSTEM32\ntdll.dll [7948:2824]                                                                                               0000000000cd53d3
Thread  C:\Windows\SYSTEM32\ntdll.dll [7948:2816]                                                                                               00000000717cb89c
Thread  C:\Windows\SYSTEM32\ntdll.dll [7948:7864]                                                                                               00000000717cbaf3
Thread  C:\Windows\SYSTEM32\ntdll.dll [7948:5332]                                                                                               00000000717cb3c2

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                   unknown MBR code

---- EOF - GMER 2.1 ----
Geändert von Ma-iiii (04.04.2014 um 14:52 Uhr)

 

Themen zu Windows 8: Pop-up Fenster und sich selbst öffnende Tabs.
4d36e972-e325-11ce-bfc1-08002be10318, antivir, avira, blau unterstrichen, browser, device driver, failed, fehler, firefox, firefox 28.0, homepage, iexplore.exe, langsam, launch, mozilla, msiinstaller, netzwerk, ntdll.dll, problem, quick_start, realtek, registry, rundll, security, services.exe, siteadvisor, software, svchost.exe, symantec, system, teredo, tracker, usb, werbung, windows


« Oxy und Pilefile Virus | PWS:Win32/Zbot.gen!GO Trojaner gefunden. Über 3000 Meldungen vom Viren-Programm »


Ähnliche Themen: Windows 8: Pop-up Fenster und sich selbst öffnende Tabs.


  1. Ungewollt öffnende Tabs
    Plagegeister aller Art und deren Bekämpfung - 28.10.2015 (18)
  2. Werbebanner und sich automatisch öffnende Tabs
    Plagegeister aller Art und deren Bekämpfung - 23.02.2015 (7)
  3. Browser öffnet neue Tabs und schließt sich selbst
    Plagegeister aller Art und deren Bekämpfung - 30.12.2014 (17)
  4. Sich selbständig öffnende Tabs in Google Chrome (Windows 7)
    Log-Analyse und Auswertung - 19.08.2014 (19)
  5. Windows 7: Werbung überall und Tabs öffnen sich von selbst
    Log-Analyse und Auswertung - 25.07.2014 (9)
  6. Sich selbst öffnende (Werbe-)Webseiten, Startseiten-Änderung
    Log-Analyse und Auswertung - 21.06.2014 (12)
  7. Windows 8 / Mozilla Firefox : Ständig öffnen sich neue Fenster und Tabs mit Werbung und Warnhinweisen
    Log-Analyse und Auswertung - 28.05.2014 (7)
  8. Windows 7: Beim Surfen öffnen sich ungewollt neu tabs/Fenster mit Werbung
    Log-Analyse und Auswertung - 08.05.2014 (10)
  9. Windows Vista: blaue, doppelunterstrichende Wörter mit Verlinkungen und willkührlich sich öffnende Tabs
    Log-Analyse und Auswertung - 26.03.2014 (15)
  10. Nation zoom und andere sich plötzlich öffnende Tabs
    Log-Analyse und Auswertung - 25.12.2013 (15)
  11. Firefox macht sich selbständig (extrem viele Fenster, plötzlich öffnende Startseite)
    Plagegeister aller Art und deren Bekämpfung - 23.11.2013 (21)
  12. Windows 7: Komische Werbung bei Chrome und selbst öffnende Fenster nach Tune-Up Utilities Installation
    Plagegeister aller Art und deren Bekämpfung - 10.09.2013 (11)
  13. Überall ungewollte Werbung und sich öffnende Fenster
    Log-Analyse und Auswertung - 05.09.2013 (5)
  14. Windows 7 Google Chrome Tabs öffnen sich ständig im neuen Fenster
    Plagegeister aller Art und deren Bekämpfung - 14.08.2013 (11)
  15. Browser öffnet leere Google-Fenster/Tabs von selbst
    Plagegeister aller Art und deren Bekämpfung - 12.12.2011 (2)
  16. Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc.
    Plagegeister aller Art und deren Bekämpfung - 26.06.2011 (11)
  17. tabs öffnen sich von selbst, schwarzer Bildschirm und pc-absturz!
    Log-Analyse und Auswertung - 16.11.2010 (18)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 8: Pop-up Fenster und sich selbst öffnende Tabs. - Hallo liebes Trojaner-Board. Seit mehreren Wochen besteht das Problem, dass sich beim Öffnen neuer Webseiten oder beim Klicken auf einen Link ein neuer Tab mit der Bitte zum Installieren des - Windows 8: Pop-up Fenster und sich selbst öffnende Tabs....
Archiv
Du betrachtest: Windows 8: Pop-up Fenster und sich selbst öffnende Tabs. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19