Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Browser öffnet ungewollt mehrere Tabs

Browser öffnet ungewollt mehrere Tabs


Plagegeister aller Art und deren Bekämpfung: Browser öffnet ungewollt mehrere Tabs

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 03.08.2014, 00:02   #5
JosiChan
 
Browser öffnet ungewollt mehrere Tabs - Standard

Browser öffnet ungewollt mehrere Tabs


2. Scan


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by Josi (administrator) on JOSI-PC on 03-08-2014 00:44:08
Running from C:\Users\Josi\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\vsnpstd3.exe
(Akamai Technologies, Inc.) C:\Users\Josi\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Josi\AppData\Local\Akamai\netsession_win.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies S.A.) C:\Users\Josi\Desktop\Programme\Skype.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Program Files\Horizon Online\HorizonOnline.exe
(Google Inc.) C:\Users\Josi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Josi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Josi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Josi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Josi\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6545552 2012-05-29] (Realtek Semiconductor)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKU\S-1-5-21-3356741421-1262078198-2364291893-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Josi\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3356741421-1262078198-2364291893-1001\...\Run: [Google Update] => C:\Users\Josi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-26] (Google Inc.)
HKU\S-1-5-21-3356741421-1262078198-2364291893-1001\...\Run: [Facebook Update] => C:\Users\Josi\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-11] (Facebook Inc.)
HKU\S-1-5-21-3356741421-1262078198-2364291893-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Josi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Josi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
BootExecute: autocheck autochk *  /sync /restart /sync /restart /sync /restart /sync /restartsdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB5456C2AEE9DCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.kiebel.de
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.com
hxxp://syb.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://syb.msn.com
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3321902&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP38E3F3A7-E436-4AFA-8722-743FA6652C93&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.130 192.168.1.10
Tcpip\..\Interfaces\{6E50F657-ED93-4D87-9B19-28A808A4141E}: [NameServer]192.168.1.10 192.168.1.130

FireFox:
========
FF ProfilePath: C:\Users\Josi\AppData\Roaming\Mozilla\Firefox\Profiles\qom26sfp.default
FF Homepage: hxxp://mysearch.avg.com?cid={237F8D70-43B6-4031-A1EB-AE7D32A9ADCA}&mid=97130e2cf74d47d093191929468f4f4d-57421819968860960104091d1c2a58cb90a54653&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 12:37:03&v=18.0.5.292&pid=safeguard&sg=&sap=hp
FF Keyword.URL: user_pref("keyword.URL", "");
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Josi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Josi\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Josi\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Josi\AppData\Roaming\Mozilla\Firefox\Profiles\qom26sfp.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2013-06-25]
FF Extension: Adblock Plus - C:\Users\Josi\AppData\Roaming\Mozilla\Firefox\Profiles\qom26sfp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-17]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Josi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
CHR Extension: (Google Drive) - C:\Users\Josi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-01]
CHR Extension: (YouTube) - C:\Users\Josi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-28]
CHR Extension: (Google-Suche) - C:\Users\Josi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-28]
CHR Extension: (Google Wallet) - C:\Users\Josi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Google Mail) - C:\Users\Josi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [31744 2010-12-15] () [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-02] (AVG Technologies)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-24] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-10-10] (AnchorFree Inc.)
S3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-01-31] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-05-14] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [104448 2012-05-10] (Renesas Electronics Corporation) [File not signed]
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [221184 2012-05-10] (Renesas Electronics Corporation) [File not signed]
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 00:44 - 2014-08-03 00:44 - 00021049 _____ () C:\Users\Josi\Desktop\FRST.txt
2014-08-03 00:44 - 2014-08-03 00:39 - 02094080 _____ (Farbar) C:\Users\Josi\Desktop\FRST64.exe
2014-08-03 00:41 - 2014-08-03 00:44 - 00000000 ____D () C:\FRST
2014-08-03 00:39 - 2014-08-03 00:39 - 02094080 _____ (Farbar) C:\Users\Josi\Downloads\FRST64.exe
2014-08-01 14:17 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-01 14:15 - 2014-08-01 14:15 - 01361309 _____ () C:\Users\Josi\Downloads\adwcleaner_3.302.exe
2014-08-01 03:07 - 2014-08-01 03:07 - 00052312 _____ () C:\Users\Josi\Downloads\Shortcut.txt
2014-07-31 19:26 - 2014-07-31 19:26 - 00000000 ____D () C:\Users\Josi\Documents\Paradox
2014-07-31 18:54 - 2014-07-31 18:55 - 1610446077 _____ (Paradox Online ) C:\Users\Josi\Downloads\ParadoxSetup.exe
2014-07-30 23:46 - 2014-07-30 23:46 - 00000000 ____D () C:\Users\Josi\Downloads\ElophantClient
2014-07-30 23:45 - 2014-07-30 23:45 - 00992401 _____ () C:\Users\Josi\Downloads\ElophantClient.zip
2014-07-27 20:22 - 2014-07-27 20:22 - 00000275 _____ () C:\Users\Josi\Desktop\forum text.txt
2014-07-21 13:40 - 2014-07-21 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-21 13:39 - 2014-07-21 13:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-21 13:39 - 2014-07-21 13:40 - 00000000 ____D () C:\Program Files\iTunes
2014-07-21 13:39 - 2014-07-21 13:40 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-21 13:39 - 2014-07-21 13:39 - 00000000 ____D () C:\Program Files\iPod
2014-07-19 18:22 - 2014-07-19 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2014-07-19 18:22 - 2014-07-19 18:22 - 00000000 ____D () C:\Program Files\Magic Bullet Looks Vegas
2014-07-17 21:20 - 2014-07-20 21:04 - 00001178 _____ () C:\Users\Josi\Desktop\Wichtige Bugfixes.txt
2014-07-16 21:58 - 2014-07-16 21:58 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-13 22:03 - 2014-07-19 18:28 - 00000054 _____ () C:\Users\Josi\AppData\Roaming\updater.cfg
2014-07-13 22:03 - 2014-07-13 22:03 - 00000000 ____D () C:\Users\Josi\AppData\Roaming\Red Giant Link
2014-07-13 22:01 - 2014-07-13 22:01 - 00000000 ____D () C:\Users\Josi\Downloads\MBL
2014-07-13 22:00 - 2014-07-13 22:00 - 91766264 _____ () C:\Users\Josi\Downloads\MBL.zip
2014-07-13 21:56 - 2014-07-13 21:56 - 00000000 ____D () C:\Users\Josi\AppData\Roaming\Red Giant
2014-07-13 21:56 - 2014-07-13 21:56 - 00000000 ____D () C:\ProgramData\Red Giant
2014-07-13 21:56 - 2014-07-13 21:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-13 21:56 - 2014-07-13 21:56 - 00000000 ____D () C:\Program Files (x86)\Red Giant Link
2014-07-13 21:55 - 2014-07-19 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2014-07-13 21:55 - 2014-07-19 18:22 - 00000000 ____D () C:\Program Files (x86)\Red Giant
2014-07-13 21:55 - 2014-07-19 18:22 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder
2014-07-13 21:55 - 2014-05-28 12:43 - 19911680 _____ (Red Giant LLC) C:\Windows\system32\MBLooksUI_x64.dll
2014-07-13 21:53 - 2014-07-13 21:53 - 00000000 ____D () C:\ProgramData\RedGiant
2014-07-13 21:52 - 2014-07-13 21:52 - 00000000 ____D () C:\Users\Josi\Downloads\CSuite_Win_Full
2014-07-13 21:47 - 2014-07-13 21:48 - 88248058 _____ () C:\Users\Josi\Downloads\CSuite_Win_Full.zip
2014-07-10 19:06 - 2014-07-10 19:08 - 00000231 _____ () C:\Users\Josi\Desktop\fragen user.txt
2014-07-10 16:57 - 2014-07-10 16:57 - 00005283 _____ () C:\Users\Josi\AppData\Local\recently-used.xbel
2014-07-10 16:36 - 2014-07-10 16:36 - 00008320 _____ () C:\Users\Josi\Desktop\_G_Cos_HSwimS00 Chocolate.dds
2014-07-10 16:35 - 2014-07-10 16:57 - 00032896 _____ () C:\Users\Josi\Desktop\_G_Cos_HSwimP00 Chocolate.dds
2014-07-10 16:35 - 2014-07-10 16:57 - 00032896 _____ () C:\Users\Josi\Desktop\_G_Cos_HSwimA00 Chocolate.dds
2014-07-09 17:51 - 2014-07-09 17:53 - 00304816 _____ () C:\Users\Josi\Downloads\Deorro - Bootie in your face.mp3.sfk
2014-07-09 10:29 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 10:29 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 10:29 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 10:29 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 10:29 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 10:29 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 10:29 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 10:29 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 10:29 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 10:29 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 10:29 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 10:29 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 10:29 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 10:29 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 10:29 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 10:29 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 10:29 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 10:29 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 10:29 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 10:29 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 10:29 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 10:29 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 10:28 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 10:28 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 10:28 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 10:28 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 10:28 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 10:28 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 10:28 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 10:28 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 10:28 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 10:28 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 10:28 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 10:28 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 10:28 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 10:28 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 10:28 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 10:28 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 10:28 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 10:28 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 10:28 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 10:28 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 10:28 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 10:28 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 10:28 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 10:28 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 10:28 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 10:28 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 10:28 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 10:28 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 10:28 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 10:28 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 10:28 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 10:28 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 10:28 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 10:28 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 10:28 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 10:28 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 10:28 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 10:28 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 10:28 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 10:28 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 10:28 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 10:28 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 10:28 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 10:28 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 10:28 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 10:28 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 10:28 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 10:28 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 10:28 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 10:28 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 10:28 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 10:28 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 10:28 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 10:28 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 10:28 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 10:28 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 10:27 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 10:27 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 10:27 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-07 23:08 - 2014-07-07 23:25 - 00000000 ____D () C:\Program Files\Yui Online
2014-07-07 20:58 - 2014-07-07 21:05 - 00273136 _____ () C:\Users\Josi\Downloads\Mike Candys - Anubis (Official Video HD).mp3.sfk
2014-07-06 15:25 - 2014-07-06 15:25 - 00521216 _____ () C:\Users\Josi\Downloads\Klima_08_Eiszeitalter.ppt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 00:44 - 2014-08-03 00:44 - 00021049 _____ () C:\Users\Josi\Desktop\FRST.txt
2014-08-03 00:44 - 2014-08-03 00:41 - 00000000 ____D () C:\FRST
2014-08-03 00:43 - 2012-06-28 17:08 - 00000000 ____D () C:\Users\Josi\AppData\Roaming\Skype
2014-08-03 00:39 - 2014-08-03 00:44 - 02094080 _____ (Farbar) C:\Users\Josi\Desktop\FRST64.exe
2014-08-03 00:39 - 2014-08-03 00:39 - 02094080 _____ (Farbar) C:\Users\Josi\Downloads\FRST64.exe
2014-08-03 00:30 - 2013-06-16 13:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-03 00:30 - 2012-07-16 19:57 - 00000000 ____D () C:\Users\Josi\AppData\Roaming\TS3Client
2014-08-03 00:18 - 2012-04-16 10:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-02 23:58 - 2012-07-26 18:45 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356741421-1262078198-2364291893-1001UA.job
2014-08-02 23:35 - 2013-05-11 14:30 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3356741421-1262078198-2364291893-1001UA.job
2014-08-02 23:30 - 2013-06-16 13:40 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-02 21:42 - 2012-07-05 18:29 - 01316161 _____ () C:\Windows\WindowsUpdate.log
2014-08-02 20:25 - 2012-12-20 14:18 - 00000000 ___RD () C:\Users\Josi\Dropbox
2014-08-02 20:03 - 2014-06-03 12:58 - 00011816 _____ () C:\Windows\setupact.log
2014-08-02 18:55 - 2012-06-28 17:08 - 00000000 ____D () C:\ProgramData\Skype
2014-08-02 18:38 - 2012-06-30 18:49 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-02 16:22 - 2013-02-17 04:43 - 00000000 ____D () C:\Users\Josi\Documents\Horizon
2014-08-02 14:35 - 2013-05-11 14:30 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3356741421-1262078198-2364291893-1001Core.job
2014-08-02 14:02 - 2009-07-14 06:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-02 14:02 - 2009-07-14 06:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-02 13:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-08-02 13:56 - 2012-12-20 14:16 - 00000000 ____D () C:\Users\Josi\AppData\Roaming\Dropbox
2014-08-02 13:55 - 2013-06-06 23:19 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-08-02 13:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-02 00:57 - 2012-07-26 18:45 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356741421-1262078198-2364291893-1001Core.job
2014-08-01 14:21 - 2014-06-03 12:58 - 00000604 _____ () C:\Windows\PFRO.log
2014-08-01 14:19 - 2014-03-09 15:04 - 00000000 ____D () C:\AdwCleaner
2014-08-01 14:15 - 2014-08-01 14:15 - 01361309 _____ () C:\Users\Josi\Downloads\adwcleaner_3.302.exe
2014-08-01 14:15 - 2012-07-02 23:40 - 00000000 ___RD () C:\Users\Josi\Desktop\Programme
2014-08-01 03:07 - 2014-08-01 03:07 - 00052312 _____ () C:\Users\Josi\Downloads\Shortcut.txt
2014-07-31 19:26 - 2014-07-31 19:26 - 00000000 ____D () C:\Users\Josi\Documents\Paradox
2014-07-31 18:55 - 2014-07-31 18:54 - 1610446077 _____ (Paradox Online ) C:\Users\Josi\Downloads\ParadoxSetup.exe
2014-07-30 23:46 - 2014-07-30 23:46 - 00000000 ____D () C:\Users\Josi\Downloads\ElophantClient
2014-07-30 23:45 - 2014-07-30 23:45 - 00992401 _____ () C:\Users\Josi\Downloads\ElophantClient.zip
2014-07-27 20:22 - 2014-07-27 20:22 - 00000275 _____ () C:\Users\Josi\Desktop\forum text.txt
2014-07-25 14:09 - 2013-03-14 01:58 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 14:09 - 2013-03-14 01:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 02:59 - 2013-03-14 01:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 16:25 - 2012-12-20 14:16 - 00000000 ____D () C:\Users\Josi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-21 13:40 - 2014-07-21 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-21 13:40 - 2014-07-21 13:39 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-21 13:40 - 2014-07-21 13:39 - 00000000 ____D () C:\Program Files\iTunes
2014-07-21 13:40 - 2014-07-21 13:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-21 13:39 - 2014-07-21 13:39 - 00000000 ____D () C:\Program Files\iPod
2014-07-20 23:03 - 2010-11-21 08:50 - 00775996 _____ () C:\Windows\system32\perfh007.dat
2014-07-20 23:03 - 2010-11-21 08:50 - 00176706 _____ () C:\Windows\system32\perfc007.dat
2014-07-20 23:03 - 2009-07-14 07:13 - 01813802 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 21:04 - 2014-07-17 21:20 - 00001178 _____ () C:\Users\Josi\Desktop\Wichtige Bugfixes.txt
2014-07-19 20:38 - 2014-03-30 22:56 - 00000000 ____D () C:\Users\Josi\Desktop\Hori Sachen
2014-07-19 18:28 - 2014-07-13 22:03 - 00000054 _____ () C:\Users\Josi\AppData\Roaming\updater.cfg
2014-07-19 18:22 - 2014-07-19 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2014-07-19 18:22 - 2014-07-19 18:22 - 00000000 ____D () C:\Program Files\Magic Bullet Looks Vegas
2014-07-19 18:22 - 2014-07-13 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2014-07-19 18:22 - 2014-07-13 21:55 - 00000000 ____D () C:\Program Files (x86)\Red Giant
2014-07-19 18:22 - 2014-07-13 21:55 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder
2014-07-19 18:22 - 2012-07-04 00:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-16 21:58 - 2014-07-16 21:58 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-15 15:58 - 2012-06-28 17:18 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-07-13 22:03 - 2014-07-13 22:03 - 00000000 ____D () C:\Users\Josi\AppData\Roaming\Red Giant Link
2014-07-13 22:01 - 2014-07-13 22:01 - 00000000 ____D () C:\Users\Josi\Downloads\MBL
2014-07-13 22:00 - 2014-07-13 22:00 - 91766264 _____ () C:\Users\Josi\Downloads\MBL.zip
2014-07-13 21:56 - 2014-07-13 21:56 - 00000000 ____D () C:\Users\Josi\AppData\Roaming\Red Giant
2014-07-13 21:56 - 2014-07-13 21:56 - 00000000 ____D () C:\ProgramData\Red Giant
2014-07-13 21:56 - 2014-07-13 21:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-13 21:56 - 2014-07-13 21:56 - 00000000 ____D () C:\Program Files (x86)\Red Giant Link
2014-07-13 21:55 - 2012-07-09 21:29 - 00000000 ____D () C:\Program Files\Sony
2014-07-13 21:53 - 2014-07-13 21:53 - 00000000 ____D () C:\ProgramData\RedGiant
2014-07-13 21:52 - 2014-07-13 21:52 - 00000000 ____D () C:\Users\Josi\Downloads\CSuite_Win_Full
2014-07-13 21:48 - 2014-07-13 21:47 - 88248058 _____ () C:\Users\Josi\Downloads\CSuite_Win_Full.zip
2014-07-11 14:37 - 2012-07-02 23:42 - 00000000 ____D () C:\Users\Josi\Desktop\Uni
2014-07-10 19:08 - 2014-07-10 19:06 - 00000231 _____ () C:\Users\Josi\Desktop\fragen user.txt
2014-07-10 16:57 - 2014-07-10 16:57 - 00005283 _____ () C:\Users\Josi\AppData\Local\recently-used.xbel
2014-07-10 16:57 - 2014-07-10 16:35 - 00032896 _____ () C:\Users\Josi\Desktop\_G_Cos_HSwimP00 Chocolate.dds
2014-07-10 16:57 - 2014-07-10 16:35 - 00032896 _____ () C:\Users\Josi\Desktop\_G_Cos_HSwimA00 Chocolate.dds
2014-07-10 16:57 - 2014-04-13 15:53 - 00000000 ____D () C:\Users\Josi\.gimp-2.8
2014-07-10 16:36 - 2014-07-10 16:36 - 00008320 _____ () C:\Users\Josi\Desktop\_G_Cos_HSwimS00 Chocolate.dds
2014-07-10 15:31 - 2014-04-13 15:56 - 00000000 ____D () C:\Users\Josi\AppData\Local\gtk-2.0
2014-07-10 14:32 - 2014-03-24 02:35 - 00000000 ____D () C:\Users\Josi\Desktop\Videoprojekte
2014-07-10 14:16 - 2009-07-14 06:45 - 00341784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 14:14 - 2014-05-07 00:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 14:14 - 2010-11-21 09:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 14:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 14:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 01:29 - 2013-07-16 00:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 01:27 - 2012-01-13 16:22 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 17:53 - 2014-07-09 17:51 - 00304816 _____ () C:\Users\Josi\Downloads\Deorro - Bootie in your face.mp3.sfk
2014-07-09 12:18 - 2012-04-16 10:33 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 12:18 - 2012-04-16 10:33 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 12:18 - 2012-01-13 15:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-07 23:25 - 2014-07-07 23:08 - 00000000 ____D () C:\Program Files\Yui Online
2014-07-07 21:05 - 2014-07-07 20:58 - 00273136 _____ () C:\Users\Josi\Downloads\Mike Candys - Anubis (Official Video HD).mp3.sfk
2014-07-06 15:25 - 2014-07-06 15:25 - 00521216 _____ () C:\Users\Josi\Downloads\Klima_08_Eiszeitalter.ppt

Some content of TEMP:
====================
C:\Users\Josi\AppData\Local\Temp\DivXSetup.exe
C:\Users\Josi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpocsxmr.dll
C:\Users\Josi\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Josi\AppData\Local\Temp\paint.net.4.0.install.exe
C:\Users\Josi\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 13:45

==================== End Of Log ============================
--- --- ---
 

Themen zu Browser öffnet ungewollt mehrere Tabs
adw-cleaner, avg, browser, browser tabs, gefunde, hacken, heute, hoffe, hunderte, komische, komischen, nichts, problem, schnelle, tab, troja, ungewollt, versuch, versucht, öffnet


« http://98uj8.de/s3brsn5ba66mgfzeinrum#noad öfnet sich hintereinander | Regsvr32 "Fehler beim Laden des Moduls" - Win 7 »


Ähnliche Themen: Browser öffnet ungewollt mehrere Tabs


  1. Chrome öffnet ungewollt Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 20.05.2015 (17)
  2. Browser öffnet ungewollt Werbetabs
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (1)
  3. Browser öffnet ungewollt tausende Tabs
    Plagegeister aller Art und deren Bekämpfung - 05.08.2014 (9)
  4. Windows 8: Firefox öffnet mehrere neue Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 21.07.2014 (9)
  5. Firefox öffnet ungewollt Tabs mit Werbung/Gewinnspielwebseiten
    Plagegeister aller Art und deren Bekämpfung - 15.07.2014 (9)
  6. Windows 8: Browser öffnet Werbung in Tabs
    Log-Analyse und Auswertung - 06.06.2014 (5)
  7. Firefox öffnet ungewollt neue Tabs/fenster. Kaspersky schlägt alarm
    Plagegeister aller Art und deren Bekämpfung - 27.03.2014 (7)
  8. Win 7: Browser öffnet Tabs automatisch
    Log-Analyse und Auswertung - 11.03.2014 (6)
  9. Internet zeigt seit ca 2 Tagen nur noch Werbung an und öffnet mehrere Tabs.
    Plagegeister aller Art und deren Bekämpfung - 14.02.2014 (6)
  10. Browser öffnet automatisch neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 29.01.2014 (11)
  11. Problem mit Windows 7 64 Bit -Firefox öffnet ungewollt Tabs mit der überschrift "ads" Proxyeinstellungen werden selbstständig geändert.
    Plagegeister aller Art und deren Bekämpfung - 16.06.2013 (9)
  12. Firefox öffnet ungewollt neue Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 16.05.2011 (1)
  13. Firefox öffnet ungewollt Werbe-Tabs / Systemperformance leidet scheinbar
    Log-Analyse und Auswertung - 20.11.2010 (16)
  14. Firefox öffnet ungewollt neue tabs oder leitet suchanfragen auf dubiose websites
    Plagegeister aller Art und deren Bekämpfung - 16.09.2010 (25)
  15. Firefox öffnet ungewollt immer neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 07.12.2009 (2)
  16. Browser öffnet sich ungewollt... Trojaner, Spyware & Co
    Log-Analyse und Auswertung - 27.05.2007 (2)
  17. Browser öffnet ungewollt automatisch Werbeseiten
    Log-Analyse und Auswertung - 26.05.2007 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Browser öffnet ungewollt mehrere Tabs - 2. Scan FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014 Ran by Josi (administrator) on JOSI-PC on 03-08-2014 00:44:08 Running - Browser öffnet ungewollt mehrere Tabs...
Archiv
Du betrachtest: Browser öffnet ungewollt mehrere Tabs auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131