Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Ständige ominöse Update-Aufforderung bei jedem Klick

Ständige ominöse Update-Aufforderung bei jedem Klick


Plagegeister aller Art und deren Bekämpfung: Ständige ominöse Update-Aufforderung bei jedem Klick

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.02.2014, 19:59   #1
Pinsel181
 
Ständige ominöse Update-Aufforderung bei jedem Klick - Standard

Ständige ominöse Update-Aufforderung bei jedem Klick



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Pimo (administrator) on PIMO-PC on 08-02-2014 19:57:33
Running from C:\Users\Pimo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\IntelAppStore\bin\ismagent.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\StarOffice6.0\program\soffice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\IntelAppStore\bin\AppUp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
(Google Inc.) C:\Users\Pimo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pimo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pimo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pimo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pimo\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-12-11] (CANON INC.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-06-22] (EasyBits Software AS)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] ()
HKLM-x32\...\Run: [Intel AppUp(SM) center Systray] - C:\Program Files (x86)\Intel\IntelAppStore\IntelAppStore\bin\AppUp.exe [928992 2013-07-04] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\IntelAppStore\bin\ismagent.exe [156000 2013-07-04] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center_Nagware] - C:\Program Files (x86)\Intel\IntelAppStore\IntelAppStore\bin\AppUp.lnk [2393 2013-08-21] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\IntelAppStore\bin\ismagent.exe [156000 2013-07-04] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center Systray] - C:\Program Files (x86)\Intel\IntelAppStore\IntelAppStore\bin\AppUp.exe [928992 2013-07-04] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Magic Desktop for HP notification] - C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-22] (Easybits)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
HKU\S-1-5-21-3217002767-4023139414-936112289-1000\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1095000 2013-11-08] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3217002767-4023139414-936112289-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKU\S-1-5-21-3217002767-4023139414-936112289-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3217002767-4023139414-936112289-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Pimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Pimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 6.0.lnk
ShortcutTarget: StarOffice 6.0.lnk -> C:\Program Files (x86)\StarOffice6.0\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0D1A8C7E-0F24-41AE-9717-C7D9257516A7} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0D1A8C7E-0F24-41AE-9717-C7D9257516A7} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM - {3C6AB551-8FFE-4682-9D23-774948990956} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {DA80A705-2529-4DE3-9190-7FF8F2293099} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 - {DA80A705-2529-4DE3-9190-7FF8F2293099} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKCU - DefaultScope {0D1A8C7E-0F24-41AE-9717-C7D9257516A7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {0D1A8C7E-0F24-41AE-9717-C7D9257516A7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {9AEC165A-9B66-4447-8BEE-B7C61348CA3B} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {DA80A705-2529-4DE3-9190-7FF8F2293099} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-10-14] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Pimo\AppData\Roaming\Mozilla\Firefox\Profiles\nwngsudc.default
FF DefaultSearchEngine: Ask.com
FF SelectedSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Pimo\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Pimo\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Intel\IntelAppStore\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmidas.dll (Midasplayer Ltd)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Personas - C:\Users\Pimo\AppData\Roaming\Mozilla\Firefox\Profiles\nwngsudc.default\Extensions\personas@christopher.beard [2011-03-12]
FF Extension: FastestFox - C:\Users\Pimo\AppData\Roaming\Mozilla\Firefox\Profiles\nwngsudc.default\Extensions\smarterwiki@wikiatic.com [2011-04-25]
FF Extension: No Name - C:\Users\Pimo\AppData\Roaming\Mozilla\Firefox\Profiles\nwngsudc.default\Extensions\staged [2014-01-24]
FF Extension: Blu Canidae - C:\Users\Pimo\AppData\Roaming\Mozilla\Firefox\Profiles\nwngsudc.default\Extensions\{3926fb20-4bea-11de-8a39-0800200c9a66} [2010-01-16]
FF Extension: AmbientFox - C:\Users\Pimo\AppData\Roaming\Mozilla\Firefox\Profiles\nwngsudc.default\Extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9} [2010-03-21]
FF Extension: AniWeather - C:\Users\Pimo\AppData\Roaming\Mozilla\Firefox\Profiles\nwngsudc.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2011-05-14]
FF Extension: Adblock Plus - C:\Users\Pimo\AppData\Roaming\Mozilla\Firefox\Profiles\nwngsudc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-07-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-08-07]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-10-22]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-01-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-02-16]

Chrome: 
=======
CHR DefaultSearchURL: hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Pimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-02]
CHR Extension: (Google Drive) - C:\Users\Pimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-02]
CHR Extension: (YouTube) - C:\Users\Pimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-02]
CHR Extension: (Google-Suche) - C:\Users\Pimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-02]
CHR Extension: (Google Wallet) - C:\Users\Pimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Pimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-02]
CHR StartMenuInternet: Google Chrome - C:\Users\Pimo\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896056 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-11-08] (Garmin Ltd or its subsidiaries)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [559552 2013-08-08] (RealNetworks, Inc.)
R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-01-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-01-24] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-10-20] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-08 19:57 - 2014-02-08 19:57 - 00021125 _____ () C:\Users\Pimo\Downloads\FRST.txt
2014-02-08 19:57 - 2014-02-08 19:57 - 00000000 ____D () C:\FRST
2014-02-08 19:56 - 2014-02-08 19:56 - 02079744 _____ (Farbar) C:\Users\Pimo\Downloads\FRST64.exe
2014-02-08 10:54 - 2014-02-08 10:55 - 140300048 _____ () C:\Users\Pimo\Downloads\avira_antivirus_suite_de.exe
2014-02-07 20:19 - 2014-02-07 20:19 - 00000045 _____ () C:\Users\Pimo\AppData\Roaming\WB.CFG
2014-02-07 19:38 - 2014-02-07 19:38 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-07 19:37 - 2014-02-07 19:38 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-07 19:37 - 2014-02-07 19:38 - 00000000 ____D () C:\Program Files\iTunes
2014-02-07 19:37 - 2014-02-07 19:38 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-07 19:37 - 2014-02-07 19:37 - 00000000 ____D () C:\Program Files\iPod
2014-02-07 19:36 - 2014-02-07 19:36 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-07 19:36 - 2014-02-07 19:36 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-07 19:36 - 2014-02-07 19:36 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-07 19:36 - 2014-02-07 19:36 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-07 19:23 - 2014-02-07 19:23 - 00448512 _____ (OldTimer Tools) C:\Users\Pimo\Downloads\TFC.exe
2014-02-07 19:19 - 2014-02-08 19:19 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-07 19:19 - 2014-02-07 20:45 - 00000000 ____D () C:\Users\Pimo\AppData\Roaming\DigitalSites
2014-02-07 19:19 - 2014-02-07 19:19 - 00003224 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-07 19:14 - 2014-02-07 19:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Pimo\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-07 19:13 - 2014-02-07 19:13 - 00000000 ____D () C:\Users\Pimo\AppData\Local\Secunia PSI
2014-02-07 18:59 - 2014-02-07 19:00 - 00001535 _____ () C:\DelFix.txt
2014-02-04 21:12 - 2014-02-07 18:59 - 00000000 ____D () C:\Windows\ERUNT
2014-02-04 21:00 - 2014-02-07 18:59 - 00000000 ____D () C:\AdwCleaner
2014-02-04 19:25 - 2014-02-07 19:15 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-04 19:25 - 2014-02-07 19:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-04 19:25 - 2014-02-04 19:25 - 00000000 ____D () C:\Users\Pimo\AppData\Roaming\Malwarebytes
2014-02-04 19:25 - 2014-02-04 19:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 19:25 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-04 19:24 - 2014-02-04 19:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Pimo\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-02 09:21 - 2014-02-07 18:57 - 00000000 ____D () C:\Windows\erdnt
2014-02-01 19:04 - 2014-02-01 19:04 - 00003527 _____ () C:\Users\Pimo\Desktop\Ausgaben Februar 2014 - Verknüpfung.lnk
2014-01-26 14:26 - 2014-01-26 14:26 - 00003024 _____ () C:\Windows\System32\Tasks\{EBF6E702-066D-4D1F-ADDA-DB72981A7FBD}
2014-01-26 14:26 - 2014-01-26 14:26 - 00003024 _____ () C:\Windows\System32\Tasks\{9AA65156-AE54-4272-A1DE-DF38139E2F27}
2014-01-26 14:26 - 2014-01-26 14:26 - 00003024 _____ () C:\Windows\System32\Tasks\{8BCB0DD8-5B95-470C-B03B-59281D400567}
2014-01-26 14:26 - 2014-01-26 14:26 - 00003024 _____ () C:\Windows\System32\Tasks\{3C4F7A4B-94D7-4E58-9459-58E36EFF1DA9}
2014-01-26 14:26 - 2014-01-26 14:26 - 00003024 _____ () C:\Windows\System32\Tasks\{3A2F89AF-EB96-41F1-AECD-9C6D1706FD2F}
2014-01-26 14:25 - 2014-01-26 14:25 - 00003024 _____ () C:\Windows\System32\Tasks\{B731F09A-0918-404F-BBDF-C104927040DA}
2014-01-26 14:25 - 2014-01-26 14:25 - 00003024 _____ () C:\Windows\System32\Tasks\{3EAA5119-406E-4756-9A7A-FDC3AC624F0F}
2014-01-26 12:42 - 2014-01-26 12:42 - 00001172 _____ () C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
2014-01-26 12:39 - 2014-01-26 12:39 - 00000000 ____D () C:\Users\Pimo\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
2014-01-26 12:38 - 2014-01-26 12:39 - 152249762 _____ () C:\Users\Pimo\Downloads\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
2014-01-24 11:38 - 2014-01-24 11:38 - 00000147 _____ () C:\Users\Pimo\Desktop\Goodgame Empire.url
2014-01-24 11:37 - 2014-01-24 11:38 - 00621800 _____ () C:\Users\Pimo\Downloads\Apache-OpenOffice_Setup_Download.exe
2014-01-24 10:02 - 2014-01-24 10:02 - 00000000 ____D () C:\Users\Pimo\AppData\Roaming\OpenOffice
2014-01-24 09:56 - 2014-01-24 12:18 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-01-24 09:49 - 2014-01-24 09:49 - 163606685 _____ () C:\Users\Pimo\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-01-20 08:33 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-20 08:33 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-20 08:33 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-20 08:33 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-20 08:32 - 2014-01-20 08:33 - 00005402 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-15 04:47 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 04:47 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 04:47 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 04:47 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 04:47 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 04:47 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 04:47 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 04:47 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 04:47 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 07:21 - 2014-01-30 14:40 - 00000000 ____D () C:\Users\Pimo\Documents\Baumarkbewerbungen

==================== One Month Modified Files and Folders =======

2014-02-08 19:58 - 2011-02-20 13:45 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3217002767-4023139414-936112289-1000UA.job
2014-02-08 19:57 - 2014-02-08 19:57 - 00021125 _____ () C:\Users\Pimo\Downloads\FRST.txt
2014-02-08 19:57 - 2014-02-08 19:57 - 00000000 ____D () C:\FRST
2014-02-08 19:57 - 2009-12-14 19:25 - 01312007 _____ () C:\Windows\WindowsUpdate.log
2014-02-08 19:56 - 2014-02-08 19:56 - 02079744 _____ (Farbar) C:\Users\Pimo\Downloads\FRST64.exe
2014-02-08 19:56 - 2013-05-13 07:50 - 00000000 ____D () C:\Users\Pimo\AppData\Roaming\Skype
2014-02-08 19:53 - 2012-06-27 05:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-08 19:19 - 2014-02-07 19:19 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-08 19:00 - 2010-01-30 08:26 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-08 16:00 - 2010-01-30 08:26 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-08 10:57 - 2011-02-20 13:45 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3217002767-4023139414-936112289-1000Core.job
2014-02-08 10:55 - 2014-02-08 10:54 - 140300048 _____ () C:\Users\Pimo\Downloads\avira_antivirus_suite_de.exe
2014-02-08 10:36 - 2009-10-15 01:56 - 00654150 _____ () C:\Windows\system32\perfh007.dat
2014-02-08 10:36 - 2009-10-15 01:56 - 00130022 _____ () C:\Windows\system32\perfc007.dat
2014-02-08 10:36 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-08 09:08 - 2013-11-17 15:35 - 00000000 ____D () C:\Users\Pimo\Documents\Ausgabenordner
2014-02-08 05:37 - 2009-07-14 05:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-08 05:37 - 2009-07-14 05:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-08 05:29 - 2012-10-14 07:49 - 00031524 _____ () C:\Windows\setupact.log
2014-02-08 05:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-07 20:46 - 2012-10-18 17:00 - 00012872 _____ () C:\Windows\PFRO.log
2014-02-07 20:45 - 2014-02-07 19:19 - 00000000 ____D () C:\Users\Pimo\AppData\Roaming\DigitalSites
2014-02-07 20:19 - 2014-02-07 20:19 - 00000045 _____ () C:\Users\Pimo\AppData\Roaming\WB.CFG
2014-02-07 19:38 - 2014-02-07 19:38 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-07 19:38 - 2014-02-07 19:37 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-07 19:38 - 2014-02-07 19:37 - 00000000 ____D () C:\Program Files\iTunes
2014-02-07 19:38 - 2014-02-07 19:37 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-07 19:37 - 2014-02-07 19:37 - 00000000 ____D () C:\Program Files\iPod
2014-02-07 19:36 - 2014-02-07 19:36 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-02-07 19:36 - 2014-02-07 19:36 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-02-07 19:36 - 2014-02-07 19:36 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-02-07 19:36 - 2014-02-07 19:36 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-02-07 19:23 - 2014-02-07 19:23 - 00448512 _____ (OldTimer Tools) C:\Users\Pimo\Downloads\TFC.exe
2014-02-07 19:19 - 2014-02-07 19:19 - 00003224 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-07 19:19 - 2010-01-30 17:47 - 00000000 ____D () C:\ProgramData\Apple
2014-02-07 19:15 - 2014-02-07 19:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Pimo\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-07 19:15 - 2014-02-04 19:25 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-07 19:15 - 2014-02-04 19:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-07 19:13 - 2014-02-07 19:13 - 00000000 ____D () C:\Users\Pimo\AppData\Local\Secunia PSI
2014-02-07 19:00 - 2014-02-07 18:59 - 00001535 _____ () C:\DelFix.txt
2014-02-07 18:59 - 2014-02-04 21:12 - 00000000 ____D () C:\Windows\ERUNT
2014-02-07 18:59 - 2014-02-04 21:00 - 00000000 ____D () C:\AdwCleaner
2014-02-07 18:57 - 2014-02-02 09:21 - 00000000 ____D () C:\Windows\erdnt
2014-02-07 10:01 - 2011-10-28 11:21 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-07 10:01 - 2010-02-07 09:43 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-07 10:00 - 2010-01-31 09:17 - 00000000 ____D () C:\Users\Pimo\AppData\Roaming\HpUpdate
2014-02-07 10:00 - 2010-01-31 09:17 - 00000000 ____D () C:\Users\Pimo\AppData\Roaming\HP Support Assistant
2014-02-05 13:53 - 2012-06-27 05:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 13:53 - 2012-06-27 05:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 13:53 - 2011-06-19 04:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 19:25 - 2014-02-04 19:25 - 00000000 ____D () C:\Users\Pimo\AppData\Roaming\Malwarebytes
2014-02-04 19:25 - 2014-02-04 19:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-04 19:25 - 2014-02-04 19:24 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Pimo\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-04 09:29 - 2013-06-22 19:30 - 00000000 ____D () C:\Users\Pimo\AppData\Local\Windows Live
2014-02-02 09:59 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-02 09:41 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-01 19:04 - 2014-02-01 19:04 - 00003527 _____ () C:\Users\Pimo\Desktop\Ausgaben Februar 2014 - Verknüpfung.lnk
2014-01-31 11:32 - 2010-01-10 13:28 - 00000552 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-01-31 10:00 - 2013-11-09 13:12 - 00005276 _____ () C:\Windows\system32\lvcoinst.log
2014-01-30 14:40 - 2014-01-10 07:21 - 00000000 ____D () C:\Users\Pimo\Documents\Baumarkbewerbungen
2014-01-30 12:55 - 2013-11-28 08:17 - 00000000 ____D () C:\Users\Pimo\Documents\Bewerbungen Michael
2014-01-26 14:26 - 2014-01-26 14:26 - 00003024 _____ () C:\Windows\System32\Tasks\{EBF6E702-066D-4D1F-ADDA-DB72981A7FBD}
2014-01-26 14:26 - 2014-01-26 14:26 - 00003024 _____ () C:\Windows\System32\Tasks\{9AA65156-AE54-4272-A1DE-DF38139E2F27}
2014-01-26 14:26 - 2014-01-26 14:26 - 00003024 _____ () C:\Windows\System32\Tasks\{8BCB0DD8-5B95-470C-B03B-59281D400567}
2014-01-26 14:26 - 2014-01-26 14:26 - 00003024 _____ () C:\Windows\System32\Tasks\{3C4F7A4B-94D7-4E58-9459-58E36EFF1DA9}
2014-01-26 14:26 - 2014-01-26 14:26 - 00003024 _____ () C:\Windows\System32\Tasks\{3A2F89AF-EB96-41F1-AECD-9C6D1706FD2F}
2014-01-26 14:25 - 2014-01-26 14:25 - 00003024 _____ () C:\Windows\System32\Tasks\{B731F09A-0918-404F-BBDF-C104927040DA}
2014-01-26 14:25 - 2014-01-26 14:25 - 00003024 _____ () C:\Windows\System32\Tasks\{3EAA5119-406E-4756-9A7A-FDC3AC624F0F}
2014-01-26 13:59 - 2009-07-14 05:45 - 00382568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-26 12:45 - 2010-01-09 15:41 - 00095344 _____ () C:\Users\Pimo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-26 12:44 - 2010-01-09 15:44 - 00000000 ___RD () C:\Users\Pimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-26 12:42 - 2014-01-26 12:42 - 00001172 _____ () C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
2014-01-26 12:41 - 2011-12-26 11:40 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-01-26 12:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-26 12:39 - 2014-01-26 12:39 - 00000000 ____D () C:\Users\Pimo\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
2014-01-26 12:39 - 2014-01-26 12:38 - 152249762 _____ () C:\Users\Pimo\Downloads\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
2014-01-24 12:19 - 2010-01-09 15:36 - 00000000 ____D () C:\Users\Pimo
2014-01-24 12:18 - 2014-01-24 09:56 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-01-24 12:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-01-24 11:38 - 2014-01-24 11:38 - 00000147 _____ () C:\Users\Pimo\Desktop\Goodgame Empire.url
2014-01-24 11:38 - 2014-01-24 11:37 - 00621800 _____ () C:\Users\Pimo\Downloads\Apache-OpenOffice_Setup_Download.exe
2014-01-24 10:02 - 2014-01-24 10:02 - 00000000 ____D () C:\Users\Pimo\AppData\Roaming\OpenOffice
2014-01-24 09:49 - 2014-01-24 09:49 - 163606685 _____ () C:\Users\Pimo\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-01-21 06:15 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-01-20 08:37 - 2013-10-18 08:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-20 08:33 - 2014-01-20 08:32 - 00005402 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 08:33 - 2010-07-04 17:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-16 12:58 - 2012-03-23 10:39 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPIMO-PC$
2014-01-16 12:58 - 2012-03-23 10:39 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForPIMO-PC$.job
2014-01-15 17:32 - 2013-08-14 17:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 17:30 - 2010-01-16 11:09 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Pimo\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 07:23

==================== End Of Log ============================
--- --- ---
Antwort

Themen zu Ständige ominöse Update-Aufforderung bei jedem Klick
aktualisieren, aufforderungen, download, folge, java, plugin, pup.optional.bundleinstaller.a, pup.optional.conduit, pup.optional.conduit.a, pup.optional.crossrider.a, pup.optional.dealply.a, pup.optional.opencandy, pup.optional.plushd.a, seite, update, webseite, webseiten, windows, windows 7, öffnen, öffnet


« C:windows/system32/svchost.exe | Was ist 'Internet Updater' von Parallel Lines und wie werde ich das wieder los? »


Ähnliche Themen: Ständige ominöse Update-Aufforderung bei jedem Klick


  1. Windows 7 DNS-Unlocker öffnet bei jedem Klick Werbefenster
    Log-Analyse und Auswertung - 06.10.2015 (13)
  2. Bei jedem Klick auf einen Link öffnet sich falsche Seite
    Log-Analyse und Auswertung - 24.09.2015 (20)
  3. Bei fast jedem Klick öffnen sich Werbeseiten
    Plagegeister aller Art und deren Bekämpfung - 06.08.2015 (16)
  4. Bei fast jedem Klick geht eine neue Seite mit Werbung auf
    Log-Analyse und Auswertung - 12.02.2015 (23)
  5. Win 7: Avast wird von Gruppenrichtlinie Blockiert; Ominöse Fehlermeldung nach jedem Reboot.
    Log-Analyse und Auswertung - 08.11.2014 (15)
  6. Werbung und neue Tabs bei jedem Klick in Chrome
    Plagegeister aller Art und deren Bekämpfung - 02.07.2014 (5)
  7. Ständige Weiterleitung auf ominöse Werbeseiten bei Firefox mit Windows 7
    Plagegeister aller Art und deren Bekämpfung - 23.05.2014 (18)
  8. Windows 7: Bei jedem Klick Werbung und Webseiten werden umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 02.05.2014 (9)
  9. Windows 7, ständige wechseln tabs auf update-Aufforderung bei firefox
    Plagegeister aller Art und deren Bekämpfung - 02.03.2014 (9)
  10. Bei jedem Klick öffnet sich ein neues Werbefenster
    Log-Analyse und Auswertung - 27.01.2014 (9)
  11. 888.com Werbung bei jedem Klick auf Mozilla
    Plagegeister aller Art und deren Bekämpfung - 14.12.2013 (16)
  12. Fast bei jedem Klick öffnet sich ein neuer Tab mit Werbung bei firefox und bei chrome
    Plagegeister aller Art und deren Bekämpfung - 26.10.2013 (16)
  13. bizcoaching Popup öffnet sich bei fast jedem Klick im IE10
    Mülltonne - 04.07.2013 (1)
  14. Firefox: Fast bei jedem Klick öffnet sich ein neuer Tab mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 21.06.2013 (9)
  15. Ständige aufforderung Datenträger in harddisk4 einzulegen; Virus?
    Log-Analyse und Auswertung - 16.11.2011 (7)
  16. Seite öffnet sich bei jedem klick per Viruspr. nicht identifizierbar
    Plagegeister aller Art und deren Bekämpfung - 24.06.2008 (3)
  17. Werbefenster öffnen sich im Firefox bei fast jedem Klick
    Log-Analyse und Auswertung - 26.04.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ständige ominöse Update-Aufforderung bei jedem Klick - FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014 Ran by Pimo (administrator) on PIMO-PC on 08-02-2014 19:57:33 Running from C:\Users\Pimo\Downloads - Ständige ominöse Update-Aufforderung bei jedem Klick...
Archiv
Du betrachtest: Ständige ominöse Update-Aufforderung bei jedem Klick auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131