Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Chrome öffner immer 2 Registerkarten mit Werbung/Spielen usw.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.02.2015, 08:53   #1
chester36
 
Chrome öffner immer 2 Registerkarten mit Werbung/Spielen usw. - Standard

Chrome öffner immer 2 Registerkarten mit Werbung/Spielen usw.



Hallo Zusammen!

Seit 2 Tagen öffnet Google Chrome immer 2 Registerkarten mit Werbung Spielen oder mit irgendwelchen Scanning Tools die ich runterladen soll. Zusätzlich fragt mich ein anderes popup, wollen sie die Seite wirklich verlassen, wenn ich sie wegklicke.
Ich fand bei meinen Googleapps ein App namens Poppit welches ich entfernt habe, dennoch hat es nichts geholfen.
Betriebssystem win 8.1

Ich bitte um eure Hilfe


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-02-2015
Ran by Christian (administrator) on MINIPC on 03-02-2015 09:40:30
Running from C:\Users\Christian\Desktop
Loaded Profiles: Christian (Available profiles: Christian)
Platform: Microsoft Windows 8.1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe
(ASUSTek Computer INC.) C:\Program Files\ASUS\ASUS AC Reminder\ACReminderSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
() C:\Program Files\WindowsApps\18742WernerStrmer.SchnapsenmitKarlFree_1.0.1.1_x86__amcmeq3wtsmd2\Schnapsen_mit_Karl_Free.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [2904064 2013-10-30] (Realtek Semiconductor)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [81360 2014-01-22] (Intel Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3355523747-1068868726-1384427958-1001\...\Run: [Device Detector] => DevDetect.exe -autorun
HKU\S-1-5-21-3355523747-1068868726-1384427958-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-3355523747-1068868726-1384427958-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3355523747-1068868726-1384427958-1001\...\MountPoints2: {5a93f805-0c51-11e4-9728-40167e9188fe} - "D:\SISetup.exe" 
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3355523747-1068868726-1384427958-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-3355523747-1068868726-1384427958-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3355523747-1068868726-1384427958-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3355523747-1068868726-1384427958-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2014-07-16]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "hxxp://www.google.at/"
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AirAsia for Chrome) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aendpjhemndpadgljdjnnakohlnopjjo [2014-07-12]
CHR Extension: (Angry Birds) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-07-12]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-12]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-12]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-21]
CHR Extension: (Silverlight for Chrome) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgnklfhofbcfndknbonklnijndoeknal [2015-01-30]
CHR Extension: (Google-Suche) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-12]
CHR Extension: (Visit Greece) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekbinehonipailgijdjmfooielfcconk [2014-07-12]
CHR Extension: (Evernote Web) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-12-03]
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-12]
CHR Extension: (Java Enterprise) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnafbcjeekpmfmgkekdaddgmjkjdije [2014-07-12]
CHR Extension: (Java Populars!) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oapojegdcjjaeehmicinhimakliedchj [2014-07-12]
CHR Extension: (Texas Holdem Poker) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojbaogcpfpkhbmjmefladpimcmfggkjl [2014-07-12]
CHR Extension: (Picasa) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-07-12]
CHR Extension: (RightLink) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\onnbdefobgodldihmklcjbhfnbdkebjh [2014-07-12]
CHR Extension: (Google Mail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-12]
CHR Extension: (eBay WOW! Angebote) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pllkgmcojhajjmojfoagiegoibjognlc [2014-07-12]
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsHidService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [103224 2013-09-09] (ASUSTek Computer Inc.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [111416 2013-09-09] (ASUSTek Computer Inc.)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1677016 2014-03-20] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1679536 2014-11-11] (Microsoft Corporation)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277304 2014-02-11] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83920 2014-01-22] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [96720 2014-01-22] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [90576 2014-01-22] (Intel Corporation)
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [586752 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [637912 2013-07-01] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe [168216 2013-08-25] (Intel Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1222144 2014-07-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R3 AsusHID; C:\Windows\System32\drivers\AsusHID.sys [64792 2013-12-12] (ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [17720 2013-07-02] (ASUSTek Computer Inc.)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
R3 BCMSDH43XX; C:\Windows\system32\DRIVERS\bcmdhd63.sys [304344 2013-10-03] (Broadcom Corp)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [186880 2013-12-04] (Microsoft Corporation)
R3 BthMini; C:\Windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
S3 btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [144600 2014-03-20] (Broadcom Corporation.)
R3 BtwSerialBus; C:\Windows\system32\DRIVERS\BtwSerialBus.sys [130776 2014-03-20] (Broadcom Corporation.)
R3 camera; C:\Windows\system32\DRIVERS\camera.sys [345088 2013-12-02] (Intel Corporation)
R3 CM3218x; C:\Windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 CPLMACPI; C:\Windows\system32\DRIVERS\CPLMACPI.sys [16488 2013-09-06] (Capella Microsystems, Inc.)
R3 DptfDevDBPT; C:\Windows\system32\DRIVERS\DptfDevPower.sys [25552 2014-01-22] (Intel Corporation)
R3 DptfDevDisplay; C:\Windows\system32\DRIVERS\DptfDevDisplay.sys [28112 2014-01-22] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [36304 2014-01-22] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [80848 2014-01-22] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [181712 2014-01-22] (Intel Corporation)
S3 FTDIBUS; C:\Windows\system32\drivers\ftdibus.sys [77808 2014-01-31] (FTDI Ltd.)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [23552 2013-12-30] (Intel Corporation)
R3 GpioVirtual; C:\Windows\System32\drivers\iaiogpiovirtual.sys [16896 2013-12-30] (Intel Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsHIDSwitch.sys [17720 2013-10-08] (ASUS)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [58368 2013-11-15] (Intel Corporation)
R3 iaiouart; C:\Windows\System32\drivers\iaiouart.sys [87552 2013-12-30] (Intel Corporation)
S0 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [505192 2013-08-09] (Intel Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [32664 2014-01-22] (Intel Corporation)
R3 IntelSST; C:\Windows\system32\drivers\isstrtc.sys [254464 2013-12-30] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [23448 2014-01-22] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [21456 2013-11-02] (Intel Corporation)
R1 MpKsl37678eb6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{59B5F8AB-3A06-45DD-BC62-751A0E39E56C}\MpKsl37678eb6.sys [39464 2015-02-03] (Microsoft Corporation)
R3 MT9M114; C:\Windows\System32\drivers\MT9M114.sys [38912 2013-12-02] (Intel Corporation)
S3 NETwNs32; C:\Windows\system32\DRIVERS\Netwsn00.sys [10372096 2013-06-18] (Intel Corporation)
R3 PMIC; C:\Windows\System32\drivers\PMIC.sys [48128 2013-11-02] (Intel Corporation)
R3 rtii2sac; C:\Windows\system32\DRIVERS\rtii2sac.sys [149720 2013-12-05] (Realtek Semiconductor Corp.)
S3 RTLU3E8023-W8-32; C:\Windows\system32\DRIVERS\rtu30x86w8.sys [57856 2013-06-18] (Realtek                                            )
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 TXEI; C:\Windows\System32\drivers\TXEI.sys [75792 2014-02-26] (Intel Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [84800 2014-09-22] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [30256 2014-10-14] (Basil Projects)
R0 Wof; C:\Windows\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
R3 WUDFSensorLP; C:\Windows\System32\drivers\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
U0 msahci; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 09:40 - 2015-02-03 09:40 - 01122304 _____ (Farbar) C:\Users\Christian\Desktop\FRST.exe
2015-02-03 09:40 - 2015-02-03 09:40 - 00020039 _____ () C:\Users\Christian\Desktop\FRST.txt
2015-02-03 08:42 - 2015-02-03 09:40 - 00000000 ___DC () C:\FRST
2015-02-03 08:31 - 2015-02-03 08:31 - 00001244 _____ () C:\Users\Christian\Desktop\Revo Uninstaller.lnk
2015-02-03 08:31 - 2015-02-03 08:31 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-02-03 08:01 - 2015-02-03 08:01 - 00000000 ____D () C:\Users\Christian\Desktop\Stempel
2015-02-03 07:54 - 2015-02-03 07:54 - 00000079 _____ () C:\Windows\wininit.ini
2015-02-03 07:41 - 2013-08-22 07:13 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20150203-074155.backup
2015-02-02 16:06 - 2015-02-03 07:54 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-02 16:05 - 2015-02-03 07:54 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-31 21:34 - 2015-01-31 21:34 - 00002219 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-31 21:34 - 2015-01-31 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-31 21:32 - 2015-02-03 09:37 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-31 21:32 - 2015-02-02 21:37 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-28 09:11 - 2013-05-12 02:24 - 47080956 ____C () C:\PICT6467.AVI
2015-01-19 08:57 - 2015-01-29 09:52 - 00000000 ____D () C:\Users\Christian\Desktop\NEU
2015-01-15 08:56 - 2015-02-02 19:28 - 00006711 _____ () C:\Windows\setupact.log
2015-01-15 08:56 - 2015-01-15 08:56 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-14 14:34 - 2014-12-19 06:46 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 14:34 - 2014-12-12 02:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:34 - 2014-12-12 01:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 14:34 - 2014-12-09 04:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 14:34 - 2014-12-08 20:46 - 00485544 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 14:34 - 2014-12-08 20:46 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 14:34 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 14:34 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 14:34 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 14:34 - 2014-12-06 03:36 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 14:34 - 2014-12-06 02:28 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 14:34 - 2014-12-06 02:23 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 14:34 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 14:34 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-14 14:34 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-14 14:34 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 14:34 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-14 14:34 - 2014-10-29 04:07 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 14:34 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-14 14:34 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 14:34 - 2014-10-29 01:49 - 00694272 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-06 11:02 - 2015-01-06 11:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2015-01-06 11:02 - 2015-01-06 11:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2015-01-04 12:06 - 2015-01-04 12:06 - 00000370 _____ () C:\Users\Christian\Desktop\62GB (D) - Verknüpfung.lnk
2015-01-04 12:05 - 2015-01-04 12:05 - 00000478 _____ () C:\Users\Christian\Desktop\OS (C) - Verknüpfung.lnk
2015-01-04 11:55 - 2015-01-04 11:54 - 00000000 ____D () C:\Users\Christian\Desktop\PDF
2015-01-04 11:47 - 2015-01-04 11:47 - 00000634 _____ () C:\Users\Christian\Downloads\Downloads - Verknüpfung.lnk
2015-01-04 10:36 - 2015-01-04 10:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 09:16 - 2014-03-20 04:30 - 01541130 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 09:02 - 2013-08-22 09:17 - 00000000 ____D () C:\Windows\system32\sru
2015-02-03 07:39 - 2013-12-13 21:46 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-03 05:16 - 2013-08-22 09:17 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-02 15:39 - 2014-08-09 08:54 - 00380416 ___SH () C:\Users\Christian\Desktop\Thumbs.db
2015-02-02 12:25 - 2014-11-01 10:10 - 00051200 ___SH () C:\Users\Christian\Downloads\Thumbs.db
2015-02-01 10:19 - 2014-07-12 12:13 - 00000000 ___DO () C:\Users\Christian\SkyDrive
2015-01-31 21:34 - 2014-07-12 12:18 - 00000000 ____D () C:\Program Files\Google
2015-01-31 21:32 - 2014-12-19 08:40 - 00000000 ____D () C:\Users\Christian\AppData\Local\Deployment
2015-01-31 21:29 - 2014-12-09 11:42 - 00004608 _____ () C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-31 20:31 - 2013-08-22 09:17 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-31 00:57 - 2014-07-12 12:09 - 00000000 ____D () C:\Users\Christian
2015-01-30 18:30 - 2013-08-22 08:23 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-29 08:31 - 2013-12-13 21:30 - 00035562 _____ () C:\Windows\PFRO.log
2015-01-29 08:31 - 2013-08-22 07:13 - 00786432 ___SH () C:\Windows\system32\config\BBI
2015-01-28 09:21 - 2013-08-22 09:05 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-24 21:20 - 2014-07-15 19:51 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-07-15 19:51 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-22 10:43 - 2014-09-15 10:13 - 00000000 ___HD () C:\Users\Christian\Desktop\[Originaldateien]
2015-01-16 18:14 - 2014-07-12 20:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 18:08 - 2014-07-12 20:39 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-06 11:02 - 2013-08-22 09:17 - 00000000 ____D () C:\Windows\system32\pt-PT
2015-01-06 11:02 - 2013-08-22 09:17 - 00000000 ____D () C:\Windows\system32\pt-BR
2015-01-06 11:02 - 2013-08-22 09:17 - 00000000 ____D () C:\Windows\system32\nl-NL
2015-01-06 11:02 - 2013-08-22 09:17 - 00000000 ____D () C:\Windows\system32\it-IT
2015-01-06 11:02 - 2013-08-22 09:17 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-01-06 11:02 - 2013-08-22 09:17 - 00000000 ____D () C:\Windows\system32\de-DE

==================== Files in the root of some directories =======

2014-10-14 09:35 - 2014-10-14 09:36 - 0000431 _____ () C:\Program Files\Common Files\TrackerSoftwareInstallerPDFX5SA.log
2014-12-09 11:42 - 2015-01-31 21:29 - 0004608 _____ () C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-22 14:17 - 2014-09-22 14:19 - 0007653 _____ () C:\Users\Christian\AppData\Local\resmon.resmoncfg
2013-12-13 21:38 - 2012-07-30 07:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 21:38 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 21:38 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Christian\AppData\Local\Temp\SetupHomeStudentRetail.x86.de-DE_HomeStudentRetail_MP9N8-2WCGT-DJGGK-W8MK8-VH3T3_act_1_.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-02 02:45

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-02-2015
Ran by Christian at 2015-02-03 09:41:38
Running from C:\Users\Christian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee Pro 2.5 (HKLM\...\{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}) (Version: 2.5.333 - ACD Systems International)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AC Reminder (HKLM\...\{B002B54C-FFE8-4331-8F9B-90CC9366362A}) (Version: 1.0.2 - ASUS)
ASUS Live Update (HKLM\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.6 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.93.99.187.1 - Broadcom Corporation)
DigiFlasher Pro Black Edition v1.6 (HKLM\...\DigiFlasher Pro Black Edition v1.6) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
hppLaserJetService (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCloud (HKLM\...\{8D9592B4-7E22-4D1F-B2CB-B5F0F2F619CB}) (Version: 4.0.3.56 - Apple Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.479 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3417 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1054 - Intel Corporation)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
KMSpico v9.3.1 (HKLM\...\KMSpico_is1) (Version: 9.3.1 - )
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3355523747-1068868726-1384427958-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
moDiag 2.8.601 (HKLM\...\moDiag_is1) (Version: 2.8.601 - Matthias Tieben)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Realtek I2S Audio (HKLM\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 6.2.9600.4055 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Windows Driver Package - ASUS (AsusHID) Mouse  (12/05/2013 3.0.0.20) (HKLM\...\6E04D9C0B5B96235DF3E4162EA67E311C14CACFF) (Version: 12/05/2013 3.0.0.20 - ASUS)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (09/16/2011 1.5.0) (HKLM\...\FA2D8F33B8798AA7C96E36660A41175DEC901410) (Version: 09/16/2011 1.5.0 - MPP)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3355523747-1068868726-1384427958-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3355523747-1068868726-1384427958-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3355523747-1068868726-1384427958-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3355523747-1068868726-1384427958-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3355523747-1068868726-1384427958-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3355523747-1068868726-1384427958-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)

==================== Restore Points  =========================

02-02-2015 03:09:38 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:13 - 2015-02-03 07:41 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1C14D868-0AC3-4934-8026-86090F404D04} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMKMNMOJPMLMHMNMNMCNPMJJOMOMCNLMNJIMPMCNGMPMLJKMCNOMMMOMIMNMKMKMIMHMNMLMJMJNJICMIMCNGMCNHMFMOMOMCNPMCNGMJMPMPMFMJMCNMMCNGMJMPMPMCNNMJNPICMPMFMFMMMJNHICMEKMICNJJCKJNBJCMMLHJNIGJMILIGJOJBJPNMKMJHJGJDJDJKJNIJNKJCMMJHJBNMIMJHJGJDJDJKJNIPLOJAJBJBNOJLIJNNICMJNDJCMLJKJJNMJCMPMFMPMFMPMJNFICMNIJJIIGJPIKJAJKILIBNKJHIKJ"
Task: {3381129C-8C75-4D84-942F-F43FF401DD8E} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {40544C20-A6BC-4568-B80C-8E52CC3157D4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-06-29] (@ByELDI)
Task: {45ACB3F4-77D2-4668-910B-5D86EC09DC3E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {4FB7AA0B-5CA3-4240-AD46-AB8A7E0F08B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-31] (Google Inc.)
Task: {5C7D6EE6-53E9-4102-B58F-AE1DDE240743} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-16] (Microsoft Corporation)
Task: {5D6B6669-0D50-47FB-8380-3F5B890CF8F7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {634A1CF1-F412-4659-AC4C-4B61FA470D4D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {87A8E732-9E9C-46BC-B40D-D8B16F3583BD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9141B84B-461D-4ED4-936E-BA04527F1B2F} - System32\Tasks\ASUS Live Update1 => C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {92F78273-3362-4813-8D70-71CEFC3B06DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-31] (Google Inc.)
Task: {99762D9C-611E-4BC8-BD7E-835BFEAB1B9F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {9AD5A130-9831-4484-913B-07131EA0CB6F} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {AB19F44C-4EAA-4B7A-9835-309DAD19C610} - System32\Tasks\ASUS AC Reminder => C:\Program Files\ASUS\ASUS AC Reminder\ACReminderSrv.exe [2013-10-14] (ASUSTek Computer INC.)
Task: {D20F2B58-F175-4D87-8602-E80AB9A9AC93} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {E32A3440-21DB-4A05-966E-F5707E47D07E} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {E749CFE7-15C8-4E46-B6D3-72B661D92548} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: {EB544713-C831-4CB4-BBDC-F5C03B1D4B3C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MINIPC-Christian MINIPC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {F50933FD-A85B-4167-BEBB-687382658D6E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FA5E4560-7F26-4915-9895-CA32B792BC2F} - System32\Tasks\ASUS Live Update2 => C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-16 15:42 - 2012-08-31 14:01 - 00151552 _____ () C:\Windows\System32\HP1100LM.DLL
2014-07-16 15:42 - 2012-08-31 14:01 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2014-08-09 10:21 - 2014-05-20 02:11 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-04-27 11:24 - 2013-04-27 11:24 - 00071680 _____ () C:\Program Files\ASUS\ASUS Live Update\checkmetro.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 14:46 - 2013-02-14 14:46 - 01044048 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-11-11 09:03 - 2014-11-11 09:04 - 01307136 _____ () C:\Program Files\WindowsApps\18742WernerStrmer.SchnapsenmitKarlFree_1.0.1.1_x86__amcmeq3wtsmd2\Schnapsen_mit_Karl_Free.exe
2015-01-31 21:34 - 2015-01-27 04:44 - 01117512 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libglesv2.dll
2015-01-31 21:34 - 2015-01-27 04:44 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libegl.dll
2015-01-31 21:34 - 2015-01-27 04:44 - 09171272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:C68DE4A3
AlternateDataStreams: C:\Users\Christian\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3355523747-1068868726-1384427958-1001\...\StartupApproved\Run: => "Device Detector"
HKU\S-1-5-21-3355523747-1068868726-1384427958-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3355523747-1068868726-1384427958-1001\...\StartupApproved\Run: => "ApplePhotoStreams"

========================= Accounts: ==========================

Administrator (S-1-5-21-3355523747-1068868726-1384427958-500 - Administrator - Disabled)
Christian (S-1-5-21-3355523747-1068868726-1384427958-1001 - Administrator - Enabled) => C:\Users\Christian
Gast (S-1-5-21-3355523747-1068868726-1384427958-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3355523747-1068868726-1384427958-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2015 05:21:57 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/03/2015 05:21:56 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/03/2015 05:21:55 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/03/2015 05:18:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/03/2015 05:18:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/03/2015 05:18:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/02/2015 09:35:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (02/02/2015 02:59:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Recovery" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (02/02/2015 02:47:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/02/2015 02:47:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (02/03/2015 08:19:51 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (02/02/2015 06:23:42 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WMPNetworkSvc erreicht.

Error: (02/02/2015 04:40:38 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (02/02/2015 04:40:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/02/2015 04:40:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (02/02/2015 03:41:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WMPNetworkSvc erreicht.

Error: (02/02/2015 02:46:28 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (02/02/2015 02:40:22 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (02/02/2015 02:40:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/02/2015 02:40:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.


Microsoft Office Sessions:
=========================
Error: (02/03/2015 05:21:57 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win7\AsusTPDrv\x64\dpinst.exe

Error: (02/03/2015 05:21:56 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win8\AsusTPDrv\x64\dpinst.exe

Error: (02/03/2015 05:21:55 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win81\AsusTPDrv\x64\dpinst.exe

Error: (02/03/2015 05:18:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win7\AsusTPDrv\x64\dpinst.exe

Error: (02/03/2015 05:18:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win8\AsusTPDrv\x64\dpinst.exe

Error: (02/03/2015 05:18:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win81\AsusTPDrv\x64\dpinst.exe

Error: (02/02/2015 09:35:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (02/02/2015 02:59:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: RecoveryFalscher Parameter. (0x80070057)

Error: (02/02/2015 02:47:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win7\AsusTPDrv\x64\dpinst.exe

Error: (02/02/2015 02:47:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win8\AsusTPDrv\x64\dpinst.exe


CodeIntegrity Errors:
===================================
  Date: 2015-02-03 07:23:27.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-03 07:23:27.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-03 07:23:27.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-03 07:23:25.812
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-03 07:23:25.786
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-03 05:34:37.507
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-03 05:34:37.492
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-03 05:34:37.460
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-03 05:34:37.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-03 05:34:37.288
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Atom(TM) CPU Z3740 @ 1.33GHz
Percentage of memory in use: 72%
Total physical RAM: 1933.15 MB
Available physical RAM: 522.69 MB
Total Pagefile: 3287.62 MB
Available Pagefile: 1011.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:28.22 GB) (Free:5.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (62GB) (Removable) (Total:62.48 GB) (Free:30.83 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: 0006C51A)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 62.5 GB) (Disk ID: 0005FFB4)
Partition 1: (Active) - (Size=62.5 GB) - (Type=0B)

==================== End Of Log ============================
         
Angehängte Dateien
Dateityp: txt FRST.txt (28,7 KB, 121x aufgerufen)

Geändert von chester36 (03.02.2015 um 09:17 Uhr)

Alt 03.02.2015, 08:54   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Chrome öffner immer 2 Registerkarten mit Werbung/Spielen usw. - Standard

Chrome öffner immer 2 Registerkarten mit Werbung/Spielen usw.



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Antwort

Themen zu Chrome öffner immer 2 Registerkarten mit Werbung/Spielen usw.
anderes, entfernt, fragt, google, hallo zusammen, kmspico, launch, namens, nichts, popup, registerkarte, registerkarten, runterladen, scan, scanning, seite, spiele, tagen, tools, verlasse, verlassen, werbung, win, wirklich, zusammen, zusätzlich, öffnet



Ähnliche Themen: Chrome öffner immer 2 Registerkarten mit Werbung/Spielen usw.


  1. Chrome öffnet bei Klick auf Link Werbung & Werbung PopUps im Browser
    Plagegeister aller Art und deren Bekämpfung - 03.11.2015 (1)
  2. Windows 8.1 mit Bing : Google Chrome öffnet Fenster mit Spielen, Wettseiten und sonstigen
    Log-Analyse und Auswertung - 17.07.2015 (9)
  3. Chrome öffnet regelmäßig immer zwei Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 21.03.2015 (9)
  4. Chrome plötzlich langsam und Fps-Probleme in Spielen!
    Plagegeister aller Art und deren Bekämpfung - 18.01.2015 (12)
  5. Chrome öffnet immer wieder Werbung
    Log-Analyse und Auswertung - 30.08.2014 (8)
  6. Windows 8: Firefox und Chrome spielen verrückt
    Log-Analyse und Auswertung - 08.05.2014 (15)
  7. Chrome plötzlich voll mit pop up werbung und es öffnen sich beim Klicken auf Links falsche Seiten mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 05.05.2014 (3)
  8. Werbung bei Chrome - trotz Adblock seltsame Werbung
    Plagegeister aller Art und deren Bekämpfung - 16.09.2013 (5)
  9. Warum stürzt mein PC beim spielen immer ab ?
    Alles rund um Windows - 26.12.2012 (5)
  10. Beim Versuch Online zu spielen hab ich das Problem dass mein Ping/ Latenz immer zu hoch ist!
    Log-Analyse und Auswertung - 29.09.2010 (0)
  11. Registerkarten öffnen sich permanent mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 26.03.2009 (21)
  12. Laufend neue Registerkarten mit Werbung
    Log-Analyse und Auswertung - 06.03.2009 (19)
  13. trojaner (popup öffner)
    Log-Analyse und Auswertung - 12.03.2008 (5)
  14. Pc Stürzt beim Spielen immer ab
    Log-Analyse und Auswertung - 11.04.2007 (6)
  15. Pc bricht immer in den Spielen ab
    Alles rund um Windows - 23.03.2007 (2)
  16. Bei start von icq öffner sich fenster unten rechts mit werbung
    Log-Analyse und Auswertung - 02.08.2005 (2)
  17. PC stürzt immer bei spielen ab
    Alles rund um Windows - 14.12.2004 (3)

Zum Thema Chrome öffner immer 2 Registerkarten mit Werbung/Spielen usw. - Hallo Zusammen! Seit 2 Tagen öffnet Google Chrome immer 2 Registerkarten mit Werbung Spielen oder mit irgendwelchen Scanning Tools die ich runterladen soll. Zusätzlich fragt mich ein anderes popup, wollen - Chrome öffner immer 2 Registerkarten mit Werbung/Spielen usw....
Archiv
Du betrachtest: Chrome öffner immer 2 Registerkarten mit Werbung/Spielen usw. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.