Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Internet Exploer öffnet sich alle 10 sec (https://www.trojaner-board.de/156020-internet-exploer-oeffnet-alle-10-sec.html)

hummel16 03.07.2014 06:49
Internet Exploer öffnet sich alle 10 sec
 
Hallo mein exploer öffnet sich immer wieder.Chrome lässt sich öffnen läd aber nicht. Gestern funktionierte überhaupt kein Browser,das hab ich irgendwie wieder hinbekommen (Malewarebytes Anti Malware) hab ich runtergeladen und damit gescannt.Dieser hat ettliches unter quarantäne gestellt.Jetzt weiß ich nicht mehr weiter und trau mich auch nicht weiter.

schrauber 03.07.2014 06:51
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


hummel16 03.07.2014 07:06
Das funktioniert nicht. er zeigt mir an das ,das programm Schaden anrichten kann und lässt es nicht zu

Das funktioniert nicht .meldung; das programm kann schadhaft sein . Es wird nicht zugelassen.

schrauber 03.07.2014 12:28
wer zeigt das? Windows ansich? Ist das Windows 8?

auf mehr Informationen klicken, dann trotzdem zulassen.

hummel16 03.07.2014 18:31
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Robbert (administrator) on ROBBERT-PC on 03-07-2014 19:21:21
Running from C:\Users\Robbert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BI52R5J4
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Users\Robbert\AppData\Local\pgcchelper\pgcchelper.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\StCenter.exe
(Dropbox, Inc.) C:\Users\Robbert\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\FritzDsl.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_125_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\Run: [AppSafe] => C:\Program Files (x86)\AppSafe\AppSafe.exe
HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\Run: [pgcchelper] => C:\Users\Robbert\AppData\Local\pgcchelper\pgcchelper.exe [465920 2013-08-21] ()
HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\MountPoints2: {247770dd-abd4-11e2-a61b-001d72a7fe50} - E:\AutoRun.exe
HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\MountPoints2: {247770e7-abd4-11e2-a61b-001d72a7fe50} - E:\AutoRun.exe
HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\MountPoints2: {24777109-abd4-11e2-a61b-001d72a7fe50} - E:\AutoRun.exe
HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\MountPoints2: {8ba3cbab-0cce-11e2-a2d2-806e6f6e6963} - D:\start.exe
HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\MountPoints2: {bf8152aa-0cce-11e2-b334-001d72a7fe50} - H:\pushinst.exe
HKU\S-1-5-21-3790429394-736555554-1072420433-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Windows\Installer\{2457326B-C110-40C3-89B0-889CC913871A}\Icon2457326B4.exe ()
Startup: C:\Users\Robbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Robbert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Robbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk
ShortcutTarget: FRITZ!DSL Internet.lnk -> C:\Program Files (x86)\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3790429394-736555554-1072420433-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC0E3E946AE38CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1404334966&from=tugs&uid=395049983_1052451_E00FACB1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1404334966&from=tugs&uid=395049983_1052451_E00FACB1&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=117&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2313541273154401&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\nvLsp.dll [163840] (NVIDIA)
Winsock: Catalog9 02 C:\Windows\SysWOW64\nvLsp.dll [163840] (NVIDIA)
Winsock: Catalog9 03 C:\Windows\SysWOW64\nvLsp.dll [163840] (NVIDIA)
Winsock: Catalog9 14 C:\Windows\SysWOW64\nvLsp.dll [163840] (NVIDIA)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\nvLsp64.dll [189440] (NVIDIA)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\nvLsp64.dll [189440] (NVIDIA)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\nvLsp64.dll [189440] (NVIDIA)
Winsock: Catalog9-x64 14 %SYSTEMROOT%\system32\nvLsp64.dll [189440] (NVIDIA)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Robbert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Robbert\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)

==================== Services (Whitelisted) =================

R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [920064 2008-01-29] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-02] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-02] (globalUpdate) [File not signed]
R2 IGDCTRL; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [87344 2007-09-04] (AVM Berlin)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [193024 2008-01-29] () [File not signed]
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]

==================== Drivers (Whitelisted) ====================

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WINFLASH64; \??\C:\Users\Robbert\AppData\Local\Temp\Win R01-B0\WinFlash64.sys [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
R3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-03 19:19 - 2014-07-03 19:21 - 00000000 ____D () C:\FRST
2014-07-02 23:50 - 2014-07-03 06:43 - 00000000 ____D () C:\Program Files\Google
2014-07-02 23:29 - 2014-07-02 23:29 - 00004034 _____ () C:\Windows\System32\Tasks\LaunchApp
2014-07-02 23:18 - 2014-07-03 16:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 23:18 - 2014-07-02 23:18 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-02 23:18 - 2014-07-02 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-02 23:17 - 2014-07-02 23:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-02 23:17 - 2014-07-02 23:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 23:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 23:17 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 23:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-02 23:06 - 2014-07-02 23:06 - 00002033 _____ () C:\Users\Robbert\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-07-02 23:06 - 2014-07-02 23:06 - 00001977 _____ () C:\Users\Robbert\Desktop\Avira PC Cleaner.lnk
2014-07-02 23:04 - 2014-07-03 17:04 - 00001444 _____ () C:\Windows\Tasks\1f78799e-22da-4e38-a286-27db8fd501ff-5_user.job
2014-07-02 23:03 - 2014-07-03 17:08 - 00000930 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-02 23:03 - 2014-07-03 16:17 - 00000926 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-02 23:03 - 2014-07-02 23:03 - 00003928 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-07-02 23:03 - 2014-07-02 23:03 - 00003674 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-07-02 23:03 - 2014-07-02 23:03 - 00000000 ____D () C:\Users\Robbert\AppData\Local\pgcchelper
2014-07-02 22:41 - 2014-07-02 22:41 - 00002948 _____ () C:\Windows\System32\Tasks\{C0550BD3-1315-463F-9E58-4D2206E947A2}
2014-07-02 22:41 - 2014-07-02 22:41 - 00002948 _____ () C:\Windows\System32\Tasks\{7BFE39FC-B976-4E57-AB7F-5051470F7CCD}
2014-07-02 22:40 - 2014-07-02 22:40 - 00002948 _____ () C:\Windows\System32\Tasks\{BB3E4441-E795-410D-877A-8E706A444271}
2014-07-02 22:40 - 2014-07-02 22:40 - 00002948 _____ () C:\Windows\System32\Tasks\{22133002-1199-4DC9-9C13-B0CD88B9E0B7}
2014-07-02 22:39 - 2014-07-02 22:28 - 01073664 _____ (Farbar) C:\Users\Robbert\Desktop\FRST (4).exe
2014-07-02 21:29 - 2014-07-02 21:59 - 00000000 ____D () C:\Windows\pss
2014-07-02 21:27 - 2014-07-02 21:27 - 00005344 _____ () C:\Users\Robbert\Documents\NVIDIA System Information 07-02-2014 21-27-40.txt
2014-07-02 20:14 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-02 19:46 - 2014-07-02 19:46 - 00002970 _____ () C:\Windows\System32\Tasks\{F6601015-DA3F-4EB0-BA41-FE002E6C1E51}
2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Robbert\AppData\Local\NVIDIA
2014-06-22 20:13 - 2014-06-24 20:30 - 00000000 ____D () C:\Users\Robbert\Desktop\fortuna
2014-06-19 09:35 - 2014-06-19 11:00 - 00001664 _____ () C:\Windows\system32\ASOROSet.bin
2014-06-19 09:35 - 2014-06-19 09:35 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-06-19 09:26 - 2014-06-30 12:00 - 00000256 _____ () C:\Windows\Tasks\AppSafe.job
2014-06-19 09:26 - 2014-06-19 09:26 - 00002974 _____ () C:\Windows\System32\Tasks\AppSafe
2014-06-19 09:22 - 2014-07-02 23:40 - 00000000 ____D () C:\ProgramData\Systweak
2014-06-19 09:22 - 2014-07-02 22:42 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-19 09:22 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-06-19 09:21 - 2014-07-03 19:21 - 00000300 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-06-19 09:21 - 2014-07-02 23:44 - 00000000 ____D () C:\Program Files\004
2014-06-19 09:21 - 2014-07-02 23:40 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\RocketUpdater
2014-06-19 09:21 - 2014-06-19 10:22 - 00000300 _____ () C:\Windows\Tasks\AppCloudUpdater.job
2014-06-19 09:21 - 2014-06-19 09:21 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-19 09:21 - 2014-06-19 09:21 - 00003248 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-06-19 09:21 - 2014-06-19 09:21 - 00003248 _____ () C:\Windows\System32\Tasks\AppCloudUpdater
2014-06-19 09:21 - 2014-06-19 09:21 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\AppCloudUpdater
2014-06-19 00:14 - 2014-06-19 00:14 - 02953520 _____ (AVAST Software) C:\Users\Robbert\Downloads\avast-browser-cleanup_9.0.0.224 (2).exe
2014-06-18 12:10 - 2014-07-02 19:40 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-18 12:09 - 2014-06-18 12:09 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Robbert\Downloads\avira_de_av___ws (1).exe
2014-06-18 12:08 - 2014-06-18 12:09 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Robbert\Downloads\avira_de_av___ws.exe
2014-06-18 11:42 - 2014-06-18 11:44 - 27641968 _____ (Opera Software ASA) C:\Users\Robbert\Downloads\Opera_22.0.1471.70_Setup.exe
2014-06-17 19:42 - 2014-06-17 19:42 - 02953520 _____ (AVAST Software) C:\Users\Robbert\Downloads\avast-browser-cleanup_9.0.0.224 (1).exe
2014-06-17 19:06 - 2014-06-17 19:06 - 00000000 ____D () C:\Program Files (x86)\saVoernet
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-15 10:59 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-15 10:59 - 2014-06-15 11:00 - 00000000 ____D () C:\Program Files\iTunes
2014-06-15 10:59 - 2014-06-15 11:00 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-15 10:59 - 2014-06-15 10:59 - 00000000 ____D () C:\Program Files\iPod
2014-06-15 10:49 - 2014-06-17 19:09 - 00000000 ____D () C:\ProgramData\saVoernet
2014-06-13 18:38 - 2014-06-13 18:49 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\.technic
2014-06-13 18:37 - 2014-06-13 18:37 - 02346942 _____ () C:\Users\Robbert\Desktop\TechnicLauncher.exe
2014-06-11 07:24 - 2014-05-08 11:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 07:24 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 07:24 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 07:24 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 07:24 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 07:24 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 07:24 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 07:24 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 07:24 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 07:24 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 07:24 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 07:24 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 07:24 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 07:23 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 07:23 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 07:23 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 07:23 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 07:23 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 07:23 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 07:23 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 07:23 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 07:23 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 07:23 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 07:23 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 07:23 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 07:23 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 07:23 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 07:23 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 07:23 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 07:23 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 07:23 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 07:23 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 07:23 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 07:23 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 07:23 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 07:23 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 07:23 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 07:23 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 07:23 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 07:23 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 07:23 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 07:23 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 07:23 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 07:23 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 07:23 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 07:23 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 07:23 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 07:23 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 07:23 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 07:23 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 07:23 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 07:23 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 07:23 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 07:23 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 07:23 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 07:23 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 07:23 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 07:23 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 07:23 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 07:23 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 07:23 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 07:23 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 07:23 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 07:23 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 07:22 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 07:19 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 07:19 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

2014-07-03 19:21 - 2014-07-03 19:19 - 00000000 ____D () C:\FRST
2014-07-03 19:21 - 2014-06-19 09:21 - 00000300 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-07-03 19:12 - 2013-06-21 16:23 - 00000000 ____D () C:\Users\Robbert\AppData\Local\LogMeIn Hamachi
2014-07-03 19:12 - 2012-10-24 12:59 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\Skype
2014-07-03 18:38 - 2013-02-04 21:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 18:26 - 2013-08-17 12:26 - 00000298 _____ () C:\Windows\Tasks\Dealply.job
2014-07-03 17:08 - 2014-07-02 23:03 - 00000930 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-03 17:04 - 2014-07-02 23:04 - 00001444 _____ () C:\Windows\Tasks\1f78799e-22da-4e38-a286-27db8fd501ff-5_user.job
2014-07-03 16:40 - 2012-10-23 18:34 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\.minecraft
2014-07-03 16:32 - 2014-07-02 23:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 16:26 - 2012-10-02 21:57 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{ABDF2FAD-69E7-4EB6-8595-43985A6C8C14}
2014-07-03 16:24 - 2009-07-14 06:45 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-03 16:24 - 2009-07-14 06:45 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 16:20 - 2008-01-05 22:30 - 01361266 _____ () C:\Windows\WindowsUpdate.log
2014-07-03 16:19 - 2013-08-21 00:25 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\Dropbox
2014-07-03 16:18 - 2014-05-03 15:23 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\DropboxMaster
2014-07-03 16:18 - 2013-08-21 00:28 - 00000000 ___RD () C:\Users\Robbert\Dropbox
2014-07-03 16:18 - 2009-07-14 06:51 - 00214874 _____ () C:\Windows\setupact.log
2014-07-03 16:17 - 2014-07-02 23:03 - 00000926 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-03 16:17 - 2012-10-02 22:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-03 16:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-03 13:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-03 13:19 - 2012-10-05 15:51 - 00000000 ____D () C:\Users\Robbert\AppData\Local\Google
2014-07-03 13:19 - 2012-10-05 15:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-03 09:21 - 2014-05-23 21:09 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-03 06:43 - 2014-07-02 23:50 - 00000000 ____D () C:\Program Files\Google
2014-07-03 06:43 - 2012-10-02 22:20 - 01761990 _____ () C:\Windows\PFRO.log
2014-07-02 23:49 - 2013-02-04 21:18 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-02 23:49 - 2013-02-04 21:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-02 23:49 - 2013-02-04 21:18 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-02 23:44 - 2014-06-19 09:21 - 00000000 ____D () C:\Program Files\004
2014-07-02 23:40 - 2014-06-19 09:22 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-02 23:40 - 2014-06-19 09:21 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\RocketUpdater
2014-07-02 23:40 - 2014-05-25 22:32 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\systweak
2014-07-02 23:40 - 2014-05-25 22:30 - 00000000 ____D () C:\temp
2014-07-02 23:40 - 2014-01-10 15:49 - 00000000 ____D () C:\Program Files (x86)\VideoPlayerV3
2014-07-02 23:40 - 2013-12-05 11:30 - 00000000 ____D () C:\Users\Robbert\AppData\Local\SwvUpdater
2014-07-02 23:30 - 2012-10-24 10:16 - 00000000 ____D () C:\Users\Robbert\AppData\Local\CrashDumps
2014-07-02 23:29 - 2014-07-02 23:29 - 00004034 _____ () C:\Windows\System32\Tasks\LaunchApp
2014-07-02 23:18 - 2014-07-02 23:18 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-02 23:18 - 2014-07-02 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-02 23:18 - 2014-07-02 23:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-02 23:17 - 2014-07-02 23:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 23:06 - 2014-07-02 23:06 - 00002033 _____ () C:\Users\Robbert\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-07-02 23:06 - 2014-07-02 23:06 - 00001977 _____ () C:\Users\Robbert\Desktop\Avira PC Cleaner.lnk
2014-07-02 23:03 - 2014-07-02 23:03 - 00003928 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-07-02 23:03 - 2014-07-02 23:03 - 00003674 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-07-02 23:03 - 2014-07-02 23:03 - 00000000 ____D () C:\Users\Robbert\AppData\Local\pgcchelper
2014-07-02 23:02 - 2012-10-02 22:05 - 00001623 _____ () C:\Users\Robbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 22:42 - 2014-06-19 09:22 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-07-02 22:41 - 2014-07-02 22:41 - 00002948 _____ () C:\Windows\System32\Tasks\{C0550BD3-1315-463F-9E58-4D2206E947A2}
2014-07-02 22:41 - 2014-07-02 22:41 - 00002948 _____ () C:\Windows\System32\Tasks\{7BFE39FC-B976-4E57-AB7F-5051470F7CCD}
2014-07-02 22:40 - 2014-07-02 22:40 - 00002948 _____ () C:\Windows\System32\Tasks\{BB3E4441-E795-410D-877A-8E706A444271}
2014-07-02 22:40 - 2014-07-02 22:40 - 00002948 _____ () C:\Windows\System32\Tasks\{22133002-1199-4DC9-9C13-B0CD88B9E0B7}
2014-07-02 22:28 - 2014-07-02 22:39 - 01073664 _____ (Farbar) C:\Users\Robbert\Desktop\FRST (4).exe
2014-07-02 21:59 - 2014-07-02 21:29 - 00000000 ____D () C:\Windows\pss
2014-07-02 21:36 - 2014-05-22 10:21 - 00222208 ___SH () C:\Users\Robbert\Desktop\Thumbs.db
2014-07-02 21:27 - 2014-07-02 21:27 - 00005344 _____ () C:\Users\Robbert\Documents\NVIDIA System Information 07-02-2014 21-27-40.txt
2014-07-02 20:15 - 2012-11-17 21:25 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-02 19:52 - 2012-10-02 22:02 - 00000000 __SHD () C:\Recovery
2014-07-02 19:46 - 2014-07-02 19:46 - 00002970 _____ () C:\Windows\System32\Tasks\{F6601015-DA3F-4EB0-BA41-FE002E6C1E51}
2014-07-02 19:40 - 2014-06-18 12:10 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-02 19:36 - 2012-10-02 22:03 - 00000000 ____D () C:\Users\Robbert
2014-07-02 19:34 - 2012-10-02 22:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-02 19:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-07-01 22:02 - 2012-11-01 23:02 - 00000211 _____ () C:\ProgramData\acer.zip
2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Robbert\AppData\Local\NVIDIA
2014-07-01 20:28 - 2012-11-17 21:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-30 17:30 - 2012-10-03 08:05 - 00697272 _____ () C:\Windows\system32\perfh007.dat
2014-06-30 17:30 - 2012-10-03 08:05 - 00149240 _____ () C:\Windows\system32\perfc007.dat
2014-06-30 17:30 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-30 12:00 - 2014-06-19 09:26 - 00000256 _____ () C:\Windows\Tasks\AppSafe.job
2014-06-29 12:28 - 2014-02-24 17:48 - 00000000 ____D () C:\Program Files (x86)\Brick-Force
2014-06-28 14:50 - 2013-12-21 15:49 - 00000768 _____ () C:\extensions.ini
2014-06-28 14:49 - 2014-01-29 20:49 - 00001632 __RSH () C:\ProgramData\ntuser.pol
2014-06-28 14:49 - 2013-03-27 21:48 - 00000680 __RSH () C:\Users\Robbert\ntuser.pol
2014-06-24 20:49 - 2014-05-14 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-24 20:49 - 2014-05-14 13:48 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-24 20:49 - 2013-06-21 16:22 - 00000886 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-06-24 20:30 - 2014-06-22 20:13 - 00000000 ____D () C:\Users\Robbert\Desktop\fortuna
2014-06-19 11:00 - 2014-06-19 09:35 - 00001664 _____ () C:\Windows\system32\ASOROSet.bin
2014-06-19 11:00 - 2009-07-14 04:34 - 73924608 _____ () C:\Windows\system32\config\software.bak
2014-06-19 11:00 - 2009-07-14 04:34 - 19660800 _____ () C:\Windows\system32\config\system.bak
2014-06-19 11:00 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-06-19 10:49 - 2009-07-14 04:34 - 00028672 _____ () C:\Windows\system32\config\sam.bak
2014-06-19 10:22 - 2014-06-19 09:21 - 00000300 _____ () C:\Windows\Tasks\AppCloudUpdater.job
2014-06-19 09:35 - 2014-06-19 09:35 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-06-19 09:34 - 2012-10-20 13:08 - 00000000 ____D () C:\Users\Robbert\Desktop\fotos sabine
2014-06-19 09:33 - 2014-05-23 20:57 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\Opera Software
2014-06-19 09:33 - 2014-05-23 20:57 - 00000000 ____D () C:\Users\Robbert\AppData\Local\Opera Software
2014-06-19 09:33 - 2014-05-23 20:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-19 09:26 - 2014-06-19 09:26 - 00002974 _____ () C:\Windows\System32\Tasks\AppSafe
2014-06-19 09:21 - 2014-06-19 09:21 - 00003332 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-19 09:21 - 2014-06-19 09:21 - 00003248 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-06-19 09:21 - 2014-06-19 09:21 - 00003248 _____ () C:\Windows\System32\Tasks\AppCloudUpdater
2014-06-19 09:21 - 2014-06-19 09:21 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\AppCloudUpdater
2014-06-19 00:14 - 2014-06-19 00:14 - 02953520 _____ (AVAST Software) C:\Users\Robbert\Downloads\avast-browser-cleanup_9.0.0.224 (2).exe
2014-06-18 23:14 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-18 12:25 - 2013-03-01 23:47 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-06-18 12:09 - 2014-06-18 12:09 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Robbert\Downloads\avira_de_av___ws (1).exe
2014-06-18 12:09 - 2014-06-18 12:08 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Robbert\Downloads\avira_de_av___ws.exe
2014-06-18 11:44 - 2014-06-18 11:42 - 27641968 _____ (Opera Software ASA) C:\Users\Robbert\Downloads\Opera_22.0.1471.70_Setup.exe
2014-06-17 20:35 - 2013-07-12 18:21 - 00000000 ____D () C:\Users\Robbert\Desktop\rob
2014-06-17 19:42 - 2014-06-17 19:42 - 02953520 _____ (AVAST Software) C:\Users\Robbert\Downloads\avast-browser-cleanup_9.0.0.224 (1).exe
2014-06-17 19:09 - 2014-06-15 10:49 - 00000000 ____D () C:\ProgramData\saVoernet
2014-06-17 19:06 - 2014-06-17 19:06 - 00000000 ____D () C:\Program Files (x86)\saVoernet
2014-06-17 19:06 - 2014-05-25 21:02 - 00000000 ____D () C:\ProgramData\dc0d85ca23a2490b
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-15 11:00 - 2014-06-15 10:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-15 11:00 - 2014-06-15 10:59 - 00000000 ____D () C:\Program Files\iTunes
2014-06-15 11:00 - 2014-06-15 10:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-15 11:00 - 2014-01-03 16:59 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-15 10:59 - 2014-06-15 10:59 - 00000000 ____D () C:\Program Files\iPod
2014-06-15 10:55 - 2014-01-03 16:56 - 00000000 ____D () C:\ProgramData\Apple
2014-06-13 18:49 - 2014-06-13 18:38 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\.technic
2014-06-13 18:37 - 2014-06-13 18:37 - 02346942 _____ () C:\Users\Robbert\Desktop\TechnicLauncher.exe
2014-06-13 18:29 - 2012-10-24 12:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-13 18:29 - 2012-10-24 12:59 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 16:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-11 10:44 - 2013-08-15 00:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 10:42 - 2012-10-03 09:04 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 10:42 - 2012-10-03 08:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 10:39 - 2014-05-07 00:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-08 11:13 - 2014-06-11 07:19 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 07:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 17:55 - 2012-11-01 18:47 - 00000000 ____D () C:\Users\Robbert\AppData\Local\PokerStars.EU
2014-06-04 14:25 - 2013-11-27 18:23 - 00000000 ____D () C:\Users\Robbert\Desktop\Luc Musik

Files to move or delete:
====================
C:\Users\Robbert\AppData\Roaming\skype.ini


Some content of TEMP:
====================
C:\Users\Robbert\AppData\Local\Temp\avgnt.exe
C:\Users\Robbert\AppData\Local\Temp\BackupSetup.exe
C:\Users\Robbert\AppData\Local\Temp\bdfilters.dll
C:\Users\Robbert\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7rtnwz.dll
C:\Users\Robbert\AppData\Local\Temp\FileSystemView.dll
C:\Users\Robbert\AppData\Local\Temp\htmlayout.dll
C:\Users\Robbert\AppData\Local\Temp\IrsoDLL.dll
C:\Users\Robbert\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-35-g4176258-b2824jnks.dll
C:\Users\Robbert\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-b2879jnks.dll
C:\Users\Robbert\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-b2974jnks.dll
C:\Users\Robbert\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Robbert\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Robbert\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Robbert\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Robbert\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Robbert\AppData\Local\Temp\pyl1F52.tmp.exe
C:\Users\Robbert\AppData\Local\Temp\QtraxNotification.exe
C:\Users\Robbert\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Robbert\AppData\Local\Temp\Softonic_DE_1-5-9_DE-Production_10_CleanRelease.exe
C:\Users\Robbert\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Robbert\AppData\Local\Temp\uninstall40717103.exe
C:\Users\Robbert\AppData\Local\Temp\uninstall40717118.exe
C:\Users\Robbert\AppData\Local\Temp\Uninstaller-4828.exe
C:\Users\Robbert\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Robbert\AppData\Local\Temp\_is91E2.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 12:47

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Robbert at 2014-07-03 19:22:50
Running from C:\Users\Robbert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BI52R5J4
Boot Mode: Normal
==========================================================

Ganz Lieben Dank erstmal für deine Hilfe und Gedult!! Hoffe ich hab das alles richtig gemacht......
==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!DSL (HKLM-x32\...\{2457326B-C110-40C3-89B0-889CC913871A}) (Version: 2.04.02 - AVM Berlin)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.8.7.347 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.13.294.84.14 - Infernum Productions AG)
CD Audio Reader Filter (remove only) (HKLM-x32\...\CD Audio Reader Filter) (Version:  - )
Craften Terminal 3.3.4897.28268 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.3.4897.28268 - Craften Dev Team)
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version:  - )
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
DScaler 5 Mpeg Decoders (HKLM-x32\...\DScaler 5 Mpeg Decoders_is1) (Version:  - )
Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
Gabest MPEG Splitter (remove only) (HKLM-x32\...\Gabest MPEG Splitter) (Version:  - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LAV Filters 0.61.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.61.1 - Hendrik Leppkes)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
MadVR (remove only) (HKLM-x32\...\MadVR) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Minecraft Texturepack Editor (HKLM-x32\...\Minecraft Texturepack Editor) (Version:  - )
MyTomTom 3.2.0.802 (HKLM-x32\...\MyTomTom) (Version: 3.2.0.802 - TomTom)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version:  - )
NVIDIA ForceWare Network Access Manager (Version: 1.00.6776 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
OpenSource AVI Splitter (remove only) (HKLM-x32\...\OpenSource AVI Splitter) (Version:  - )
OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM-x32\...\OpenSource DTS/AC3/DD+ Source Filter) (Version:  - )
OpenSource Flash Video Splitter (remove only) (HKLM-x32\...\OpenSource Flash Video Splitter) (Version:  - )
PC Camera (0022.2009.1125.1004) (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.22.09 - PixArt)
pgcchelper (HKCU\...\pgcchelper) (Version:  - )
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Qtrax Player (HKCU\...\1538041761.portal.qtrax.com) (Version:  - portal.qtrax.com)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_STANDARD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Yontoo 1.10.03 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.03 - Yontoo LLC) <==== ATTENTION

==================== Restore Points  =========================

28-06-2014 13:31:56 Windows Update
01-07-2014 18:18:49 Windows Update
02-07-2014 17:06:52 Wiederherstellungsvorgang
02-07-2014 18:08:09 Windows Update
02-07-2014 18:33:52 Wiederherstellungsvorgang
02-07-2014 21:18:45 Avira PC Cleaner - 02.07.2014 23:18

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01F42DF4-7C62-422A-B492-4651212BA68A} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {06BD198C-5829-450F-B353-094A511056F8} - System32\Tasks\{C0550BD3-1315-463F-9E58-4D2206E947A2} => C:\Users\Robbert\Desktop\FRST (4).exe [2014-07-02] (Farbar)
Task: {0BDAD588-513D-46D9-BEF2-E36B70283CBA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {10895922-3DB2-4F05-A5A5-0154B2B7F7EA} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {1496255B-7A8C-4097-8414-199813CC2E30} - System32\Tasks\{0795F34F-0E1E-4967-ABD4-1730201A6EF6} => C:\Users\Robbert\Desktop\MinecraftSP.exe
Task: {1CE90770-65C6-46C0-A90F-AFC4B6AFD4F7} - System32\Tasks\{D8BE492D-0AFD-4FA4-BA4A-51AEE892C0BD} => C:\Users\Robbert\Desktop\MinecraftSP.exe
Task: {4F1B0B51-C018-4A77-B94B-E4DC86697819} - System32\Tasks\1f78799e-22da-4e38-a286-27db8fd501ff-5_user => C:\Program Files (x86)\HDube-V1.6\1f78799e-22da-4e38-a286-27db8fd501ff-5.exe
Task: {5015632F-9016-468C-8EC6-4356FD1CF858} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-02] (globalUpdate) <==== ATTENTION
Task: {543FEDAC-3315-44D8-B073-B6D7B2673048} - System32\Tasks\AppSafe => C:\Program Files (x86)\AppSafe\AppSafe.exe <==== ATTENTION
Task: {571FE8C6-9F6A-46E7-814C-35CFC6B661EA} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {5866031E-5F3F-43D8-B13A-411F6A372FE2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-02] (Adobe Systems Incorporated)
Task: {5C3E5AFC-4E97-4FB7-87AB-191E8B184A3F} - System32\Tasks\AppCloudUpdater => C:\Users\Robbert\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {5C70FA13-8DE6-4A27-AE74-C2BE64FBD2C4} - \DealPly No Task File <==== ATTENTION
Task: {6A4C067F-EF3F-4F35-B19B-72A6282E7620} - System32\Tasks\{A4CC2600-52B1-4F9B-91A5-6A813CF3B0A1} => Chrome.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {7447B30A-F202-4180-B27D-7E695198C3EF} - System32\Tasks\{841CC984-1C89-48F8-8782-90E820476BEE} => C:\Users\Robbert\Desktop\MinecraftSP.exe
Task: {809617FE-FB4F-4648-A245-9A26C1AE0640} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {8D74B56F-DF17-4A0F-BB9D-F8B3D2BFA741} - System32\Tasks\Rocket Updater => C:\Users\Robbert\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {90AEC0EF-09F1-43D2-9066-E662875C3ED0} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {A9A6AD19-63E4-46B5-8533-8D69722A7B0C} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION
Task: {B485C14A-A8F1-4ABD-B415-7A1CDAAB9628} - System32\Tasks\{22133002-1199-4DC9-9C13-B0CD88B9E0B7} => C:\Users\Robbert\Desktop\FRST (4).exe [2014-07-02] (Farbar)
Task: {C34EAF0D-4576-45BE-96E0-DE3A81F56D92} - System32\Tasks\{F6601015-DA3F-4EB0-BA41-FE002E6C1E51} => C:\Program Files (x86)\Java\jre7\bin\javacpl.exe [2014-04-14] (Oracle Corporation)
Task: {C8469267-6C6F-452A-89A8-4656D8FCFB2A} - System32\Tasks\{44396B3C-EB1D-4609-8CE6-F58E67F2B5E9} => C:\Users\Robbert\Desktop\MinecraftSP.exe
Task: {DF568020-6768-4053-BE61-FFD1E02EE2BD} - System32\Tasks\{1A641EA5-9CE2-42E8-8CA1-BEF11A5E8FC5} => C:\Users\Robbert\Desktop\MinecraftSP.exe
Task: {E2F16C7B-20D2-4884-BC61-4317B7231538} - System32\Tasks\{7BFE39FC-B976-4E57-AB7F-5051470F7CCD} => C:\Users\Robbert\Desktop\FRST (4).exe [2014-07-02] (Farbar)
Task: {E7DF9097-FA49-47B7-88A5-129FC8C3E959} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-02] (globalUpdate) <==== ATTENTION
Task: {EAD77AAD-B78D-41CF-95DA-E70239D963F1} - System32\Tasks\DSite => C:\Users\Robbert\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {FAC2106E-0C80-49BB-BDBC-45B26E2BABDF} - System32\Tasks\{BB3E4441-E795-410D-877A-8E706A444271} => C:\Users\Robbert\Desktop\FRST (4).exe [2014-07-02] (Farbar)
Task: C:\Windows\Tasks\1f78799e-22da-4e38-a286-27db8fd501ff-5_user.job => C:\Program Files (x86)\HDube-V1.6\1f78799e-22da-4e38-a286-27db8fd501ff-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AppCloudUpdater.job => C:\Users\Robbert\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\AppSafe.job => C:\Program Files (x86)\AppSafe\AppSafe.exe <==== ATTENTION
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Robbert\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DSite.job => C:\Users\Robbert\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Robbert\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-11-17 21:24 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-01-29 12:25 - 2008-01-29 12:25 - 00920064 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2008-01-29 12:17 - 2008-01-29 12:17 - 00115200 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2008-01-29 12:18 - 2008-01-29 12:18 - 00610816 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2008-01-29 12:24 - 2008-01-29 12:24 - 00193024 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2013-08-21 08:37 - 2013-08-21 08:37 - 00465920 _____ () C:\Users\Robbert\AppData\Local\pgcchelper\pgcchelper.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-03 16:18 - 2014-07-03 16:18 - 00043008 _____ () c:\users\robbert\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7rtnwz.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Robbert\AppData\Roaming\Dropbox\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Robbert\Desktop\2014-03-30 15.20.01.mp4:com.dropbox.attributes
AlternateDataStreams: C:\Users\Robbert\Documents\2013-09-28 03.34.59.jpg:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2014 06:56:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9797

Error: (07/03/2014 06:56:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9797

Error: (07/03/2014 06:56:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2014 11:30:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153, Zeitstempel: 0x538fb354
Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153, Zeitstempel: 0x538fb051
Ausnahmecode: 0x80000003
Fehleroffset: 0x00485166
ID des fehlerhaften Prozesses: 0x1b14
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (07/02/2014 11:08:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153, Zeitstempel: 0x538fb354
Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153, Zeitstempel: 0x538fb051
Ausnahmecode: 0x80000003
Fehleroffset: 0x00485166
ID des fehlerhaften Prozesses: 0x16a0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (07/02/2014 11:05:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17126, Zeitstempel: 0x53883991
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011d06
ID des fehlerhaften Prozesses: 0x14d0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (07/02/2014 11:05:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17126, Zeitstempel: 0x53883991
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011d06
ID des fehlerhaften Prozesses: 0x1640
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (07/02/2014 11:04:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153, Zeitstempel: 0x538fb354
Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153, Zeitstempel: 0x538fb051
Ausnahmecode: 0x80000003
Fehleroffset: 0x00485166
ID des fehlerhaften Prozesses: 0x1574
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (07/02/2014 11:04:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 35.0.1916.153, Zeitstempel: 0x538fb354
Name des fehlerhaften Moduls: chrome.dll, Version: 35.0.1916.153, Zeitstempel: 0x538fb051
Ausnahmecode: 0x80000003
Fehleroffset: 0x00485166
ID des fehlerhaften Prozesses: 0x30c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (07/02/2014 11:03:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882d40
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005339d
ID des fehlerhaften Prozesses: 0x1668
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3


System errors:
=============
Error: (07/03/2014 04:17:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/03/2014 06:43:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/03/2014 00:25:53 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/03/2014 00:25:53 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/03/2014 00:25:53 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/03/2014 00:25:53 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/02/2014 11:48:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/02/2014 11:48:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (07/02/2014 11:45:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/02/2014 11:42:41 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy1" den Befehl "chkdsk" aus.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 31%
Total physical RAM: 3838.55 MB
Available physical RAM: 2610.29 MB
Total Pagefile: 7675.28 MB
Available Pagefile: 5793 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:369.27 GB) NTFS
Drive d: (20130207_103315) (CDROM) (Total:0.65 GB) (Free:0 GB) CDFS
Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4B1F2B60)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

Ganz liebe Dank erstmal für deine Hilfe und Gedult......

schrauber 04.07.2014 13:11
Adware & Co. deinstallieren

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

hummel16 04.07.2014 18:22
Hmm, habe den Revo Uninstaller gestartet ,er zeigt mir auch alle Programme an....aber keine mit dem Zusatz "Attention" Unter Ansicht und Details auch nicht (müsste doch unter den Kommentaren sein?) Lieben Dank! Möchte ja auch nichts falsch machen :dankeschoen:

schrauber 05.07.2014 18:06
genau lesen, den Zusatz findest du in der Addition.txt von FRST ;)


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:01 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131