| |
| |||||||
Log-Analyse und Auswertung: Internet Exploer öffnet sich alle 10 secWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
03.07.2014, 06:49
| #1 |
| |  Internet Exploer öffnet sich alle 10 sec Hallo mein exploer öffnet sich immer wieder.Chrome lässt sich öffnen läd aber nicht. Gestern funktionierte überhaupt kein Browser,das hab ich irgendwie wieder hinbekommen (Malewarebytes Anti Malware) hab ich runtergeladen und damit gescannt.Dieser hat ettliches unter quarantäne gestellt.Jetzt weiß ich nicht mehr weiter und trau mich auch nicht weiter. |
|
03.07.2014, 06:51
| #2 |
| /// the machine /// TB-Ausbilder    | Internet Exploer öffnet sich alle 10 sec hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
03.07.2014, 07:06
| #3 |
| | Internet Exploer öffnet sich alle 10 sec Das funktioniert nicht. er zeigt mir an das ,das programm Schaden anrichten kann und lässt es nicht zu
__________________Das funktioniert nicht .meldung; das programm kann schadhaft sein . Es wird nicht zugelassen. |
|
03.07.2014, 12:28
| #4 |
| /// the machine /// TB-Ausbilder | Internet Exploer öffnet sich alle 10 sec wer zeigt das? Windows ansich? Ist das Windows 8? auf mehr Informationen klicken, dann trotzdem zulassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.07.2014, 18:31
| #5 |
| | Internet Exploer öffnet sich alle 10 sec FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014 Ran by Robbert (administrator) on ROBBERT-PC on 03-07-2014 19:21:21 Running from C:\Users\Robbert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BI52R5J4 Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe () C:\Users\Robbert\AppData\Local\pgcchelper\pgcchelper.exe (AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\StCenter.exe (Dropbox, Inc.) C:\Users\Robbert\AppData\Roaming\Dropbox\bin\Dropbox.exe (AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\FritzDsl.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_125_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\Run: [AppSafe] => C:\Program Files (x86)\AppSafe\AppSafe.exe HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\Run: [pgcchelper] => C:\Users\Robbert\AppData\Local\pgcchelper\pgcchelper.exe [465920 2013-08-21] () HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\MountPoints2: {247770dd-abd4-11e2-a61b-001d72a7fe50} - E:\AutoRun.exe HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\MountPoints2: {247770e7-abd4-11e2-a61b-001d72a7fe50} - E:\AutoRun.exe HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\MountPoints2: {24777109-abd4-11e2-a61b-001d72a7fe50} - E:\AutoRun.exe HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\MountPoints2: {8ba3cbab-0cce-11e2-a2d2-806e6f6e6963} - D:\start.exe HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\MountPoints2: {bf8152aa-0cce-11e2-b334-001d72a7fe50} - H:\pushinst.exe HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Windows\Installer\{2457326B-C110-40C3-89B0-889CC913871A}\Icon2457326B4.exe () Startup: C:\Users\Robbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Robbert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Robbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk ShortcutTarget: FRITZ!DSL Internet.lnk -> C:\Program Files (x86)\FRITZ!DSL\FritzDsl.exe (AVM Berlin) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-3790429394-736555554-1072420433-1001\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC0E3E946AE38CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1404334966&from=tugs&uid=395049983_1052451_E00FACB1&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1404334966&from=tugs&uid=395049983_1052451_E00FACB1&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=117&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2313541273154401&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Windows\SysWOW64\nvLsp.dll [163840] (NVIDIA) Winsock: Catalog9 02 C:\Windows\SysWOW64\nvLsp.dll [163840] (NVIDIA) Winsock: Catalog9 03 C:\Windows\SysWOW64\nvLsp.dll [163840] (NVIDIA) Winsock: Catalog9 14 C:\Windows\SysWOW64\nvLsp.dll [163840] (NVIDIA) Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\nvLsp64.dll [189440] (NVIDIA) Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\nvLsp64.dll [189440] (NVIDIA) Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\nvLsp64.dll [189440] (NVIDIA) Winsock: Catalog9-x64 14 %SYSTEMROOT%\system32\nvLsp64.dll [189440] (NVIDIA) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Robbert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Robbert\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) ==================== Services (Whitelisted) ================= R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [920064 2008-01-29] () [File not signed] S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-02] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-02] (globalUpdate) [File not signed] R2 IGDCTRL; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [87344 2007-09-04] (AVM Berlin) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [193024 2008-01-29] () [File not signed] R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.) S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X] ==================== Drivers (Whitelisted) ==================== S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.) S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 WINFLASH64; \??\C:\Users\Robbert\AppData\Local\Temp\Win R01-B0\WinFlash64.sys [X] S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X] S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X] R3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-03 19:19 - 2014-07-03 19:21 - 00000000 ____D () C:\FRST 2014-07-02 23:50 - 2014-07-03 06:43 - 00000000 ____D () C:\Program Files\Google 2014-07-02 23:29 - 2014-07-02 23:29 - 00004034 _____ () C:\Windows\System32\Tasks\LaunchApp 2014-07-02 23:18 - 2014-07-03 16:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-02 23:18 - 2014-07-02 23:18 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-02 23:18 - 2014-07-02 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-02 23:17 - 2014-07-02 23:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-02 23:17 - 2014-07-02 23:17 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-02 23:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-02 23:17 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-02 23:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-02 23:06 - 2014-07-02 23:06 - 00002033 _____ () C:\Users\Robbert\Desktop\Entfernen des Avira PC Cleaners.lnk 2014-07-02 23:06 - 2014-07-02 23:06 - 00001977 _____ () C:\Users\Robbert\Desktop\Avira PC Cleaner.lnk 2014-07-02 23:04 - 2014-07-03 17:04 - 00001444 _____ () C:\Windows\Tasks\1f78799e-22da-4e38-a286-27db8fd501ff-5_user.job 2014-07-02 23:03 - 2014-07-03 17:08 - 00000930 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2014-07-02 23:03 - 2014-07-03 16:17 - 00000926 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2014-07-02 23:03 - 2014-07-02 23:03 - 00003928 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA 2014-07-02 23:03 - 2014-07-02 23:03 - 00003674 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore 2014-07-02 23:03 - 2014-07-02 23:03 - 00000000 ____D () C:\Users\Robbert\AppData\Local\pgcchelper 2014-07-02 22:41 - 2014-07-02 22:41 - 00002948 _____ () C:\Windows\System32\Tasks\{C0550BD3-1315-463F-9E58-4D2206E947A2} 2014-07-02 22:41 - 2014-07-02 22:41 - 00002948 _____ () C:\Windows\System32\Tasks\{7BFE39FC-B976-4E57-AB7F-5051470F7CCD} 2014-07-02 22:40 - 2014-07-02 22:40 - 00002948 _____ () C:\Windows\System32\Tasks\{BB3E4441-E795-410D-877A-8E706A444271} 2014-07-02 22:40 - 2014-07-02 22:40 - 00002948 _____ () C:\Windows\System32\Tasks\{22133002-1199-4DC9-9C13-B0CD88B9E0B7} 2014-07-02 22:39 - 2014-07-02 22:28 - 01073664 _____ (Farbar) C:\Users\Robbert\Desktop\FRST (4).exe 2014-07-02 21:29 - 2014-07-02 21:59 - 00000000 ____D () C:\Windows\pss 2014-07-02 21:27 - 2014-07-02 21:27 - 00005344 _____ () C:\Users\Robbert\Documents\NVIDIA System Information 07-02-2014 21-27-40.txt 2014-07-02 20:14 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-07-02 19:46 - 2014-07-02 19:46 - 00002970 _____ () C:\Windows\System32\Tasks\{F6601015-DA3F-4EB0-BA41-FE002E6C1E51} 2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Robbert\AppData\Local\NVIDIA 2014-06-22 20:13 - 2014-06-24 20:30 - 00000000 ____D () C:\Users\Robbert\Desktop\fortuna 2014-06-19 09:35 - 2014-06-19 11:00 - 00001664 _____ () C:\Windows\system32\ASOROSet.bin 2014-06-19 09:35 - 2014-06-19 09:35 - 00000000 ____D () C:\Windows\system32\config\RCCBakup 2014-06-19 09:26 - 2014-06-30 12:00 - 00000256 _____ () C:\Windows\Tasks\AppSafe.job 2014-06-19 09:26 - 2014-06-19 09:26 - 00002974 _____ () C:\Windows\System32\Tasks\AppSafe 2014-06-19 09:22 - 2014-07-02 23:40 - 00000000 ____D () C:\ProgramData\Systweak 2014-06-19 09:22 - 2014-07-02 22:42 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup 2014-06-19 09:22 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe 2014-06-19 09:21 - 2014-07-03 19:21 - 00000300 _____ () C:\Windows\Tasks\Rocket Updater.job 2014-06-19 09:21 - 2014-07-02 23:44 - 00000000 ____D () C:\Program Files\004 2014-06-19 09:21 - 2014-07-02 23:40 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\RocketUpdater 2014-06-19 09:21 - 2014-06-19 10:22 - 00000300 _____ () C:\Windows\Tasks\AppCloudUpdater.job 2014-06-19 09:21 - 2014-06-19 09:21 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector 2014-06-19 09:21 - 2014-06-19 09:21 - 00003248 _____ () C:\Windows\System32\Tasks\Rocket Updater 2014-06-19 09:21 - 2014-06-19 09:21 - 00003248 _____ () C:\Windows\System32\Tasks\AppCloudUpdater 2014-06-19 09:21 - 2014-06-19 09:21 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\AppCloudUpdater 2014-06-19 00:14 - 2014-06-19 00:14 - 02953520 _____ (AVAST Software) C:\Users\Robbert\Downloads\avast-browser-cleanup_9.0.0.224 (2).exe 2014-06-18 12:10 - 2014-07-02 19:40 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-06-18 12:09 - 2014-06-18 12:09 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Robbert\Downloads\avira_de_av___ws (1).exe 2014-06-18 12:08 - 2014-06-18 12:09 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Robbert\Downloads\avira_de_av___ws.exe 2014-06-18 11:42 - 2014-06-18 11:44 - 27641968 _____ (Opera Software ASA) C:\Users\Robbert\Downloads\Opera_22.0.1471.70_Setup.exe 2014-06-17 19:42 - 2014-06-17 19:42 - 02953520 _____ (AVAST Software) C:\Users\Robbert\Downloads\avast-browser-cleanup_9.0.0.224 (1).exe 2014-06-17 19:06 - 2014-06-17 19:06 - 00000000 ____D () C:\Program Files (x86)\saVoernet 2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-06-15 10:59 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-06-15 10:59 - 2014-06-15 11:00 - 00000000 ____D () C:\Program Files\iTunes 2014-06-15 10:59 - 2014-06-15 11:00 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-06-15 10:59 - 2014-06-15 10:59 - 00000000 ____D () C:\Program Files\iPod 2014-06-15 10:49 - 2014-06-17 19:09 - 00000000 ____D () C:\ProgramData\saVoernet 2014-06-13 18:38 - 2014-06-13 18:49 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\.technic 2014-06-13 18:37 - 2014-06-13 18:37 - 02346942 _____ () C:\Users\Robbert\Desktop\TechnicLauncher.exe 2014-06-11 07:24 - 2014-05-08 11:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-06-11 07:24 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 07:24 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 07:24 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 07:24 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 07:24 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 07:24 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 07:24 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-11 07:24 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-11 07:24 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 07:24 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 07:24 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 07:24 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-11 07:23 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 07:23 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 07:23 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 07:23 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 07:23 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-11 07:23 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-11 07:23 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 07:23 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-11 07:23 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 07:23 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 07:23 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-11 07:23 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-11 07:23 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 07:23 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 07:23 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 07:23 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 07:23 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 07:23 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 07:23 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-11 07:23 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 07:23 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 07:23 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 07:23 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 07:23 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 07:23 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 07:23 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-11 07:23 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 07:23 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 07:23 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 07:23 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 07:23 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 07:23 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 07:23 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-11 07:23 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 07:23 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 07:23 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 07:23 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 07:23 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 07:23 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 07:23 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 07:23 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 07:23 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 07:23 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 07:23 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 07:23 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 07:23 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 07:23 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 07:23 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 07:23 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 07:23 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-11 07:23 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 07:22 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 07:19 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-11 07:19 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll ==================== One Month Modified Files and Folders ======= 2014-07-03 19:21 - 2014-07-03 19:19 - 00000000 ____D () C:\FRST 2014-07-03 19:21 - 2014-06-19 09:21 - 00000300 _____ () C:\Windows\Tasks\Rocket Updater.job 2014-07-03 19:12 - 2013-06-21 16:23 - 00000000 ____D () C:\Users\Robbert\AppData\Local\LogMeIn Hamachi 2014-07-03 19:12 - 2012-10-24 12:59 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\Skype 2014-07-03 18:38 - 2013-02-04 21:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-03 18:26 - 2013-08-17 12:26 - 00000298 _____ () C:\Windows\Tasks\Dealply.job 2014-07-03 17:08 - 2014-07-02 23:03 - 00000930 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2014-07-03 17:04 - 2014-07-02 23:04 - 00001444 _____ () C:\Windows\Tasks\1f78799e-22da-4e38-a286-27db8fd501ff-5_user.job 2014-07-03 16:40 - 2012-10-23 18:34 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\.minecraft 2014-07-03 16:32 - 2014-07-02 23:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-03 16:26 - 2012-10-02 21:57 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{ABDF2FAD-69E7-4EB6-8595-43985A6C8C14} 2014-07-03 16:24 - 2009-07-14 06:45 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-03 16:24 - 2009-07-14 06:45 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-03 16:20 - 2008-01-05 22:30 - 01361266 _____ () C:\Windows\WindowsUpdate.log 2014-07-03 16:19 - 2013-08-21 00:25 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\Dropbox 2014-07-03 16:18 - 2014-05-03 15:23 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\DropboxMaster 2014-07-03 16:18 - 2013-08-21 00:28 - 00000000 ___RD () C:\Users\Robbert\Dropbox 2014-07-03 16:18 - 2009-07-14 06:51 - 00214874 _____ () C:\Windows\setupact.log 2014-07-03 16:17 - 2014-07-02 23:03 - 00000926 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2014-07-03 16:17 - 2012-10-02 22:20 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-03 16:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-03 13:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-03 13:19 - 2012-10-05 15:51 - 00000000 ____D () C:\Users\Robbert\AppData\Local\Google 2014-07-03 13:19 - 2012-10-05 15:51 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-03 09:21 - 2014-05-23 21:09 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-07-03 06:43 - 2014-07-02 23:50 - 00000000 ____D () C:\Program Files\Google 2014-07-03 06:43 - 2012-10-02 22:20 - 01761990 _____ () C:\Windows\PFRO.log 2014-07-02 23:49 - 2013-02-04 21:18 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-02 23:49 - 2013-02-04 21:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-02 23:49 - 2013-02-04 21:18 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-02 23:44 - 2014-06-19 09:21 - 00000000 ____D () C:\Program Files\004 2014-07-02 23:40 - 2014-06-19 09:22 - 00000000 ____D () C:\ProgramData\Systweak 2014-07-02 23:40 - 2014-06-19 09:21 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\RocketUpdater 2014-07-02 23:40 - 2014-05-25 22:32 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\systweak 2014-07-02 23:40 - 2014-05-25 22:30 - 00000000 ____D () C:\temp 2014-07-02 23:40 - 2014-01-10 15:49 - 00000000 ____D () C:\Program Files (x86)\VideoPlayerV3 2014-07-02 23:40 - 2013-12-05 11:30 - 00000000 ____D () C:\Users\Robbert\AppData\Local\SwvUpdater 2014-07-02 23:30 - 2012-10-24 10:16 - 00000000 ____D () C:\Users\Robbert\AppData\Local\CrashDumps 2014-07-02 23:29 - 2014-07-02 23:29 - 00004034 _____ () C:\Windows\System32\Tasks\LaunchApp 2014-07-02 23:18 - 2014-07-02 23:18 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-02 23:18 - 2014-07-02 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-02 23:18 - 2014-07-02 23:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-02 23:17 - 2014-07-02 23:17 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-02 23:06 - 2014-07-02 23:06 - 00002033 _____ () C:\Users\Robbert\Desktop\Entfernen des Avira PC Cleaners.lnk 2014-07-02 23:06 - 2014-07-02 23:06 - 00001977 _____ () C:\Users\Robbert\Desktop\Avira PC Cleaner.lnk 2014-07-02 23:03 - 2014-07-02 23:03 - 00003928 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA 2014-07-02 23:03 - 2014-07-02 23:03 - 00003674 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore 2014-07-02 23:03 - 2014-07-02 23:03 - 00000000 ____D () C:\Users\Robbert\AppData\Local\pgcchelper 2014-07-02 23:02 - 2012-10-02 22:05 - 00001623 _____ () C:\Users\Robbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-07-02 22:42 - 2014-06-19 09:22 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup 2014-07-02 22:41 - 2014-07-02 22:41 - 00002948 _____ () C:\Windows\System32\Tasks\{C0550BD3-1315-463F-9E58-4D2206E947A2} 2014-07-02 22:41 - 2014-07-02 22:41 - 00002948 _____ () C:\Windows\System32\Tasks\{7BFE39FC-B976-4E57-AB7F-5051470F7CCD} 2014-07-02 22:40 - 2014-07-02 22:40 - 00002948 _____ () C:\Windows\System32\Tasks\{BB3E4441-E795-410D-877A-8E706A444271} 2014-07-02 22:40 - 2014-07-02 22:40 - 00002948 _____ () C:\Windows\System32\Tasks\{22133002-1199-4DC9-9C13-B0CD88B9E0B7} 2014-07-02 22:28 - 2014-07-02 22:39 - 01073664 _____ (Farbar) C:\Users\Robbert\Desktop\FRST (4).exe 2014-07-02 21:59 - 2014-07-02 21:29 - 00000000 ____D () C:\Windows\pss 2014-07-02 21:36 - 2014-05-22 10:21 - 00222208 ___SH () C:\Users\Robbert\Desktop\Thumbs.db 2014-07-02 21:27 - 2014-07-02 21:27 - 00005344 _____ () C:\Users\Robbert\Documents\NVIDIA System Information 07-02-2014 21-27-40.txt 2014-07-02 20:15 - 2012-11-17 21:25 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-07-02 19:52 - 2012-10-02 22:02 - 00000000 __SHD () C:\Recovery 2014-07-02 19:46 - 2014-07-02 19:46 - 00002970 _____ () C:\Windows\System32\Tasks\{F6601015-DA3F-4EB0-BA41-FE002E6C1E51} 2014-07-02 19:40 - 2014-06-18 12:10 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-07-02 19:36 - 2012-10-02 22:03 - 00000000 ____D () C:\Users\Robbert 2014-07-02 19:34 - 2012-10-02 22:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-07-02 19:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-01 22:02 - 2012-11-01 23:02 - 00000211 _____ () C:\ProgramData\acer.zip 2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Robbert\AppData\Local\NVIDIA 2014-07-01 20:28 - 2012-11-17 21:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-06-30 17:30 - 2012-10-03 08:05 - 00697272 _____ () C:\Windows\system32\perfh007.dat 2014-06-30 17:30 - 2012-10-03 08:05 - 00149240 _____ () C:\Windows\system32\perfc007.dat 2014-06-30 17:30 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-30 12:00 - 2014-06-19 09:26 - 00000256 _____ () C:\Windows\Tasks\AppSafe.job 2014-06-29 12:28 - 2014-02-24 17:48 - 00000000 ____D () C:\Program Files (x86)\Brick-Force 2014-06-28 14:50 - 2013-12-21 15:49 - 00000768 _____ () C:\extensions.ini 2014-06-28 14:49 - 2014-01-29 20:49 - 00001632 __RSH () C:\ProgramData\ntuser.pol 2014-06-28 14:49 - 2013-03-27 21:48 - 00000680 __RSH () C:\Users\Robbert\ntuser.pol 2014-06-24 20:49 - 2014-05-14 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-06-24 20:49 - 2014-05-14 13:48 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-06-24 20:49 - 2013-06-21 16:22 - 00000886 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-06-24 20:30 - 2014-06-22 20:13 - 00000000 ____D () C:\Users\Robbert\Desktop\fortuna 2014-06-19 11:00 - 2014-06-19 09:35 - 00001664 _____ () C:\Windows\system32\ASOROSet.bin 2014-06-19 11:00 - 2009-07-14 04:34 - 73924608 _____ () C:\Windows\system32\config\software.bak 2014-06-19 11:00 - 2009-07-14 04:34 - 19660800 _____ () C:\Windows\system32\config\system.bak 2014-06-19 11:00 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak 2014-06-19 10:49 - 2009-07-14 04:34 - 00028672 _____ () C:\Windows\system32\config\sam.bak 2014-06-19 10:22 - 2014-06-19 09:21 - 00000300 _____ () C:\Windows\Tasks\AppCloudUpdater.job 2014-06-19 09:35 - 2014-06-19 09:35 - 00000000 ____D () C:\Windows\system32\config\RCCBakup 2014-06-19 09:34 - 2012-10-20 13:08 - 00000000 ____D () C:\Users\Robbert\Desktop\fotos sabine 2014-06-19 09:33 - 2014-05-23 20:57 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\Opera Software 2014-06-19 09:33 - 2014-05-23 20:57 - 00000000 ____D () C:\Users\Robbert\AppData\Local\Opera Software 2014-06-19 09:33 - 2014-05-23 20:57 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-06-19 09:26 - 2014-06-19 09:26 - 00002974 _____ () C:\Windows\System32\Tasks\AppSafe 2014-06-19 09:21 - 2014-06-19 09:21 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector 2014-06-19 09:21 - 2014-06-19 09:21 - 00003248 _____ () C:\Windows\System32\Tasks\Rocket Updater 2014-06-19 09:21 - 2014-06-19 09:21 - 00003248 _____ () C:\Windows\System32\Tasks\AppCloudUpdater 2014-06-19 09:21 - 2014-06-19 09:21 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\AppCloudUpdater 2014-06-19 00:14 - 2014-06-19 00:14 - 02953520 _____ (AVAST Software) C:\Users\Robbert\Downloads\avast-browser-cleanup_9.0.0.224 (2).exe 2014-06-18 23:14 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-18 12:25 - 2013-03-01 23:47 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer 2014-06-18 12:09 - 2014-06-18 12:09 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Robbert\Downloads\avira_de_av___ws (1).exe 2014-06-18 12:09 - 2014-06-18 12:08 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Robbert\Downloads\avira_de_av___ws.exe 2014-06-18 11:44 - 2014-06-18 11:42 - 27641968 _____ (Opera Software ASA) C:\Users\Robbert\Downloads\Opera_22.0.1471.70_Setup.exe 2014-06-17 20:35 - 2013-07-12 18:21 - 00000000 ____D () C:\Users\Robbert\Desktop\rob 2014-06-17 19:42 - 2014-06-17 19:42 - 02953520 _____ (AVAST Software) C:\Users\Robbert\Downloads\avast-browser-cleanup_9.0.0.224 (1).exe 2014-06-17 19:09 - 2014-06-15 10:49 - 00000000 ____D () C:\ProgramData\saVoernet 2014-06-17 19:06 - 2014-06-17 19:06 - 00000000 ____D () C:\Program Files (x86)\saVoernet 2014-06-17 19:06 - 2014-05-25 21:02 - 00000000 ____D () C:\ProgramData\dc0d85ca23a2490b 2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-06-15 11:00 - 2014-06-15 10:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-06-15 11:00 - 2014-06-15 10:59 - 00000000 ____D () C:\Program Files\iTunes 2014-06-15 11:00 - 2014-06-15 10:59 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-06-15 11:00 - 2014-01-03 16:59 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-06-15 10:59 - 2014-06-15 10:59 - 00000000 ____D () C:\Program Files\iPod 2014-06-15 10:55 - 2014-01-03 16:56 - 00000000 ____D () C:\ProgramData\Apple 2014-06-13 18:49 - 2014-06-13 18:38 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\.technic 2014-06-13 18:37 - 2014-06-13 18:37 - 02346942 _____ () C:\Users\Robbert\Desktop\TechnicLauncher.exe 2014-06-13 18:29 - 2012-10-24 12:59 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-06-13 18:29 - 2012-10-24 12:59 - 00000000 ____D () C:\ProgramData\Skype 2014-06-11 16:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-11 10:44 - 2013-08-15 00:15 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-11 10:42 - 2012-10-03 09:04 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-11 10:42 - 2012-10-03 08:43 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-11 10:39 - 2014-05-07 00:24 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-08 11:13 - 2014-06-11 07:19 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-11 07:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-05 17:55 - 2012-11-01 18:47 - 00000000 ____D () C:\Users\Robbert\AppData\Local\PokerStars.EU 2014-06-04 14:25 - 2013-11-27 18:23 - 00000000 ____D () C:\Users\Robbert\Desktop\Luc Musik Files to move or delete: ==================== C:\Users\Robbert\AppData\Roaming\skype.ini Some content of TEMP: ==================== C:\Users\Robbert\AppData\Local\Temp\avgnt.exe C:\Users\Robbert\AppData\Local\Temp\BackupSetup.exe C:\Users\Robbert\AppData\Local\Temp\bdfilters.dll C:\Users\Robbert\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7rtnwz.dll C:\Users\Robbert\AppData\Local\Temp\FileSystemView.dll C:\Users\Robbert\AppData\Local\Temp\htmlayout.dll C:\Users\Robbert\AppData\Local\Temp\IrsoDLL.dll C:\Users\Robbert\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-35-g4176258-b2824jnks.dll C:\Users\Robbert\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-b2879jnks.dll C:\Users\Robbert\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-b2974jnks.dll C:\Users\Robbert\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Robbert\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Robbert\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Robbert\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Robbert\AppData\Local\Temp\MybabylonTB.exe C:\Users\Robbert\AppData\Local\Temp\pyl1F52.tmp.exe C:\Users\Robbert\AppData\Local\Temp\QtraxNotification.exe C:\Users\Robbert\AppData\Local\Temp\SkypeSetup.exe C:\Users\Robbert\AppData\Local\Temp\Softonic_DE_1-5-9_DE-Production_10_CleanRelease.exe C:\Users\Robbert\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll C:\Users\Robbert\AppData\Local\Temp\uninstall40717103.exe C:\Users\Robbert\AppData\Local\Temp\uninstall40717118.exe C:\Users\Robbert\AppData\Local\Temp\Uninstaller-4828.exe C:\Users\Robbert\AppData\Local\Temp\vcredist_x64.exe C:\Users\Robbert\AppData\Local\Temp\_is91E2.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-28 12:47 ==================== End Of Log ============================ --- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Robbert at 2014-07-03 19:22:50
Running from C:\Users\Robbert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BI52R5J4
Boot Mode: Normal
==========================================================
Ganz Lieben Dank erstmal für deine Hilfe und Gedult!! Hoffe ich hab das alles richtig gemacht......
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
AVM FRITZ!DSL (HKLM-x32\...\{2457326B-C110-40C3-89B0-889CC913871A}) (Version: 2.04.02 - AVM Berlin)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.8.7.347 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.13.294.84.14 - Infernum Productions AG)
CD Audio Reader Filter (remove only) (HKLM-x32\...\CD Audio Reader Filter) (Version: - )
Craften Terminal 3.3.4897.28268 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.3.4897.28268 - Craften Dev Team)
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - )
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
DScaler 5 Mpeg Decoders (HKLM-x32\...\DScaler 5 Mpeg Decoders_is1) (Version: - )
Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
Gabest MPEG Splitter (remove only) (HKLM-x32\...\Gabest MPEG Splitter) (Version: - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LAV Filters 0.61.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.61.1 - Hendrik Leppkes)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Minecraft Texturepack Editor (HKLM-x32\...\Minecraft Texturepack Editor) (Version: - )
MyTomTom 3.2.0.802 (HKLM-x32\...\MyTomTom) (Version: 3.2.0.802 - TomTom)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: - )
NVIDIA ForceWare Network Access Manager (Version: 1.00.6776 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
OpenSource AVI Splitter (remove only) (HKLM-x32\...\OpenSource AVI Splitter) (Version: - )
OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM-x32\...\OpenSource DTS/AC3/DD+ Source Filter) (Version: - )
OpenSource Flash Video Splitter (remove only) (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: - )
PC Camera (0022.2009.1125.1004) (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.22.09 - PixArt)
pgcchelper (HKCU\...\pgcchelper) (Version: - )
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Qtrax Player (HKCU\...\1538041761.portal.qtrax.com) (Version: - portal.qtrax.com)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_STANDARD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Yontoo 1.10.03 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.03 - Yontoo LLC) <==== ATTENTION
==================== Restore Points =========================
28-06-2014 13:31:56 Windows Update
01-07-2014 18:18:49 Windows Update
02-07-2014 17:06:52 Wiederherstellungsvorgang
02-07-2014 18:08:09 Windows Update
02-07-2014 18:33:52 Wiederherstellungsvorgang
02-07-2014 21:18:45 Avira PC Cleaner - 02.07.2014 23:18
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {01F42DF4-7C62-422A-B492-4651212BA68A} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {06BD198C-5829-450F-B353-094A511056F8} - System32\Tasks\{C0550BD3-1315-463F-9E58-4D2206E947A2} => C:\Users\Robbert\Desktop\FRST (4).exe [2014-07-02] (Farbar)
Task: {0BDAD588-513D-46D9-BEF2-E36B70283CBA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {10895922-3DB2-4F05-A5A5-0154B2B7F7EA} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {1496255B-7A8C-4097-8414-199813CC2E30} - System32\Tasks\{0795F34F-0E1E-4967-ABD4-1730201A6EF6} => C:\Users\Robbert\Desktop\MinecraftSP.exe
Task: {1CE90770-65C6-46C0-A90F-AFC4B6AFD4F7} - System32\Tasks\{D8BE492D-0AFD-4FA4-BA4A-51AEE892C0BD} => C:\Users\Robbert\Desktop\MinecraftSP.exe
Task: {4F1B0B51-C018-4A77-B94B-E4DC86697819} - System32\Tasks\1f78799e-22da-4e38-a286-27db8fd501ff-5_user => C:\Program Files (x86)\HDube-V1.6\1f78799e-22da-4e38-a286-27db8fd501ff-5.exe
Task: {5015632F-9016-468C-8EC6-4356FD1CF858} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-02] (globalUpdate) <==== ATTENTION
Task: {543FEDAC-3315-44D8-B073-B6D7B2673048} - System32\Tasks\AppSafe => C:\Program Files (x86)\AppSafe\AppSafe.exe <==== ATTENTION
Task: {571FE8C6-9F6A-46E7-814C-35CFC6B661EA} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {5866031E-5F3F-43D8-B13A-411F6A372FE2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-02] (Adobe Systems Incorporated)
Task: {5C3E5AFC-4E97-4FB7-87AB-191E8B184A3F} - System32\Tasks\AppCloudUpdater => C:\Users\Robbert\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {5C70FA13-8DE6-4A27-AE74-C2BE64FBD2C4} - \DealPly No Task File <==== ATTENTION
Task: {6A4C067F-EF3F-4F35-B19B-72A6282E7620} - System32\Tasks\{A4CC2600-52B1-4F9B-91A5-6A813CF3B0A1} => Chrome.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {7447B30A-F202-4180-B27D-7E695198C3EF} - System32\Tasks\{841CC984-1C89-48F8-8782-90E820476BEE} => C:\Users\Robbert\Desktop\MinecraftSP.exe
Task: {809617FE-FB4F-4648-A245-9A26C1AE0640} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {8D74B56F-DF17-4A0F-BB9D-F8B3D2BFA741} - System32\Tasks\Rocket Updater => C:\Users\Robbert\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {90AEC0EF-09F1-43D2-9066-E662875C3ED0} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {A9A6AD19-63E4-46B5-8533-8D69722A7B0C} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION
Task: {B485C14A-A8F1-4ABD-B415-7A1CDAAB9628} - System32\Tasks\{22133002-1199-4DC9-9C13-B0CD88B9E0B7} => C:\Users\Robbert\Desktop\FRST (4).exe [2014-07-02] (Farbar)
Task: {C34EAF0D-4576-45BE-96E0-DE3A81F56D92} - System32\Tasks\{F6601015-DA3F-4EB0-BA41-FE002E6C1E51} => C:\Program Files (x86)\Java\jre7\bin\javacpl.exe [2014-04-14] (Oracle Corporation)
Task: {C8469267-6C6F-452A-89A8-4656D8FCFB2A} - System32\Tasks\{44396B3C-EB1D-4609-8CE6-F58E67F2B5E9} => C:\Users\Robbert\Desktop\MinecraftSP.exe
Task: {DF568020-6768-4053-BE61-FFD1E02EE2BD} - System32\Tasks\{1A641EA5-9CE2-42E8-8CA1-BEF11A5E8FC5} => C:\Users\Robbert\Desktop\MinecraftSP.exe
Task: {E2F16C7B-20D2-4884-BC61-4317B7231538} - System32\Tasks\{7BFE39FC-B976-4E57-AB7F-5051470F7CCD} => C:\Users\Robbert\Desktop\FRST (4).exe [2014-07-02] (Farbar)
Task: {E7DF9097-FA49-47B7-88A5-129FC8C3E959} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-02] (globalUpdate) <==== ATTENTION
Task: {EAD77AAD-B78D-41CF-95DA-E70239D963F1} - System32\Tasks\DSite => C:\Users\Robbert\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {FAC2106E-0C80-49BB-BDBC-45B26E2BABDF} - System32\Tasks\{BB3E4441-E795-410D-877A-8E706A444271} => C:\Users\Robbert\Desktop\FRST (4).exe [2014-07-02] (Farbar)
Task: C:\Windows\Tasks\1f78799e-22da-4e38-a286-27db8fd501ff-5_user.job => C:\Program Files (x86)\HDube-V1.6\1f78799e-22da-4e38-a286-27db8fd501ff-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AppCloudUpdater.job => C:\Users\Robbert\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\AppSafe.job => C:\Program Files (x86)\AppSafe\AppSafe.exe <==== ATTENTION
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Robbert\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DSite.job => C:\Users\Robbert\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Robbert\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-11-17 21:24 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-01-29 12:25 - 2008-01-29 12:25 - 00920064 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2008-01-29 12:17 - 2008-01-29 12:17 - 00115200 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2008-01-29 12:18 - 2008-01-29 12:18 - 00610816 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2008-01-29 12:24 - 2008-01-29 12:24 - 00193024 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2013-08-21 08:37 - 2013-08-21 08:37 - 00465920 _____ () C:\Users\Robbert\AppData\Local\pgcchelper\pgcchelper.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-03 16:18 - 2014-07-03 16:18 - 00043008 _____ () c:\users\robbert\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7rtnwz.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Robbert\AppData\Roaming\Dropbox\bin\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Robbert\Desktop\2014-03-30 15.20.01.mp4:com.dropbox.attributes
AlternateDataStreams: C:\Users\Robbert\Documents\2013-09-28 03.34.59.jpg:com.dropbox.attributes
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/03/2014 06:56:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9797
Error: (07/03/2014 06:56:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9797
Error: (07/03/2014 06:56:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/02/2014 11:30:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153, Zeitstempel: 0x538fb354
Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153, Zeitstempel: 0x538fb051
Ausnahmecode: 0x80000003
Fehleroffset: 0x00485166
ID des fehlerhaften Prozesses: 0x1b14
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (07/02/2014 11:08:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153, Zeitstempel: 0x538fb354
Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153, Zeitstempel: 0x538fb051
Ausnahmecode: 0x80000003
Fehleroffset: 0x00485166
ID des fehlerhaften Prozesses: 0x16a0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (07/02/2014 11:05:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17126, Zeitstempel: 0x53883991
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011d06
ID des fehlerhaften Prozesses: 0x14d0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (07/02/2014 11:05:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17126, Zeitstempel: 0x53883991
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011d06
ID des fehlerhaften Prozesses: 0x1640
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (07/02/2014 11:04:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153, Zeitstempel: 0x538fb354
Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153, Zeitstempel: 0x538fb051
Ausnahmecode: 0x80000003
Fehleroffset: 0x00485166
ID des fehlerhaften Prozesses: 0x1574
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (07/02/2014 11:04:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153, Zeitstempel: 0x538fb354
Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153, Zeitstempel: 0x538fb051
Ausnahmecode: 0x80000003
Fehleroffset: 0x00485166
ID des fehlerhaften Prozesses: 0x30c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (07/02/2014 11:03:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882d40
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005339d
ID des fehlerhaften Prozesses: 0x1668
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
System errors:
=============
Error: (07/03/2014 04:17:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/03/2014 06:43:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/03/2014 00:25:53 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (07/03/2014 00:25:53 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (07/03/2014 00:25:53 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (07/03/2014 00:25:53 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (07/02/2014 11:48:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/02/2014 11:48:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Error: (07/02/2014 11:45:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/02/2014 11:42:41 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy1" den Befehl "chkdsk" aus.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 3838.55 MB
Available physical RAM: 2610.29 MB
Total Pagefile: 7675.28 MB
Available Pagefile: 5793 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:369.27 GB) NTFS
Drive d: (20130207_103315) (CDROM) (Total:0.65 GB) (Free:0 GB) CDFS
Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4B1F2B60)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ganz liebe Dank erstmal für deine Hilfe und Gedult...... |
|
04.07.2014, 13:11
| #6 |
| /// the machine /// TB-Ausbilder | Internet Exploer öffnet sich alle 10 sec Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Scan mit Combofix
__________________ --> Internet Exploer öffnet sich alle 10 sec |
|
04.07.2014, 18:22
| #7 |
| | Internet Exploer öffnet sich alle 10 sec Hmm, habe den Revo Uninstaller gestartet ,er zeigt mir auch alle Programme an....aber keine mit dem Zusatz "Attention" Unter Ansicht und Details auch nicht (müsste doch unter den Kommentaren sein?) Lieben Dank! Möchte ja auch nichts falsch machen  |
|
05.07.2014, 18:06
| #8 |
| /// the machine /// TB-Ausbilder | Internet Exploer öffnet sich alle 10 sec genau lesen, den Zusatz findest du in der Addition.txt von FRST 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Internet Exploer öffnet sich alle 10 sec |
| anti, anti malware, browser, funktionier, gestern, inter, interne, internet, malewarebytes, malware, nicht mehr, quara, quarantäne, runtergeladen, überhaupt, öffnen, öffnet |
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
WARNUNG an die MITLESER: 
Linear-Darstellung
