Win7 PC langsam und hängt oft! Antispy Alarm

Bitubo · 17.03.2014, 10:50

Hallo schrauber

Vielen Dank für Ihre Geduld. ich weiss leider nicht was Sie mit Codetags meinen. Was muss ich den einstellen?

Beste Grüsse

Hier das ADW Cleaner LOG:AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 17/03/2014 um 10:18:47
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Marty - MARTY-HP
# Gestartet von : C:\Users\Marty\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Datei Gelöscht : C:\Windows\System32\roboot64.exe

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\SpeedMaxPC
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\SpeedMaxPC
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1:9421;<local>

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


*************************

AdwCleaner[R0].txt - [5194 octets] - [16/03/2014 14:26:45]
AdwCleaner[R1].txt - [2070 octets] - [17/03/2014 10:12:39]
AdwCleaner[S0].txt - [2052 octets] - [17/03/2014 10:18:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2112 octets] ##########

--- --- ---

Hier das Malwarebytes Antimaleware Log.txt

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.17.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Marty :: MARTY-HP [Administrator]

17.03.2014 10:31:32
mbam-log-2014-03-17 (10-31-32).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 228320
Laufzeit: 5 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1578E0C-7554-4980-A160-D0F4F7D8AF47} (PUP.Optional.PursuePoint.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1578E0C-7554-4980-A160-D0F4F7D8AF47} (PUP.Optional.PursuePoint.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\$RECYCLE.BIN\S-1-5-21-235128457-942058757-4155314245-1001\$RDJS2G6.zip (PUP.Optional.SearchEnhancementTool.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$RECYCLE.BIN\S-1-5-21-235128457-942058757-4155314245-1001\$RL6GBG9.zip (PUP.Optional.SearchEnhancementTool.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Hier noch das JRT zum Schluss ;-)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Marty on 17.03.2014 at 10:44:12.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Marty\appdata\local\{3E4CDB90-DA44-4D22-9627-5280186C05C2}
Successfully deleted: [Empty Folder] C:\Users\Marty\appdata\local\{CB2B5FFA-279E-4414-BF62-8B5A2807CDA4}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.03.2014 at 10:49:14.65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber · 18.03.2014, 10:28

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Bitubo · 18.03.2014, 22:37

Hallo schrauber hier noch das Eset log:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e135f65901cedd42918c75f4cd585548
# engine=17489
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-18 03:10:45
# local_time=2014-03-18 04:10:45 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 106773 146785295 0 0
# scanned=305304
# found=0
# cleaned=0
# scan_time=17381

hier der Security checker:

Code:

ATTFilter

Results of screen317's Security Check version 0.99.80  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 51  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 x64 klwtblfs.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Hier zuletzt noch das FRST64 ;-)

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Marty (administrator) on MARTY-HP on 18-03-2014 22:30:13
Running from C:\Users\Marty\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(TuneClone.COM) C:\Program Files\TuneClone\TuneClone.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_77_ActiveX.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\klwtblfs.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [TuneClone] - C:\Program Files\TuneClone\TuneClone.exe [4550656 2012-02-24] (TuneClone.COM)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [Seagate Scheduler2 Service] - C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395624 2011-06-30] (Seagate)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-11-27] (Sony Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] - C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [2674104 2011-06-30] ()
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-12] (Hewlett-Packard)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1715768 2010-09-28] (Hewlett-Packard)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Policies\system: [DisableChangePassword] 0
AppInit_DLLs:  =>  File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ricardo.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {64F4A7CE-4957-4EF0-B481-F121CFFB9D22} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deCH491
SearchScopes: HKCU - {637B8B8E-D70F-4D12-BEC4-06B8EE08CD01} URL = 
SearchScopes: HKCU - {64F4A7CE-4957-4EF0-B481-F121CFFB9D22} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deCH491
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {1D053BB5-C922-44E3-9910-66585F017505} -  No File
DPF: HKLM {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-02] (Kaspersky Lab ZAO)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2012-11-28] (Fork Ltd.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [267824 2007-05-04] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-07] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-02-18] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [624224 2014-02-18] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-02] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2013-12-19] (Kaspersky Lab ZAO)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tclondrv; C:\Windows\System32\DRIVERS\tclondrv.sys [26856 2012-02-24] (TuneClone Software)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2014-03-03] (Acronis)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-18 22:30 - 2014-03-18 22:30 - 00015991 _____ () C:\Users\Marty\Downloads\FRST.txt
2014-03-18 22:29 - 2014-03-18 22:29 - 02157056 _____ (Farbar) C:\Users\Marty\Downloads\FRST64.exe
2014-03-18 20:53 - 2014-03-18 20:54 - 00000000 ____D () C:\Users\Marty\AppData\Local\{BD93E30C-8407-4706-9345-FC30A9A64808}
2014-03-18 18:06 - 2014-03-18 18:06 - 00987442 _____ () C:\Users\Marty\Downloads\SecurityCheck.exe
2014-03-18 11:19 - 2014-03-18 11:19 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-18 11:18 - 2014-03-18 11:19 - 02347384 _____ (ESET) C:\Users\Marty\Downloads\esetsmartinstaller_enu.exe
2014-03-18 07:58 - 2014-03-18 07:58 - 00000000 ____D () C:\Users\Marty\AppData\Local\{8E10CB7B-0F37-4250-82BA-AEA55E47D89F}
2014-03-18 06:39 - 2014-03-18 06:39 - 00000000 ____D () C:\Users\Marty\Documents\TuneClone
2014-03-17 19:55 - 2014-03-17 19:55 - 00000000 ____D () C:\Users\Marty\AppData\Local\{3AF23EDB-15AF-475D-87F5-686405B5E1D9}
2014-03-17 02:42 - 2014-03-17 02:42 - 01200742 _____ () C:\Users\Marty\Downloads\Schaub_Goldklang_58.zip
2014-03-16 14:35 - 2014-03-16 14:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 10:34 - 2014-03-16 14:35 - 01037734 _____ (Thisisu) C:\Users\Marty\Downloads\JRT.exe
2014-03-16 10:33 - 2014-03-17 10:18 - 00000000 ____D () C:\AdwCleaner
2014-03-16 10:33 - 2014-03-16 10:33 - 01950720 _____ () C:\Users\Marty\Downloads\adwcleaner.exe
2014-03-16 10:32 - 2014-03-16 10:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marty\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-16 07:52 - 2014-03-16 19:32 - 00000000 ____D () C:\Users\Marty\Desktop\2 Wochen Text
2014-03-12 02:49 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 02:49 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 02:49 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 02:49 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 02:49 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 02:49 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 02:49 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 02:49 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 02:49 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 02:49 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 02:49 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 02:49 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 02:49 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 02:49 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 02:49 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 02:49 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 02:49 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 02:49 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 02:49 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 02:49 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 02:49 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 02:49 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 02:49 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 02:49 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 02:49 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 02:49 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 02:49 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 02:49 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 02:49 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 02:49 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 02:49 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 02:49 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 02:49 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 02:49 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 02:49 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 02:49 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 02:49 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 02:49 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 02:49 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 02:49 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 02:49 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 02:49 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 02:49 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 02:49 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 02:49 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 02:49 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 02:47 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 02:47 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 02:16 - 2014-03-12 02:17 - 63320784 _____ (Microsoft Corporation) C:\Users\Marty\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-03-11 00:04 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-10 23:51 - 2014-03-10 23:56 - 276758080 _____ (NVIDIA Corporation) C:\Users\Marty\Downloads\335.23-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-03-10 22:15 - 2014-03-10 22:15 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-10 22:06 - 2014-03-10 22:30 - 00003706 _____ () C:\Windows\System32\Tasks\Registration
2014-03-10 21:49 - 2014-03-04 15:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-10 21:49 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-10 21:49 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-10 19:41 - 2013-08-27 08:08 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-03-10 19:41 - 2013-08-27 08:08 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-03-10 18:32 - 2014-03-10 18:32 - 00030003 _____ () C:\ComboFix.txt
2014-03-10 18:11 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-10 18:11 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-10 18:11 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-10 18:11 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-10 18:11 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-10 18:11 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-10 18:11 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-10 18:11 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-10 18:08 - 2014-03-10 18:32 - 00000000 ____D () C:\Qoobox
2014-03-10 18:07 - 2014-03-10 18:31 - 00000000 ____D () C:\Windows\erdnt
2014-03-10 18:07 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-10 18:07 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-10 18:05 - 2014-03-10 18:06 - 05187267 ____R (Swearware) C:\Users\Marty\Downloads\ComboFix.exe
2014-03-10 00:33 - 2014-03-10 00:37 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-03-10 00:33 - 2014-03-10 00:33 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-03-09 22:08 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-03-09 22:08 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-09 22:08 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-09 22:08 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-03-09 22:08 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-03-09 22:08 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-09 22:08 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-09 22:08 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-09 22:08 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-09 22:08 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-09 22:08 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-09 22:08 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-03-09 22:08 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-09 22:08 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-03-09 22:08 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-09 22:08 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-09 22:06 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-09 22:06 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-09 21:59 - 2014-03-12 05:44 - 00000394 _____ () C:\Windows\Tasks\Java(TM) Platform SE Auto Updater (optimized).job
2014-03-09 21:59 - 2014-03-12 05:44 - 00000366 _____ () C:\Windows\Tasks\hpwuSchd Application (optimized).job
2014-03-09 21:59 - 2014-03-09 21:59 - 00003094 _____ () C:\Windows\System32\Tasks\Java(TM) Platform SE Auto Updater (optimized)
2014-03-09 21:59 - 2014-03-09 21:59 - 00003066 _____ () C:\Windows\System32\Tasks\hpwuSchd Application (optimized)
2014-03-09 11:16 - 2014-03-09 11:21 - 00000000 ____D () C:\Users\Marty\Desktop\Fotos Michelle
2014-03-05 01:18 - 2014-03-05 01:18 - 00000000 _____ () C:\autoexec.bat
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-05 01:14 - 2014-03-10 00:14 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-03-05 01:06 - 2014-03-05 01:07 - 00011407 _____ () C:\Users\Marty\Documents\log.xml
2014-03-05 00:18 - 2014-03-10 00:11 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Nico Mak Computing
2014-03-04 10:52 - 2014-03-04 10:52 - 00010046 _____ () C:\Users\Marty\.recently-used.xbel
2014-03-04 01:06 - 2012-01-16 11:06 - 00053248 ____N (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-03-04 01:05 - 2014-03-04 01:05 - 00000000 ____D () C:\Intel
2014-03-03 23:48 - 2014-03-03 23:48 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-03 23:47 - 2014-03-03 23:47 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-03 23:42 - 2014-03-03 23:42 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Seagate
2014-03-03 23:42 - 2014-03-03 23:42 - 00000000 ____D () C:\ProgramData\Seagate
2014-03-03 23:41 - 2014-03-03 23:41 - 00971360 _____ (Acronis) C:\Windows\system32\Drivers\timntr.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00275552 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00210016 _____ (Acronis) C:\Windows\system32\Drivers\vididr.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00141920 _____ (Acronis) C:\Windows\system32\Drivers\vsflt53.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00000000 ____D () C:\Program Files (x86)\Seagate
2014-03-03 23:39 - 2014-03-03 23:39 - 00003124 _____ () C:\Windows\System32\Tasks\{D61F51F5-7647-4029-B5A3-B7E2E38DB974}
2014-03-03 16:01 - 2014-03-03 16:01 - 00000000 ____D () C:\Users\Marty\Downloads\backups
2014-03-03 15:31 - 2014-03-09 16:16 - 00047833 _____ () C:\Users\Marty\Downloads\Addition.txt
2014-03-03 15:30 - 2014-03-18 22:30 - 00000000 ____D () C:\FRST
2014-03-03 15:05 - 2014-03-03 23:39 - 152117008 _____ () C:\Users\Marty\Downloads\DiscWizardSetup-14387.de.exe
2014-03-02 16:55 - 2014-03-02 16:56 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 16:55 - 2014-03-02 16:56 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 16:55 - 2014-03-02 16:56 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-02 16:55 - 2014-03-02 16:55 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 16:49 - 2014-03-02 16:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-26 18:51 - 2014-03-04 10:44 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\gtk-2.0
2014-02-26 18:39 - 2014-02-26 18:39 - 00000000 ____D () C:\Users\Marty\.thumbnails
2014-02-26 18:34 - 2014-02-26 18:35 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-235128457-942058757-4155314245-1001
2014-02-26 18:34 - 2014-02-26 18:35 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-235128457-942058757-4155314245-1001
2014-02-26 18:33 - 2014-03-04 10:51 - 00000000 ____D () C:\Users\Marty\.gimp-2.6
2014-02-26 18:33 - 2014-02-27 00:30 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-26 18:33 - 2014-02-26 18:33 - 00000000 ____D () C:\Users\Marty\Documents\gegl-0.0
2014-02-26 18:32 - 2014-02-27 00:30 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Real
2014-02-26 18:31 - 2014-02-27 00:30 - 00000000 ____D () C:\ProgramData\Real
2014-02-26 18:31 - 2014-02-26 18:37 - 00001057 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-02-26 18:31 - 2014-02-26 18:31 - 00000000 ____D () C:\Program Files (x86)\GIMP-2.0
2014-02-26 18:25 - 2014-02-27 00:31 - 00000000 ____D () C:\Program Files (x86)\PursuePoint
2014-02-26 07:57 - 2014-02-26 07:57 - 00000000 ____D () C:\Users\Marty\Desktop\Bilder Frau Borter
2014-02-26 06:39 - 2014-02-26 06:39 - 00030720 _____ () C:\Users\Marty\Desktop\FC Rotkreuz.xls
2014-02-20 01:18 - 2014-02-20 01:18 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-02-19 00:52 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-02-19 00:52 - 2010-05-26 11:41 - 00470880 ____N (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-02-19 00:52 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-02-19 00:52 - 2010-05-26 11:41 - 00248672 ____N (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-02-19 00:51 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-02-19 00:51 - 2010-05-26 11:41 - 01998168 ____N (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-02-19 00:50 - 2014-02-19 00:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-19 00:50 - 2014-02-05 10:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-19 00:50 - 2014-02-05 10:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-19 00:45 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-19 00:45 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

==================== One Month Modified Files and Folders =======

2014-03-18 22:30 - 2014-03-18 22:30 - 00015991 _____ () C:\Users\Marty\Downloads\FRST.txt
2014-03-18 22:30 - 2014-03-03 15:30 - 00000000 ____D () C:\FRST
2014-03-18 22:29 - 2014-03-18 22:29 - 02157056 _____ (Farbar) C:\Users\Marty\Downloads\FRST64.exe
2014-03-18 22:24 - 2013-03-06 23:51 - 00000029 _____ () C:\Windows\SysWOW64\TempWmicBatchFile.bat
2014-03-18 22:24 - 2013-02-24 09:08 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-18 22:23 - 2012-09-11 15:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-18 21:18 - 2010-08-18 19:06 - 01321210 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 21:12 - 2013-09-16 12:12 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-18 20:54 - 2014-03-18 20:53 - 00000000 ____D () C:\Users\Marty\AppData\Local\{BD93E30C-8407-4706-9345-FC30A9A64808}
2014-03-18 18:06 - 2014-03-18 18:06 - 00987442 _____ () C:\Users\Marty\Downloads\SecurityCheck.exe
2014-03-18 11:19 - 2014-03-18 11:19 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-18 11:19 - 2014-03-18 11:18 - 02347384 _____ (ESET) C:\Users\Marty\Downloads\esetsmartinstaller_enu.exe
2014-03-18 07:58 - 2014-03-18 07:58 - 00000000 ____D () C:\Users\Marty\AppData\Local\{8E10CB7B-0F37-4250-82BA-AEA55E47D89F}
2014-03-18 06:45 - 2009-07-14 05:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-18 06:45 - 2009-07-14 05:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-18 06:39 - 2014-03-18 06:39 - 00000000 ____D () C:\Users\Marty\Documents\TuneClone
2014-03-18 06:38 - 2012-10-13 14:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-18 06:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 06:38 - 2009-07-14 05:51 - 00262140 _____ () C:\Windows\setupact.log
2014-03-18 01:31 - 2014-01-15 00:51 - 00010752 ___SH () C:\Users\Marty\Thumbs.db
2014-03-17 22:36 - 2010-10-15 16:06 - 00000448 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-03-17 19:55 - 2014-03-17 19:55 - 00000000 ____D () C:\Users\Marty\AppData\Local\{3AF23EDB-15AF-475D-87F5-686405B5E1D9}
2014-03-17 11:03 - 2013-09-11 22:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 10:18 - 2014-03-16 10:33 - 00000000 ____D () C:\AdwCleaner
2014-03-17 02:42 - 2014-03-17 02:42 - 01200742 _____ () C:\Users\Marty\Downloads\Schaub_Goldklang_58.zip
2014-03-16 19:32 - 2014-03-16 07:52 - 00000000 ____D () C:\Users\Marty\Desktop\2 Wochen Text
2014-03-16 17:18 - 2011-12-15 12:57 - 00000000 ____D () C:\Users\Marty\Desktop\Joel
2014-03-16 14:35 - 2014-03-16 14:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 14:35 - 2014-03-16 10:34 - 01037734 _____ (Thisisu) C:\Users\Marty\Downloads\JRT.exe
2014-03-16 10:33 - 2014-03-16 10:33 - 01950720 _____ () C:\Users\Marty\Downloads\adwcleaner.exe
2014-03-16 10:32 - 2014-03-16 10:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marty\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-16 08:52 - 2011-10-31 12:14 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-16 08:52 - 2010-10-29 16:38 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-15 00:14 - 2012-09-17 07:23 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMarty
2014-03-15 00:14 - 2012-09-17 07:23 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForMarty.job
2014-03-12 18:55 - 2010-11-23 22:25 - 00000000 ____D () C:\Windows\Minidump
2014-03-12 18:54 - 2010-08-18 19:03 - 00350823 ____N () C:\Windows\Minidump\031214-72134-01.dmp
2014-03-12 15:44 - 2010-07-28 20:36 - 00699698 _____ () C:\Windows\system32\perfh007.dat
2014-03-12 15:44 - 2010-07-28 20:36 - 00149838 _____ () C:\Windows\system32\perfc007.dat
2014-03-12 15:44 - 2009-07-14 06:13 - 01621804 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-12 05:44 - 2014-03-09 21:59 - 00000394 _____ () C:\Windows\Tasks\Java(TM) Platform SE Auto Updater (optimized).job
2014-03-12 05:44 - 2014-03-09 21:59 - 00000366 _____ () C:\Windows\Tasks\hpwuSchd Application (optimized).job
2014-03-12 05:43 - 2009-07-14 05:45 - 00409232 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 05:42 - 2013-03-13 23:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 05:42 - 2013-03-13 23:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 02:59 - 2010-10-16 08:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 02:55 - 2013-08-14 22:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-12 02:54 - 2010-10-16 08:48 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-12 02:17 - 2014-03-12 02:16 - 63320784 _____ (Microsoft Corporation) C:\Users\Marty\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-03-12 02:17 - 2013-10-27 20:47 - 00022990 _____ () C:\Windows\IE11_main.log
2014-03-12 00:27 - 2013-07-14 23:03 - 00000384 _____ () C:\Windows\Tasks\Adobe Reader and Acrobat Manager (optimized).job
2014-03-12 00:27 - 2013-02-24 09:08 - 00000268 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-11 22:45 - 2012-09-11 15:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 22:44 - 2012-09-11 15:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 22:44 - 2012-09-11 15:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 07:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-11 00:04 - 2011-08-30 16:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-10 23:56 - 2014-03-10 23:51 - 276758080 _____ (NVIDIA Corporation) C:\Users\Marty\Downloads\335.23-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-03-10 22:55 - 2010-10-16 14:34 - 00000000 ____D () C:\Users\Marty\Desktop\Inseraten Fotos
2014-03-10 22:30 - 2014-03-10 22:06 - 00003706 _____ () C:\Windows\System32\Tasks\Registration
2014-03-10 22:26 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-10 22:23 - 2010-10-23 21:28 - 00000000 ____D () C:\Users\Marty\Schemas
2014-03-10 22:23 - 2010-07-28 20:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-10 22:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-03-10 22:18 - 2010-07-28 20:01 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-03-10 22:17 - 2010-07-28 20:00 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-10 22:15 - 2014-03-10 22:15 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-10 22:14 - 2010-07-28 20:01 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-10 22:13 - 2009-07-25 02:45 - 00000000 ____D () C:\swsetup
2014-03-10 21:46 - 2013-09-17 23:59 - 00000000 ____D () C:\Users\Marty\AppData\Local\NVIDIA
2014-03-10 19:41 - 2010-07-28 20:02 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-10 18:32 - 2014-03-10 18:32 - 00030003 _____ () C:\ComboFix.txt
2014-03-10 18:32 - 2014-03-10 18:08 - 00000000 ____D () C:\Qoobox
2014-03-10 18:31 - 2014-03-10 18:07 - 00000000 ____D () C:\Windows\erdnt
2014-03-10 18:24 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-10 18:23 - 2010-07-28 19:58 - 00784236 _____ () C:\Windows\PFRO.log
2014-03-10 18:06 - 2014-03-10 18:05 - 05187267 ____R (Swearware) C:\Users\Marty\Downloads\ComboFix.exe
2014-03-10 01:29 - 2010-10-15 16:13 - 00000000 ____D () C:\Users\Marty\AppData\Local\Hewlett-Packard
2014-03-10 01:17 - 2010-07-28 20:14 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-10 00:59 - 2010-07-28 20:10 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-03-10 00:43 - 2012-04-19 00:09 - 00007668 _____ () C:\Users\Marty\AppData\Local\resmon.resmoncfg
2014-03-10 00:37 - 2014-03-10 00:33 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-03-10 00:33 - 2014-03-10 00:33 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-03-10 00:14 - 2014-03-05 01:14 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-03-10 00:11 - 2014-03-05 00:18 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Nico Mak Computing
2014-03-10 00:06 - 2013-01-27 01:59 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-03-10 00:00 - 2013-01-11 23:15 - 00000000 ____D () C:\ProgramData\Freemake
2014-03-10 00:00 - 2013-01-11 23:15 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-03-10 00:00 - 2010-10-15 20:33 - 00000000 ____D () C:\Users\Marty\AppData\Local\Google
2014-03-10 00:00 - 2010-10-15 20:33 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-09 21:59 - 2014-03-09 21:59 - 00003094 _____ () C:\Windows\System32\Tasks\Java(TM) Platform SE Auto Updater (optimized)
2014-03-09 21:59 - 2014-03-09 21:59 - 00003066 _____ () C:\Windows\System32\Tasks\hpwuSchd Application (optimized)
2014-03-09 21:59 - 2013-07-14 23:03 - 00003084 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager (optimized)
2014-03-09 21:59 - 2013-02-24 09:08 - 00003004 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-09 16:16 - 2014-03-03 15:31 - 00047833 _____ () C:\Users\Marty\Downloads\Addition.txt
2014-03-09 11:21 - 2014-03-09 11:16 - 00000000 ____D () C:\Users\Marty\Desktop\Fotos Michelle
2014-03-09 09:17 - 2010-10-29 16:37 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\HP Support Assistant
2014-03-09 09:17 - 2010-10-16 16:46 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\HpUpdate
2014-03-07 11:52 - 2010-10-21 14:40 - 00000000 ____D () C:\Users\Marty\AppData\Local\CrashDumps
2014-03-06 12:53 - 2011-01-12 08:31 - 00069120 _____ () C:\Users\Marty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-06 12:48 - 2013-08-10 22:59 - 00000000 ___RD () C:\Users\Marty\Desktop\Bär Musik alles
2014-03-05 01:18 - 2014-03-05 01:18 - 00000000 _____ () C:\autoexec.bat
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-05 01:07 - 2014-03-05 01:06 - 00011407 _____ () C:\Users\Marty\Documents\log.xml
2014-03-04 15:35 - 2014-03-10 21:49 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 15:35 - 2014-03-10 21:49 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 15:35 - 2014-03-10 21:49 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 15:35 - 2013-12-02 15:50 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 15:35 - 2013-02-25 23:32 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 15:35 - 2012-10-13 13:59 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-04 15:35 - 2012-10-13 13:59 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-04 15:35 - 2012-10-13 13:53 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 15:35 - 2012-10-13 13:53 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 15:35 - 2012-10-13 13:53 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 15:35 - 2012-10-13 13:53 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 14:06 - 2012-10-13 14:00 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 14:06 - 2012-10-13 14:00 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 14:05 - 2012-10-13 14:00 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 14:05 - 2012-10-13 14:00 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 14:05 - 2012-10-13 14:00 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 14:05 - 2012-10-13 14:00 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-11 00:04 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-04 12:05 - 2013-08-11 00:48 - 00000000 ____D () C:\output
2014-03-04 10:52 - 2014-03-04 10:52 - 00010046 _____ () C:\Users\Marty\.recently-used.xbel
2014-03-04 10:52 - 2010-10-15 16:06 - 00000000 ____D () C:\Users\Marty
2014-03-04 10:51 - 2014-02-26 18:33 - 00000000 ____D () C:\Users\Marty\.gimp-2.6
2014-03-04 10:44 - 2014-02-26 18:51 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\gtk-2.0
2014-03-04 01:06 - 2010-07-28 20:06 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-04 01:05 - 2014-03-04 01:05 - 00000000 ____D () C:\Intel
2014-03-03 23:51 - 2010-10-15 16:14 - 00000000 ___RD () C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-03 23:48 - 2014-03-03 23:48 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-03 23:47 - 2014-03-03 23:47 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-03 23:42 - 2014-03-03 23:42 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Seagate
2014-03-03 23:42 - 2014-03-03 23:42 - 00000000 ____D () C:\ProgramData\Seagate
2014-03-03 23:41 - 2014-03-03 23:41 - 00971360 _____ (Acronis) C:\Windows\system32\Drivers\timntr.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00275552 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00210016 _____ (Acronis) C:\Windows\system32\Drivers\vididr.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00141920 _____ (Acronis) C:\Windows\system32\Drivers\vsflt53.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00000000 ____D () C:\Program Files (x86)\Seagate
2014-03-03 23:39 - 2014-03-03 23:39 - 00003124 _____ () C:\Windows\System32\Tasks\{D61F51F5-7647-4029-B5A3-B7E2E38DB974}
2014-03-03 23:39 - 2014-03-03 15:05 - 152117008 _____ () C:\Users\Marty\Downloads\DiscWizardSetup-14387.de.exe
2014-03-03 16:01 - 2014-03-03 16:01 - 00000000 ____D () C:\Users\Marty\Downloads\backups
2014-03-03 14:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-03 14:42 - 2010-06-18 10:15 - 00000000 ___RD () C:\hp
2014-03-03 14:41 - 2013-02-21 17:28 - 00000000 ____D () C:\Users\Marty\AppData\Local\Apple Computer
2014-03-03 14:40 - 2013-01-10 05:41 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Apple Computer
2014-03-02 16:56 - 2014-03-02 16:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 16:56 - 2014-03-02 16:55 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 16:56 - 2014-03-02 16:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-02 16:56 - 2013-02-21 17:28 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-02 16:55 - 2014-03-02 16:55 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 16:49 - 2014-03-02 16:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-02 16:49 - 2013-11-10 14:57 - 00001807 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-01 07:05 - 2014-03-12 02:49 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-12 02:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-12 02:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-12 02:49 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-12 02:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-12 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-12 02:49 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-12 02:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-12 02:49 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-12 02:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-12 02:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-12 02:49 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-12 02:49 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-12 02:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-12 02:49 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-12 02:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-12 02:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-12 02:49 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-12 02:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-12 02:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 02:49 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-12 02:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 02:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-12 02:49 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-12 02:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-12 02:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-12 02:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-12 02:49 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-12 02:49 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-12 02:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-12 02:49 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-12 02:49 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-12 02:49 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 02:49 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 02:49 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-12 02:49 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-12 02:49 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-12 02:49 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-12 02:49 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-12 02:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 22:31 - 2010-08-18 19:03 - 00426519 ____N () C:\Windows\Minidump\022714-34211-01.dmp
2014-02-27 16:21 - 2013-12-13 12:41 - 00000000 ____D () C:\Users\Marty\Desktop\Backup Marty Samsung Bilder
2014-02-27 05:55 - 2013-01-14 15:20 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-27 00:40 - 2010-11-09 17:38 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-02-27 00:38 - 2012-11-05 18:25 - 00000000 ____D () C:\Program Files (x86)\Stonehill Games
2014-02-27 00:31 - 2014-02-26 18:25 - 00000000 ____D () C:\Program Files (x86)\PursuePoint
2014-02-27 00:30 - 2014-02-26 18:33 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-27 00:30 - 2014-02-26 18:32 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Real
2014-02-27 00:30 - 2014-02-26 18:31 - 00000000 ____D () C:\ProgramData\Real
2014-02-27 00:29 - 2010-11-06 08:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-26 18:39 - 2014-02-26 18:39 - 00000000 ____D () C:\Users\Marty\.thumbnails
2014-02-26 18:37 - 2014-02-26 18:31 - 00001057 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-02-26 18:35 - 2014-02-26 18:34 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-235128457-942058757-4155314245-1001
2014-02-26 18:35 - 2014-02-26 18:34 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-235128457-942058757-4155314245-1001
2014-02-26 18:33 - 2014-02-26 18:33 - 00000000 ____D () C:\Users\Marty\Documents\gegl-0.0
2014-02-26 18:31 - 2014-02-26 18:31 - 00000000 ____D () C:\Program Files (x86)\GIMP-2.0
2014-02-26 18:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2014-02-26 07:57 - 2014-02-26 07:57 - 00000000 ____D () C:\Users\Marty\Desktop\Bilder Frau Borter
2014-02-26 06:39 - 2014-02-26 06:39 - 00030720 _____ () C:\Users\Marty\Desktop\FC Rotkreuz.xls
2014-02-22 13:11 - 2010-10-23 21:30 - 00000000 ____D () C:\Users\Marty\Hauswart
2014-02-20 07:03 - 2010-10-15 17:07 - 00000000 ____D () C:\Users\Marty\AppData\Local\Windows Live
2014-02-20 01:18 - 2014-02-20 01:18 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-02-20 00:31 - 2010-11-06 08:54 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 06:04 - 2013-12-02 15:57 - 00000000 ____D () C:\Users\Marty\AppData\Local\NVIDIA Corporation
2014-02-19 06:04 - 2012-10-13 13:59 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-19 00:50 - 2014-02-19 00:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-19 00:50 - 2010-07-28 19:56 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-18 18:39 - 2012-01-21 22:09 - 00000000 ____D () C:\Users\Marty\AppData\Local\Downloaded Installations
2014-02-18 12:18 - 2013-09-16 12:11 - 00624224 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-02-18 12:18 - 2013-09-16 12:11 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-02-18 12:18 - 2013-05-05 21:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-02-17 21:56 - 2010-08-18 19:03 - 00385279 ____N () C:\Windows\Minidump\021714-78343-01.dmp
2014-02-16 23:16 - 2010-10-23 21:47 - 00000000 ____D () C:\Users\Marty\Documents\Eigene Scans
2014-02-16 17:44 - 2013-02-24 09:08 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

Some content of TEMP:
====================
C:\Users\Marty\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marty\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Marty\AppData\Local\Temp\nvStInst.exe
C:\Users\Marty\AppData\Local\Temp\Quarantine.exe
C:\Users\Marty\AppData\Local\Temp\sp64126.exe
C:\Users\Marty\AppData\Local\Temp\UninstallHPSA.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 06:42

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 19.03.2014, 17:11

Adobe updaten.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Bitubo · 19.03.2014, 17:45

Hallo lieber Schrauber, ich bin Dir sehr zu grossem Dank verpflichtet. Ich habe noch niemand kontaktiert der mir so geholfen hat in Sachen Bedrohungen.
Ich hatte Emule installiert aber nicht für Software und illegales Zeugs. Ich hatte nach Discosound der 80er Jahre gesucht die man nirgendswo mehr bekommt.
Aber das wird wohl der Grund gewesen sein das mein System infiziert wurde trotz aktuellem Kaspersky Security Software. Scheinbar ist die machtlos für gewisse Schädlinge.
Eine sogenannte Tuning Software mit Säuberung des Systems auch der Reg. hatte ich auch, die nehme ich sofort weg. Seit ich das letzte Mal im PC Business gearbeitet habe ist schon länger her, da verliert man manches Wissen oder ist eben nicht mehr aktuell bei der Sache.
Also lieber Schrauber, Du hast mir wirklich sehr geholfen und vor der Räumung meines ganzen Systems bewahrt. Vielen Dank nochmals!

Herzliche Grüsse

Bitubo

schrauber · 20.03.2014, 09:59

Gern Geschehen

20.03.2014, 09:59	#21
schrauber /// the machine /// TB-Ausbilder	Win7 PC langsam und hängt oft! Antispy Alarm Gern Geschehen __________________ --> Win7 PC langsam und hängt oft! Antispy Alarm

Win7 PC langsam und hängt oft! Antispy Alarm

Plagegeister aller Art und deren Bekämpfung: Win7 PC langsam und hängt oft! Antispy Alarm