| wolly0209 | 18.04.2014 15:39 |
Snap.do und Sanp.do engine lassen sich nicht aus Systemsteuerung entfernen
Hier die frst.txt:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-04-2014 01
Ran by xxx (administrator) on HODAN-LAPTOP on 18-04-2014 16:26:50
Running from C:\Users\xxx\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Google) C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_182_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [OPSE reminder] => "C:\Program Files\ScanSoft\OmniPageSE2.0\EregGer\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregGer\ereg.ini"
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-02] (Apple Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap.dll [982232 2013-12-10] (NVIDIA Corporation)
HKU\S-1-5-21-1598076674-1139964559-1205766370-1001\...\MountPoints2: {cfaa2137-7da3-11e1-b82a-001f1614721a} - H:\autorun.exe setup.exe -suppressUpToDateInfo
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x17946135C7D2CC00
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ycmfar0d.default
FF Homepage: hxxp://192.168.178.1/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Snap.Do - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ycmfar0d.default\Extensions\{3dfb2c3b-d442-99b1-f854-4556b56061a6} [2014-04-09]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: hxxp://192.168.178.1/
CHR StartupUrls: "hxxp://192.168.178.1/"
CHR DefaultSearchKeyword: search.snapdo.com
CHR DefaultSearchProvider: Web
CHR DefaultSearchURL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bo9KEfZ_1cdn4mTZFiAfeV8SqAsM1aIp690Wf4xa9eMCj7k4vwYOS8Gv2QeMkyOb5Yg7d7SlITQJQk5Gp9kZKV0fKH3SUK1zHrFZr3LR32LheJv8kZJOBj7UmORWFByP&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-15]
CHR Extension: (Google Wallet) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8238384 2014-02-24] (DisplayLink Corp.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14658848 2013-12-10] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64000 2009-07-14] (AVM GmbH)
R3 AX88772; C:\Windows\System32\DRIVERS\ax88772.sys [69632 2013-12-03] (ASIX Electronics Corp.)
R3 DisplayLinkUsbIo; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_7.5.54018.0.sys [38192 2014-02-25] ()
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [340784 2014-02-24] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [16688 2014-02-24] (DisplayLink Corp.)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 FXUSBASE; C:\Windows\System32\DRIVERS\fxusbase.sys [588928 2009-07-14] (AVM Berlin)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
S3 LAN9500; C:\Windows\System32\DRIVERS\lan9500-x86-n51f.sys [57344 2012-04-03] (SMSC)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-05] (NVIDIA Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-03] (Avira GmbH)
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_6.3.40660.0.sys [X]
S3 dlcdbus; system32\DRIVERS\dlcdbus.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-18 16:26 - 2014-04-18 16:27 - 00012286 _____ () C:\Users\xxx\Desktop\FRST.txt
2014-04-18 16:26 - 2014-04-18 16:26 - 00000000 ____D () C:\FRST
2014-04-18 16:25 - 2014-04-18 16:25 - 01146880 _____ (Farbar) C:\Users\xxx\Desktop\FRST.exe
2014-04-18 11:10 - 2014-04-18 11:30 - 00000000 ____D () C:\AdwCleaner
2014-04-18 11:08 - 2014-04-18 11:08 - 01426178 _____ () C:\Users\xxx\Downloads\adwcleaner.exe
2014-04-18 10:07 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-18 10:07 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 10:07 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 10:07 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 10:05 - 2014-04-18 10:07 - 00004212 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-10 22:58 - 2014-04-10 22:58 - 00000000 __SHD () C:\Users\xxx\AppData\Local\EmieUserList
2014-04-10 22:58 - 2014-04-10 22:58 - 00000000 __SHD () C:\Users\xxx\AppData\Local\EmieSiteList
2014-04-10 12:50 - 2014-04-18 12:50 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\FileAdvisor
2014-04-10 10:30 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 10:30 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 10:30 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 10:30 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 10:30 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 10:30 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 10:30 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 10:30 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 10:30 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 10:30 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 10:30 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 10:30 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 10:30 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 10:30 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 10:30 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 10:30 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 10:30 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 10:30 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 10:30 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 10:30 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 10:30 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 10:30 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 10:30 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 10:30 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 10:30 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 10:30 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 10:25 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 10:25 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 10:25 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 10:25 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 10:25 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 10:25 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 12:49 - 2014-04-18 12:50 - 00000000 ____D () C:\Program Files\File Type Advisor
2014-03-28 17:45 - 2014-02-24 10:52 - 00340784 _____ (DisplayLink Corp.) C:\Windows\system32\Drivers\dlkmd.sys
2014-03-28 17:45 - 2014-02-24 10:52 - 00016688 _____ (DisplayLink Corp.) C:\Windows\system32\Drivers\dlkmdldr.sys
==================== One Month Modified Files and Folders =======
2014-04-18 16:27 - 2014-04-18 16:26 - 00012286 _____ () C:\Users\xxx\Desktop\FRST.txt
2014-04-18 16:26 - 2014-04-18 16:26 - 00000000 ____D () C:\FRST
2014-04-18 16:25 - 2014-04-18 16:25 - 01146880 _____ (Farbar) C:\Users\xxx\Desktop\FRST.exe
2014-04-18 16:16 - 2012-03-31 21:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-18 15:40 - 2012-11-16 18:31 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-18 12:50 - 2014-04-10 12:50 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\FileAdvisor
2014-04-18 12:50 - 2014-04-09 12:49 - 00000000 ____D () C:\Program Files\File Type Advisor
2014-04-18 11:39 - 2010-11-20 23:01 - 01629442 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-18 11:39 - 2009-07-14 06:34 - 00022048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-18 11:39 - 2009-07-14 06:34 - 00022048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-18 11:35 - 2012-01-14 15:47 - 01993433 _____ () C:\Windows\WindowsUpdate.log
2014-04-18 11:32 - 2012-11-16 18:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-18 11:31 - 2012-01-16 19:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-18 11:31 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-18 11:31 - 2009-07-14 06:39 - 00106616 _____ () C:\Windows\setupact.log
2014-04-18 11:30 - 2014-04-18 11:10 - 00000000 ____D () C:\AdwCleaner
2014-04-18 11:16 - 2012-11-16 18:30 - 00000000 ____D () C:\Program Files\Google
2014-04-18 11:16 - 2010-11-20 23:48 - 00878332 _____ () C:\Windows\PFRO.log
2014-04-18 11:08 - 2014-04-18 11:08 - 01426178 _____ () C:\Users\xxx\Downloads\adwcleaner.exe
2014-04-18 10:57 - 2012-11-16 18:30 - 00000000 ____D () C:\Users\xxx\AppData\Local\Google
2014-04-18 10:09 - 2013-11-24 14:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 10:07 - 2014-04-18 10:05 - 00004212 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-18 10:07 - 2012-12-28 00:13 - 00000000 ____D () C:\Program Files\Java
2014-04-16 18:43 - 2012-01-15 10:47 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Mp3tag
2014-04-14 20:13 - 2014-04-18 10:07 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-04-18 10:07 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-14 20:05 - 2014-04-18 10:07 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-14 20:04 - 2014-04-18 10:07 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-14 09:01 - 2012-01-16 22:49 - 00000000 ____D () C:\Users\xxx\AppData\Local\Adobe
2014-04-14 09:00 - 2012-03-31 21:47 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-14 09:00 - 2012-01-15 14:57 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-11 18:38 - 2013-05-25 16:54 - 00000000 ____D () C:\Users\xxx\Documents\Online-BankingPlus
2014-04-11 11:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-10 22:58 - 2014-04-10 22:58 - 00000000 __SHD () C:\Users\xxx\AppData\Local\EmieUserList
2014-04-10 22:58 - 2014-04-10 22:58 - 00000000 __SHD () C:\Users\xxx\AppData\Local\EmieSiteList
2014-04-10 22:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-10 10:33 - 2009-07-14 04:04 - 00000528 _____ () C:\Windows\win.ini
2014-04-10 10:30 - 2013-07-11 18:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 10:27 - 2012-01-14 17:27 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 18:28 - 2012-01-15 15:10 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Free YouTube to MP3 Converter Studio
2014-04-09 14:42 - 2012-09-02 17:43 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\MyPhoneExplorer
2014-04-09 13:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Registration
2014-04-09 12:49 - 2012-01-15 15:10 - 00000000 ____D () C:\Program Files\Free YouTube to MP3 Converter Studio
2014-04-01 18:13 - 2013-12-01 12:59 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\HpUpdate
2014-03-28 18:15 - 2012-04-03 20:40 - 00000000 ____D () C:\Users\xxx\AppData\Local\FRITZ!
2014-03-28 17:45 - 2012-04-12 18:21 - 00000000 ____D () C:\Program Files\DisplayLink Core Software
2014-03-26 19:06 - 2012-09-24 21:26 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-26 19:05 - 2012-11-12 21:29 - 00000000 ____D () C:\Program Files\Microsoft Security Client
Some content of TEMP:
====================
C:\Users\Jutta\AppData\Local\Temp\AskSLib.dll
C:\Users\Jutta\AppData\Local\Temp\avgnt.exe
C:\Users\xxx\AppData\Local\Temp\avgnt.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\xxx\AppData\Local\Temp\nvStInst.exe
C:\Users\xxx\AppData\Local\Temp\Quarantine.exe
C:\Users\xxx\AppData\Local\Temp\tmp426F.exe
C:\Users\xxx\AppData\Local\Temp\tmpFAB5.exe
C:\Users\xxx\AppData\Local\Temp\unrar.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-09 10:18
==================== End Of Log ============================
--- --- ---
--- --- ---
und hier die Additon.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-04-2014 01
Ran by xxx at 2014-04-18 16:27:29
Running from C:\Users\xxx\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{343666E2-A059-48AC-AD67-230BF74E2DB2}) (Version: 2.1.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8153ED9A-C94A-426E-9880-5E6775C08B62}) (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ! (HKLM\...\FRITZ! 2.0) (Version: - AVM Berlin)
CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Chart Navigator Light (HKLM\...\Chart Navigator Light) (Version: - )
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DisplayLink Core Software (HKLM\...\{ED278935-5D2E-4A11-BD83-06B15367A59B}) (Version: 7.5.54018.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{848275F8-110A-48FA-8FCF-3F28F93F87BD}) (Version: 5.5.29194.0 - DisplayLink Corp.)
Easy-WebPrint (HKLM\...\Easy-WebPrint) (Version: - )
Feurio! CD-Writer (HKLM\...\Feurio) (Version: - )
File Type Advisor 1.3 (HKLM\...\File Type Advisor_is1) (Version: - filetypeadvisor.com)
FinePrint (HKLM\...\FinePrint) (Version: 6.25 - FinePrint Software, LLC)
Free M4a to MP3 Converter 7.0 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free WMA to MP3 Converter 1.08 (HKLM\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
Free YouTube to MP3 Converter Studio 8.2 (HKLM\...\Free YouTube to MP3 Converter Studio_is1) (Version: - ManiacTools.com)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Calendar Sync (HKLM\...\Google Calendar Sync) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{9F9D4CE4-E4B9-4745-98C9-5A934DD0CE8C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Hilfe (HKLM\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LPT System Updater Service (Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Basic Edition 2003 (HKLM\...\{91130407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 21.0 (x86 de) (HKLM\...\Mozilla Firefox 21.0 (x86 de)) (Version: 21.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 21.0 - Mozilla)
Mp3tag v2.58 (HKLM\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.6 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Online-Banking+ (HKLM\...\Online-Banking+) (Version: - Buhl Data Service GmbH)
Online-Banking+ (Version: 15.2.1.18 - Buhl Data Service GmbH) Hidden
PolarEdit9750 v 0.2.6 (HKLM\...\{086AB3E1-D390-4B30-8EF3-A28AE0AD76B7}_is1) (Version: - Polarstern)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Snap.Do (HKLM\...\{D08D2971-64C8-43FA-B251-E0BBBE9E87E3}) (Version: 11.42.1.16270 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKCU\...\{81831c69-b261-4d68-8a80-b90b510e1cf6}) (Version: 11.42.1.16270 - ReSoft Ltd.) <==== ATTENTION
streamWriter (HKLM\...\streamWriter_is1) (Version: - )
Sun Secure Global Desktop Client (HKLM\...\{C9F28F40-BB2E-4A83-9DA1-D04916310D42}) (Version: 4.50.907 - Ihr Firmenname)
USB PortReplicator PR07 (HKLM\...\{1617DDB6-D786-46A0-9A68-912603B9A2DF}) (Version: 1.01 - Fujitsu)
Winamp (HKLM\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
WinRAR Archivierer (HKLM\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
26-03-2014 16:53:07 Windows Update
26-03-2014 17:04:49 Windows Update
28-03-2014 15:42:17 Installed DisplayLink Core Software
30-03-2014 08:06:44 Windows Update
30-03-2014 17:00:09 Windows-Sicherung
02-04-2014 16:06:57 Windows Update
06-04-2014 08:15:29 Windows Update
06-04-2014 17:00:13 Windows-Sicherung
10-04-2014 08:25:44 Windows Update
13-04-2014 13:53:36 Windows Update
13-04-2014 17:00:12 Windows-Sicherung
18-04-2014 08:04:47 Installed Java 7 Update 55
18-04-2014 08:10:53 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {267A808D-9527-4ACA-8CA1-EA5620D7278C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated)
Task: {3D2676CA-FC19-49D3-A7DD-77BB26FA08A7} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {680BA395-EDFC-487C-B8E7-719C27BAC06D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-16] (Google Inc.)
Task: {855970AE-96F0-46C9-8FB6-684279C7330A} - System32\Tasks\FileAdvisorCheck => C:\Program Files\File Type Advisor\file-type-advisor.exe [2013-08-19] (filetypeadvisor.com )
Task: {C8B21A06-E909-4BDA-A0BD-074CD6BD24ED} - System32\Tasks\FileAdvisorUpdate => C:\Program Files\File Type Advisor\fileadvisor.exe [2013-08-19] (File Type Advisor)
Task: {D388AA40-6F03-4684-BF07-FE353E16B39F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-16] (Google Inc.)
Task: {DF375268-0E22-4BB8-9039-31AD1AFD3AA5} - System32\Tasks\{38E2B3E4-2EBB-4DE4-93BF-3BE8D04D5C1B} => C:\Program Files\Musikminister\MM.EXE [1992-12-01] ()
Task: {E3A7EF3D-EF08-42CA-A3D3-05307467E4F8} - System32\Tasks\{29BD7A74-F235-4885-9F8E-AE6734B59778} => C:\android-sdk\SDKManager.exe
Task: {F2BBF9F2-88F2-4269-97AC-1A5282A6E777} - System32\Tasks\{989A62EC-10D4-4E0D-9E6C-88E2A1E990D1} => C:\android-sdk\SDKManager.exe
Task: {F3829216-E3D0-4E6A-A045-D845BFCB48E8} - System32\Tasks\{DD073320-1F60-42A3-A305-1EF81B855F6B} => C:\Program Files\Musikminister\MM.EXE [1992-12-01] ()
Task: {FE1C9DF1-0CDA-43CF-BAE6-C1980535F04C} - System32\Tasks\{D81AF0BC-6C24-45B6-BA00-A254626D557E} => C:\Program Files\Musikminister\MM.EXE [1992-12-01] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-01-15 19:05 - 2014-03-04 14:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-03-03 16:24 - 2013-03-03 16:17 - 00397704 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/18/2014 03:33:21 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (04/18/2014 00:22:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/18/2014 11:33:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2014 11:30:47 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (04/18/2014 11:18:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2014 10:18:16 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (04/18/2014 10:04:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.5, Zeitstempel: 0x5224f76d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb10c6
Ausnahmecode: 0xc000008f
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0xdf8
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Error: (04/18/2014 09:59:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/16/2014 09:29:48 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/16/2014 09:06:21 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
System errors:
=============
Error: (04/18/2014 09:58:38 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (04/18/2014 09:58:36 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (04/18/2014 09:58:36 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (04/16/2014 00:59:30 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/16/2014 10:57:33 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/16/2014 10:57:32 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/16/2014 10:57:32 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/16/2014 08:32:33 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (04/16/2014 08:31:33 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (04/16/2014 08:29:45 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Microsoft Office Sessions:
=========================
Error: (04/18/2014 03:33:21 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (04/18/2014 00:22:37 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 3520 series\DriverStore\Pipeline\amd64\hpinkinsB011.exe
Error: (04/18/2014 11:33:25 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2014 11:30:47 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (04/18/2014 11:18:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2014 10:18:16 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (04/18/2014 10:04:00 AM) (Source: Application Error)(User: )
Description: MyPhoneExplorer.exe1.8.0.55224f76dKERNELBASE.dll6.1.7601.1822951fb10c6c000008f0000812fdf801cf5adc8d93efc3C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exeC:\Windows\system32\KERNELBASE.dllfeffbc26-c6cf-11e3-8f41-0050b652542c
Error: (04/18/2014 09:59:20 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/16/2014 09:29:48 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 3520 series\DriverStore\Pipeline\amd64\hpinkinsB011.exe
Error: (04/16/2014 09:06:21 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
==================== Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 3066.88 MB
Available physical RAM: 1975.15 MB
Total Pagefile: 6132.04 MB
Available Pagefile: 4886.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.39 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:278.08 GB) (Free:230.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (SICHERUNG) (Fixed) (Total:20 GB) (Free:8.72 GB) FAT32
Drive g: (DATEN 4) (Fixed) (Total:931.28 GB) (Free:467.4 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 366F456C)
Partition 1: (Active) - (Size=278 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=0C)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 48AF3B0C)
Partition 1: (Active) - (Size=932 GB) - (Type=0C)
==================== End Of Log ============================
Ich habe den Namen durch "xxx" ersetzt.
Danke für die weitere Hilfe.
wolly0209 |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
