Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Ständig nervige Popups und langsames Internet

Ständig nervige Popups und langsames Internet


Log-Analyse und Auswertung: Ständig nervige Popups und langsames Internet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 17.03.2014, 17:28   #1
Juergen1948
 
Ständig nervige Popups und langsames Internet - Standard

Ständig nervige Popups und langsames Internet


Hier das neue FRST Log:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014 02
Ran by WIN (administrator) on WIN-PC on 17-03-2014 17:25:56
Running from C:\Users\WIN\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3184401558-10003487-3650169653-1001\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-05] (Google Inc.)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {61F0D019-B016-4D56-9DAE-7B7706CD6755} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\WIN\AppData\Roaming\Mozilla\Firefox\Profiles\lp6fqsqi.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: GMX MailCheck - C:\Users\WIN\AppData\Roaming\Mozilla\Firefox\Profiles\lp6fqsqi.default\Extensions\toolbar@gmx.net.xpi [2013-11-02]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: inbox.com
CHR DefaultSearchProvider: Inbox
CHR DefaultSearchURL: hxxp://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80742&iwk=297&lng=de
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\WIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-02]
CHR Extension: (Google Drive) - C:\Users\WIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-02]
CHR Extension: (YouTube) - C:\Users\WIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-02]
CHR Extension: (Google-Suche) - C:\Users\WIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-02]
CHR Extension: (media enhance) - C:\Users\WIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-06]
CHR Extension: (Google Wallet) - C:\Users\WIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Google Mail) - C:\Users\WIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-02]
CHR HKLM-x32\...\Chrome\Extension: [apgjagobplilmcdfelodhgefiidomnfl] - C:\Program Files (x86)\Inbox Toolbar\Chrome\ibxtoolbar_chr.crx [2014-02-02]
CHR HKLM-x32\...\Chrome\Extension: [mbdibdlgbekocnodcjhjhfofjddomibm] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta7944\ch\VideoPlayerV3beta7944.crx [2014-02-02]
CHR HKLM-x32\...\Chrome\Extension: [ncipodljkefmhlnniibmkjbbccmmknff] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4510\ch\MediaViewV1alpha4510.crx [2014-02-02]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 17:25 - 2014-03-17 17:26 - 00009478 _____ () C:\Users\WIN\Desktop\FRST.txt
2014-03-17 17:13 - 2014-03-17 17:13 - 00000000 ____D () C:\Users\WIN\AppData\Local\Windows Live
2014-03-17 17:12 - 2014-03-17 17:13 - 00000000 ____D () C:\Users\WIN\AppData\Local\{AE127562-620F-4E64-9149-DF9A1EDFCA95}
2014-03-16 19:08 - 2014-03-16 19:08 - 00378060 _____ () C:\Users\WIN\Downloads\Tabelle Kreisliga - Kreis Neumarkt Jura - Herren  Die Tabelle der Saison 2013 2014 bei BFV.DE.htm
2014-03-16 19:08 - 2014-03-16 19:08 - 00000000 ____D () C:\Users\WIN\Downloads\Tabelle Kreisliga - Kreis Neumarkt Jura - Herren  Die Tabelle der Saison 2013 2014 bei BFV.DE_files
2014-03-15 16:49 - 2014-03-15 16:49 - 00012692 _____ () C:\Users\WIN\Documents\Spielplan 1+2.odt
2014-03-12 21:25 - 2014-03-12 21:25 - 00000000 ____D () C:\Windows\ERUNT
2014-03-12 21:15 - 2014-03-12 21:22 - 00000000 ____D () C:\AdwCleaner
2014-03-12 20:43 - 2014-03-17 17:10 - 00000286 _____ () C:\Windows\Tasks\bench-Updater removing.job
2014-03-12 17:46 - 2014-03-12 17:46 - 00013389 _____ () C:\Users\WIN\Documents\Spielplan D2 + D3.odt
2014-03-11 20:05 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-11 20:05 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-11 20:05 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-11 20:05 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-11 20:05 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-11 20:05 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-11 20:05 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-11 20:05 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-11 20:05 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-11 20:05 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-11 20:05 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-11 20:05 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-11 20:05 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-11 20:05 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-11 20:05 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-11 20:05 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-11 20:05 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-11 20:05 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-11 20:05 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-11 20:05 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-11 20:05 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-11 20:05 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-11 20:05 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-11 20:05 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-11 20:05 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-11 20:05 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-11 20:05 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-11 20:05 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-11 20:05 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-11 20:05 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-11 20:05 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-11 20:05 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-11 20:05 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-11 20:05 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-11 20:05 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-11 20:05 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-11 20:05 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-11 20:05 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-11 20:05 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-11 20:05 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-11 20:05 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-11 20:05 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-11 20:05 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-11 20:05 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-11 20:04 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-11 20:04 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-11 20:04 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-11 20:04 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-10 16:53 - 2014-03-17 17:25 - 00000000 ____D () C:\Users\WIN\Desktop\Trojanerboard nicht löschen
2014-03-10 16:26 - 2014-03-17 17:25 - 00000000 ____D () C:\FRST
2014-03-10 16:26 - 2014-03-10 16:26 - 00000000 _____ () C:\Users\WIN\defogger_reenable
2014-03-10 16:23 - 2014-03-10 16:23 - 02157056 _____ (Farbar) C:\Users\WIN\Desktop\FRST64.exe
2014-03-10 16:00 - 2014-03-10 16:00 - 00013272 _____ () C:\Users\WIN\Documents\Fch E1.odt
2014-03-06 09:03 - 2014-03-17 16:39 - 00000784 _____ () C:\Windows\setupact.log
2014-03-06 09:03 - 2014-03-06 09:03 - 00000998 _____ () C:\Windows\PFRO.log
2014-03-06 09:03 - 2014-03-06 09:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-06 09:01 - 2014-03-06 09:01 - 00000000 ___RD () C:\Users\WIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-06 08:55 - 2014-03-06 08:56 - 00000378 _____ () C:\Windows\Tasks\APSnotifierCA.job
2014-03-06 08:55 - 2014-03-06 08:55 - 00003160 _____ () C:\Windows\System32\Tasks\APSnotifierCA
2014-03-06 08:55 - 2014-03-06 08:55 - 00000000 ____D () C:\Users\WIN\AppData\Local\Tuguu_SL
2014-03-06 08:53 - 2014-03-06 08:53 - 00001345 _____ () C:\Users\WIN\AppData\Roaming\aps.scan.results
2014-03-06 08:53 - 2014-03-06 08:53 - 00000605 _____ () C:\Users\WIN\AppData\Roaming\aps.scan.quick.results
2014-03-06 08:51 - 2014-03-06 08:51 - 01122960 _____ (AnyProtect.com) C:\Users\WIN\AppData\Local\nssAA06.tmp
2014-03-06 08:50 - 2014-03-06 08:50 - 00397800 _____ () C:\Users\WIN\Downloads\Setup (1).exe
2014-03-06 08:47 - 2014-03-06 08:47 - 02692000 _____ (Xacti, LLC ) C:\Users\WIN\Downloads\EmailNotifierSetup (1).exe
2014-03-04 08:57 - 2014-03-04 08:57 - 00220456 _____ (Fusion Install ) C:\Users\WIN\Downloads\Player-Chrome.exe
2014-03-03 07:38 - 2014-03-03 07:38 - 00862112 _____ (AirInstaller ) C:\Users\WIN\Downloads\setup.exe
2014-03-03 07:26 - 2014-03-03 07:27 - 01441952 _____ (Bandoo Media Inc) C:\Users\WIN\Downloads\jZipSetup-r304-n-bc.exe
2014-02-20 18:17 - 2014-03-05 08:36 - 00000000 ____D () C:\Users\WIN\Downloads\FC Holzheim - Fußballverein bei fussball-im-verein.de_files
2014-02-20 18:17 - 2014-02-20 18:17 - 00214686 _____ () C:\Users\WIN\Downloads\FC Holzheim - Fußballverein bei fussball-im-verein.de.htm

==================== One Month Modified Files and Folders =======

2014-03-17 17:26 - 2014-03-17 17:25 - 00009478 _____ () C:\Users\WIN\Desktop\FRST.txt
2014-03-17 17:25 - 2014-03-10 16:53 - 00000000 ____D () C:\Users\WIN\Desktop\Trojanerboard nicht löschen
2014-03-17 17:25 - 2014-03-10 16:26 - 00000000 ____D () C:\FRST
2014-03-17 17:13 - 2014-03-17 17:13 - 00000000 ____D () C:\Users\WIN\AppData\Local\Windows Live
2014-03-17 17:13 - 2014-03-17 17:12 - 00000000 ____D () C:\Users\WIN\AppData\Local\{AE127562-620F-4E64-9149-DF9A1EDFCA95}
2014-03-17 17:10 - 2014-03-12 20:43 - 00000286 _____ () C:\Windows\Tasks\bench-Updater removing.job
2014-03-17 17:08 - 2013-02-15 21:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-17 17:03 - 2013-12-11 09:22 - 00000000 ____D () C:\Users\WIN\AppData\Roaming\AffiliatedUpdate
2014-03-17 16:48 - 2009-07-14 05:45 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-17 16:48 - 2009-07-14 05:45 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-17 16:44 - 2013-02-05 16:45 - 01690695 _____ () C:\Windows\WindowsUpdate.log
2014-03-17 16:40 - 2013-02-05 16:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-17 16:39 - 2014-03-06 09:03 - 00000784 _____ () C:\Windows\setupact.log
2014-03-17 16:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 19:29 - 2013-02-05 16:47 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-16 19:08 - 2014-03-16 19:08 - 00378060 _____ () C:\Users\WIN\Downloads\Tabelle Kreisliga - Kreis Neumarkt Jura - Herren  Die Tabelle der Saison 2013 2014 bei BFV.DE.htm
2014-03-16 19:08 - 2014-03-16 19:08 - 00000000 ____D () C:\Users\WIN\Downloads\Tabelle Kreisliga - Kreis Neumarkt Jura - Herren  Die Tabelle der Saison 2013 2014 bei BFV.DE_files
2014-03-15 16:49 - 2014-03-15 16:49 - 00012692 _____ () C:\Users\WIN\Documents\Spielplan 1+2.odt
2014-03-15 16:32 - 2013-02-05 16:47 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 21:15 - 2014-01-02 23:03 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-03-13 21:14 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-12 21:25 - 2014-03-12 21:25 - 00000000 ____D () C:\Windows\ERUNT
2014-03-12 21:22 - 2014-03-12 21:15 - 00000000 ____D () C:\AdwCleaner
2014-03-12 21:22 - 2013-02-05 16:50 - 00001292 _____ () C:\Users\Public\Desktop\MEDION Serviceportal.lnk
2014-03-12 21:22 - 2013-02-05 16:50 - 00001272 _____ () C:\Users\Public\Desktop\MEDIONhome.lnk
2014-03-12 21:18 - 2013-02-05 16:50 - 00001386 _____ () C:\Users\Public\Desktop\ALDI Süd Blumen Service.lnk
2014-03-12 21:18 - 2013-02-05 16:50 - 00001362 _____ () C:\Users\Public\Desktop\ALDI Süd Reisen.lnk
2014-03-12 21:18 - 2013-02-05 16:50 - 00001340 _____ () C:\Users\Public\Desktop\ALDI Süd Foto Service.lnk
2014-03-12 21:18 - 2013-02-05 16:50 - 00001318 _____ () C:\Users\Public\Desktop\ALDI Talk.lnk
2014-03-12 21:18 - 2013-02-05 16:50 - 00001298 _____ () C:\Users\Public\Desktop\ALDI Süd Startseite.lnk
2014-03-12 18:08 - 2013-02-15 21:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:08 - 2013-02-15 21:33 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 18:08 - 2011-12-01 22:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 17:46 - 2014-03-12 17:46 - 00013389 _____ () C:\Users\WIN\Documents\Spielplan D2 + D3.odt
2014-03-12 17:07 - 2009-07-14 05:45 - 00396528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 17:06 - 2013-03-23 18:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 17:06 - 2013-03-23 18:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-10 16:26 - 2014-03-10 16:26 - 00000000 _____ () C:\Users\WIN\defogger_reenable
2014-03-10 16:26 - 2013-02-05 16:52 - 00000000 ____D () C:\Users\WIN
2014-03-10 16:23 - 2014-03-10 16:23 - 02157056 _____ (Farbar) C:\Users\WIN\Desktop\FRST64.exe
2014-03-10 16:00 - 2014-03-10 16:00 - 00013272 _____ () C:\Users\WIN\Documents\Fch E1.odt
2014-03-06 09:03 - 2014-03-06 09:03 - 00000998 _____ () C:\Windows\PFRO.log
2014-03-06 09:03 - 2014-03-06 09:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-06 09:01 - 2014-03-06 09:01 - 00000000 ___RD () C:\Users\WIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-06 08:56 - 2014-03-06 08:55 - 00000378 _____ () C:\Windows\Tasks\APSnotifierCA.job
2014-03-06 08:55 - 2014-03-06 08:55 - 00003160 _____ () C:\Windows\System32\Tasks\APSnotifierCA
2014-03-06 08:55 - 2014-03-06 08:55 - 00000000 ____D () C:\Users\WIN\AppData\Local\Tuguu_SL
2014-03-06 08:53 - 2014-03-06 08:53 - 00001345 _____ () C:\Users\WIN\AppData\Roaming\aps.scan.results
2014-03-06 08:53 - 2014-03-06 08:53 - 00000605 _____ () C:\Users\WIN\AppData\Roaming\aps.scan.quick.results
2014-03-06 08:52 - 2013-02-28 18:04 - 00000000 ____D () C:\Windows\Minidump
2014-03-06 08:51 - 2014-03-06 08:51 - 01122960 _____ (AnyProtect.com) C:\Users\WIN\AppData\Local\nssAA06.tmp
2014-03-06 08:50 - 2014-03-06 08:50 - 00397800 _____ () C:\Users\WIN\Downloads\Setup (1).exe
2014-03-06 08:47 - 2014-03-06 08:47 - 02692000 _____ (Xacti, LLC ) C:\Users\WIN\Downloads\EmailNotifierSetup (1).exe
2014-03-05 08:36 - 2014-02-20 18:17 - 00000000 ____D () C:\Users\WIN\Downloads\FC Holzheim - Fußballverein bei fussball-im-verein.de_files
2014-03-04 08:57 - 2014-03-04 08:57 - 00220456 _____ (Fusion Install ) C:\Users\WIN\Downloads\Player-Chrome.exe
2014-03-03 08:31 - 2014-02-02 21:17 - 00000214 _____ () C:\Windows\system32\.crusader
2014-03-03 07:38 - 2014-03-03 07:38 - 00862112 _____ (AirInstaller ) C:\Users\WIN\Downloads\setup.exe
2014-03-03 07:27 - 2014-03-03 07:26 - 01441952 _____ (Bandoo Media Inc) C:\Users\WIN\Downloads\jZipSetup-r304-n-bc.exe
2014-03-01 07:05 - 2014-03-11 20:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-11 20:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-11 20:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-11 20:05 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-11 20:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-11 20:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-11 20:05 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-11 20:05 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-11 20:05 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-11 20:05 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-11 20:05 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-11 20:05 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-11 20:05 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-11 20:05 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-11 20:05 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-11 20:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-11 20:05 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-11 20:05 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-11 20:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-11 20:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-11 20:05 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-11 20:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-11 20:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-11 20:05 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-11 20:05 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-11 20:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-11 20:05 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-11 20:05 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-11 20:05 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-11 20:05 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-11 20:05 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-11 20:05 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-11 20:05 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-11 20:05 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-11 20:05 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-11 20:05 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-11 20:05 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-11 20:05 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-11 20:05 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-11 20:05 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-23 10:39 - 2014-02-02 21:07 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-20 18:17 - 2014-02-20 18:17 - 00214686 _____ () C:\Users\WIN\Downloads\FC Holzheim - Fußballverein bei fussball-im-verein.de.htm
2014-02-20 17:55 - 2013-08-15 10:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-20 17:53 - 2011-07-18 21:31 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 11:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\WIN\AppData\Local\Temp\avgnt.exe
C:\Users\WIN\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-12 20:11

==================== End Of Log ============================
--- --- ---


Hier Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2014 02
Ran by WIN at 2014-03-17 17:26:07
Running from C:\Users\WIN\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
NVIDIA Control Panel 285.93 (Version: 285.93 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 285.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.93 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.11.1111 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.1111 - NVIDIA Corporation)
NVIDIA Update 1.5.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.5.20 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.5.20 - NVIDIA Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

14-02-2014 20:09:03 Windows Update
18-02-2014 08:59:50 Windows-Sicherung
20-02-2014 16:52:12 Windows Update
26-02-2014 07:33:50 Windows-Sicherung
03-03-2014 06:17:24 Windows-Sicherung
10-03-2014 12:36:20 Windows-Sicherung
11-03-2014 19:21:04 Windows Update
15-03-2014 15:24:29 Windows Update
16-03-2014 18:00:34 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02138C40-ED17-4C62-AFA4-9C624A937EF7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {5C99BCFA-02F5-4687-B29C-006EB568E9EB} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {7267BB9F-3723-47D6-91EC-353636711924} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-05] (Google Inc.)
Task: {796C644E-1BB4-4667-8762-4F32C64B8959} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {9536D4BA-AE8C-4B64-B384-BD7C70927653} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {96174ED6-B1B4-4205-BBE7-E85D042F2C0A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {9EF64820-37F5-463B-BF33-10EE7C6CEB9B} - System32\Tasks\APSnotifierCA => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: {F1C3C5AD-C9E8-4BA2-B499-71B0D735FE81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-05] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierCA.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\bench-Updater removing.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-02-12 16:20 - 2005-04-22 05:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2014-01-28 09:37 - 2014-01-28 09:37 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2013-02-19 19:00 - 2013-02-19 18:58 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-02-12 16:19 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-03-15 16:32 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 16:32 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 16:32 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 16:32 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 16:32 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 16:32 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/17/2014 05:15:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x136c
Startzeit der fehlerhaften Anwendung: 0xwmprph.exe0
Pfad der fehlerhaften Anwendung: wmprph.exe1
Pfad des fehlerhaften Moduls: wmprph.exe2
Berichtskennung: wmprph.exe3

Error: (03/17/2014 04:41:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (03/17/2014 04:41:11 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (03/17/2014 04:40:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x560
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3

Error: (03/16/2014 07:03:44 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)"

Error: (03/16/2014 06:52:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (03/16/2014 06:52:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (03/16/2014 06:52:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (03/16/2014 06:52:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (03/16/2014 06:52:16 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.


System errors:
=============
Error: (03/15/2014 05:17:55 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{14522d5d-6ff6-11e2-9026-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{5860C8F0-C871-4997-915C-E9A79B70624A}

Error: (03/15/2014 05:17:25 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{14522d5d-6ff6-11e2-9026-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{7B8EC5D7-ED80-4894-924D-11A0896A0963}

Error: (03/13/2014 09:06:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NewPlayer Updater Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (03/17/2014 05:15:20 PM) (Source: Application Error)(User: )
Description: wmprph.exe12.0.7600.163854a5bd018ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4136c01cf41fc16b5aed4C:\Program Files\Windows Media Player\wmprph.exeC:\Windows\SYSTEM32\ntdll.dll55690ed7-adef-11e3-bda9-8c89a5a4af33

Error: (03/17/2014 04:41:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (03/17/2014 04:41:11 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (03/17/2014 04:40:11 PM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de56001cf41f724b90bd7C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll6c7064d3-adea-11e3-bda9-8c89a5a4af33

Error: (03/16/2014 07:03:44 PM) (Source: Windows Backup)(User: )
Description: Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)

Error: (03/16/2014 06:52:25 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (03/16/2014 06:52:24 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (03/16/2014 06:52:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (03/16/2014 06:52:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (03/16/2014 06:52:16 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.


==================== Memory info =========================== 

Percentage of memory in use: 35%
Total physical RAM: 4077.64 MB
Available physical RAM: 2649.61 MB
Total Pagefile: 8153.46 MB
Available Pagefile: 6303.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:830.36 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:14.2 GB) NTFS
Drive h: (RICOHDCX) (Removable) (Total:0.24 GB) (Free:0.04 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 58F6BA5B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 3 (Size: 243 MB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Antwort

Themen zu Ständig nervige Popups und langsames Internet
adware/adware.gen, adware/adware.gen2, adware/adware.gen7, adware/agentcv.a.164, cpu, hoffe, home premium, inter, internet, langsames, langsames internet, mobogenie, mobogenie entfernen, nationzoom, nationzoom entfernen, popups, premium, spyhunter, spyhunter entfernen, ständige, surfe, tagen, verschiedene


« s.m2pub.com | Bundestrojaner - Win XP lässt sich im abgesicherten Modus nicht starten »


Ähnliche Themen: Ständig nervige Popups und langsames Internet


  1. unmöglich im Internet zu arbeiten! Ständig Popups und ads...drehe noch durch
    Plagegeister aller Art und deren Bekämpfung - 06.09.2015 (18)
  2. Samsung Series5 Win 8.1: Umleitung auf Werbung, langsames Internet und System, Popups.
    Log-Analyse und Auswertung - 30.06.2015 (40)
  3. Ständige Popups in Chrome sowie Firefox, langsames Internet, Avast findet keine Fehler
    Log-Analyse und Auswertung - 24.03.2014 (21)
  4. Langsames Internet - ständig öffnen sich Werbefenster ! Was tun ?
    Plagegeister aller Art und deren Bekämpfung - 13.11.2013 (1)
  5. Nervige CID Popups!
    Log-Analyse und Auswertung - 28.01.2010 (12)
  6. Nervige Werbe Popups
    Log-Analyse und Auswertung - 18.09.2009 (13)
  7. nervige popups
    Plagegeister aller Art und deren Bekämpfung - 11.07.2009 (3)
  8. ständig nervige Popups (Firefox 3)
    Log-Analyse und Auswertung - 05.11.2008 (12)
  9. PC verseucht? ständig nervige Popups
    Log-Analyse und Auswertung - 23.09.2008 (11)
  10. Ständig Popups von Antispyware Anbietern im Internet Explorer
    Log-Analyse und Auswertung - 04.09.2008 (10)
  11. Internet ist sehr langsam und Popups öffnen sich ständig.
    Log-Analyse und Auswertung - 26.06.2008 (4)
  12. Nervige PopUps
    Log-Analyse und Auswertung - 10.05.2008 (12)
  13. Nervige Popups vom Internet Explorer
    Log-Analyse und Auswertung - 13.11.2007 (1)
  14. Nervige Virenwarnungen und Popups!!!
    Plagegeister aller Art und deren Bekämpfung - 02.09.2006 (9)
  15. Nervige Popups
    Plagegeister aller Art und deren Bekämpfung - 07.01.2006 (5)
  16. Nervige Popups
    Log-Analyse und Auswertung - 11.11.2005 (2)
  17. nervige popups in gmx
    Plagegeister aller Art und deren Bekämpfung - 26.11.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ständig nervige Popups und langsames Internet - Hier das neue FRST Log: FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014 02 Ran by WIN (administrator) on WIN-PC - Ständig nervige Popups und langsames Internet...
Archiv
Du betrachtest: Ständig nervige Popups und langsames Internet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132