Windows 7 PC ist langsam und blockiert zeitweise. Windows Problemlösungen teilen Grafiktreiber Problem mit obwohl neuste Treiber immer installiert werden.
Kann mir da jemand helfen und was soll ich machen? Antispy Software gibt Alarm aber Kaspersky Security zeigt nichts an.

Freundliche Grüsse

Bitubo

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2014 01
Ran by Marty (administrator) on MARTY-HP on 09-03-2014 13:34:07
Running from C:\Users\Marty\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(TuneClone.COM) C:\Program Files\TuneClone\TuneClone.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_70_ActiveX.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Farbar) C:\Users\Marty\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888 2010-01-18] ()
HKLM\...\Run: [TuneClone] - C:\Program Files\TuneClone\TuneClone.exe [4550656 2012-02-24] (TuneClone.COM)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [Seagate Scheduler2 Service] - C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395624 2011-06-30] (Seagate)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-11-27] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] - C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [2674104 2011-06-30] ()
HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1661856 2014-03-03] (Simply Super Software)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1715768 2010-09-28] (Hewlett-Packard)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-07] (Samsung)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-07] (Samsung)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-235128457-942058757-4155314245-1001\...\Policies\system: [DisableChangePassword] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ricardo.ch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {64F4A7CE-4957-4EF0-B481-F121CFFB9D22} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deCH491
SearchScopes: HKCU - {51305612-7F0E-4A86-AAD0-D01FADA3709C} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10839
SearchScopes: HKCU - {637B8B8E-D70F-4D12-BEC4-06B8EE08CD01} URL = 
SearchScopes: HKCU - {64F4A7CE-4957-4EF0-B481-F121CFFB9D22} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deCH491
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {AFCCEECB-58A4-46FA-8A42-64F42E9EB0C4} URL = hxxp://search.findwide.com/serp?guid={4A5DD014-4674-4D83-A20E-10D7129F0646}&action=default_search&serpv=22&k={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {e1578e0c-7554-4980-a160-d0f4f7d8af47} -  No File
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {1D053BB5-C922-44E3-9910-66585F017505} -  No File
DPF: HKLM {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "sync_promo": {
      "show_on_first_run_allowed"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Reader Application Detector) - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-19]
CHR Extension: (Google Drive) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-19]
CHR Extension: (YouTube) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-19]
CHR Extension: (Google-Suche) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-19]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-11-19]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-11-19]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-11-19]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-11-19]
CHR Extension: (Freemake Video Converter) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-11-19]
CHR Extension: (Google Wallet) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-19]
CHR Extension: (Google Mail) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-19]
CHR Extension: (Anti-Banner) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-11-19]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-06-28]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-06-28]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-06-28]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-06-28]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-01-11]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-06-28]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-02] (Kaspersky Lab ZAO)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2012-11-28] (Fork Ltd.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [267824 2007-05-04] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)

==================== Drivers (Whitelisted) ====================

S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-07] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-02-18] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [624224 2014-02-18] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-02] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2013-12-19] (Kaspersky Lab ZAO)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R0 tclondrv; C:\Windows\System32\DRIVERS\tclondrv.sys [26856 2012-02-24] (TuneClone Software)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2014-03-03] (Acronis)
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-09 13:32 - 2014-03-09 13:33 - 02156544 _____ (Farbar) C:\Users\Marty\Downloads\FRST64 (1).exe
2014-03-09 12:25 - 2014-03-09 12:26 - 00000000 ____D () C:\Users\Marty\AppData\Local\{B2B6C56C-661E-4A57-B120-995D35599C5D}
2014-03-09 11:16 - 2014-03-09 11:21 - 00000000 ____D () C:\Users\Marty\Desktop\Fotos Michelle
2014-03-09 09:07 - 2014-03-09 09:07 - 00000000 ____D () C:\Users\Marty\Documents\TuneClone
2014-03-09 00:21 - 2014-03-09 00:21 - 00000000 ____D () C:\Users\Marty\AppData\Local\{0F29B83F-1858-42C1-9927-9ED3574E83E1}
2014-03-08 11:54 - 2014-03-08 11:54 - 00000000 ____D () C:\Users\Marty\AppData\Local\{1187DE0E-4B36-4557-9F8D-AD4592245AE0}
2014-03-08 07:53 - 2014-03-09 09:09 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-03-07 23:53 - 2014-03-07 23:54 - 00000000 ____D () C:\Users\Marty\AppData\Local\{9757C1B6-5668-472E-A4C6-69D03A692C9A}
2014-03-07 11:53 - 2014-03-07 11:53 - 00000000 ____D () C:\Users\Marty\AppData\Local\{A3725E6A-4DC4-4A6F-AC37-3F182CF476BD}
2014-03-06 21:51 - 2014-03-06 21:51 - 00000000 ____D () C:\Users\Marty\AppData\Local\{C51E8A5A-B8D4-4D7F-997B-36E9CCE767A5}
2014-03-06 09:50 - 2014-03-06 09:51 - 00000000 ____D () C:\Users\Marty\AppData\Local\{19E82193-3740-421C-80E8-75E02AED5C51}
2014-03-05 20:37 - 2014-03-05 20:37 - 00000000 ____D () C:\Users\Marty\AppData\Local\{368C6749-916B-453F-A8EC-D03580A8EC2D}
2014-03-05 08:36 - 2014-03-05 08:36 - 00000000 ____D () C:\Users\Marty\AppData\Local\{67B506CB-B86B-4081-9959-7250D3B0E3A8}
2014-03-05 01:18 - 2014-03-05 01:18 - 00000000 _____ () C:\autoexec.bat
2014-03-05 01:17 - 2014-03-05 01:17 - 00003326 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-03-05 01:17 - 2014-03-05 01:17 - 00002256 _____ () C:\Users\Marty\Desktop\SpyHunter.lnk
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 ____D () C:\sh4ldr
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-05 01:17 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-03-05 01:14 - 2014-03-05 01:17 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-03-05 01:13 - 2014-03-05 01:13 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\SpyHunter-Installer.exe
2014-03-05 01:06 - 2014-03-05 01:07 - 00011407 _____ () C:\Users\Marty\Documents\log.xml
2014-03-05 00:18 - 2014-03-05 00:18 - 04892480 _____ (WinZip International LLC ) C:\Users\Marty\Downloads\wzmp_8.exe
2014-03-05 00:18 - 2014-03-05 00:18 - 00001151 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-03-05 00:18 - 2014-03-05 00:18 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Nico Mak Computing
2014-03-05 00:18 - 2014-03-05 00:18 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-03-05 00:18 - 2014-03-05 00:18 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-03-05 00:18 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-03-04 20:35 - 2014-03-04 20:36 - 00000000 ____D () C:\Users\Marty\AppData\Local\{713C46A1-6529-499B-935F-8A1B76DA8434}
2014-03-04 10:52 - 2014-03-04 10:52 - 00010046 _____ () C:\Users\Marty\.recently-used.xbel
2014-03-04 08:35 - 2014-03-04 08:35 - 00000000 ____D () C:\Users\Marty\AppData\Local\{754483FE-04FE-4BC4-8C2F-006E76C98D66}
2014-03-04 01:06 - 2012-01-16 11:06 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-03-04 01:05 - 2014-03-04 01:05 - 00000000 ____D () C:\Intel
2014-03-03 23:48 - 2014-03-03 23:48 - 00000000 ____D () C:\Users\Marty\Documents\Simply Super Software
2014-03-03 23:48 - 2014-03-03 23:48 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Simply Super Software
2014-03-03 23:48 - 2014-03-03 23:48 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-03 23:47 - 2014-03-03 23:48 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-03 23:47 - 2014-03-03 23:47 - 00001101 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2014-03-03 23:47 - 2014-03-03 23:47 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-03 23:42 - 2014-03-03 23:42 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Seagate
2014-03-03 23:42 - 2014-03-03 23:42 - 00000000 ____D () C:\ProgramData\Seagate
2014-03-03 23:41 - 2014-03-03 23:41 - 00971360 _____ (Acronis) C:\Windows\system32\Drivers\timntr.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00275552 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00210016 _____ (Acronis) C:\Windows\system32\Drivers\vididr.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00141920 _____ (Acronis) C:\Windows\system32\Drivers\vsflt53.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00000000 ____D () C:\Program Files (x86)\Seagate
2014-03-03 23:39 - 2014-03-03 23:39 - 00003124 _____ () C:\Windows\System32\Tasks\{D61F51F5-7647-4029-B5A3-B7E2E38DB974}
2014-03-03 20:02 - 2014-03-03 20:03 - 00000000 ____D () C:\Users\Marty\AppData\Local\{6159AA22-090E-4471-96AD-790F48FBDCE3}
2014-03-03 16:01 - 2014-03-03 16:01 - 00000000 ____D () C:\Users\Marty\Downloads\backups
2014-03-03 15:41 - 2014-03-03 23:35 - 10284808 _____ (Malwarebytes Corporation ) C:\Users\Marty\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-03 15:41 - 2014-03-03 15:41 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-03 15:41 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-03 15:38 - 2014-03-03 23:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marty\Downloads\HijackThis.exe
2014-03-03 15:38 - 2014-03-03 15:38 - 00016245 _____ () C:\Users\Marty\Downloads\hijackthis.log
2014-03-03 15:31 - 2014-03-03 15:31 - 00053795 _____ () C:\Users\Marty\Downloads\Addition.txt
2014-03-03 15:30 - 2014-03-09 13:34 - 00023798 _____ () C:\Users\Marty\Downloads\FRST.txt
2014-03-03 15:30 - 2014-03-09 13:34 - 00000000 ____D () C:\FRST
2014-03-03 15:29 - 2014-03-03 15:29 - 02156544 _____ (Farbar) C:\Users\Marty\Downloads\FRST64.exe
2014-03-03 15:05 - 2014-03-03 23:39 - 152117008 _____ () C:\Users\Marty\Downloads\DiscWizardSetup-14387.de.exe
2014-03-03 08:02 - 2014-03-03 08:02 - 00000000 ____D () C:\Users\Marty\AppData\Local\{60B9E35F-26B5-40D7-A13D-740B8451537D}
2014-03-02 16:55 - 2014-03-02 16:56 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 16:55 - 2014-03-02 16:56 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 16:55 - 2014-03-02 16:56 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-02 16:55 - 2014-03-02 16:55 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 16:49 - 2014-03-02 16:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-02 12:24 - 2014-03-02 12:24 - 00000000 ____D () C:\Users\Marty\AppData\Local\{66B71434-9C35-421D-BB99-5782DC1DDCCB}
2014-03-02 00:23 - 2014-03-02 00:24 - 00000000 ____D () C:\Users\Marty\AppData\Local\{B181DF72-A06E-4DBB-8CF2-DDAF241CC97D}
2014-03-01 12:23 - 2014-03-01 12:23 - 00000000 ____D () C:\Users\Marty\AppData\Local\{540C4426-3E7C-469C-B3C5-78A42D736778}
2014-02-28 23:47 - 2014-02-28 23:47 - 00000000 ____D () C:\Users\Marty\AppData\Local\{337853AC-DD9E-47B6-A294-A7FEBBBEDAB2}
2014-02-28 11:46 - 2014-02-28 11:47 - 00000000 ____D () C:\Users\Marty\AppData\Local\{ACD36C7A-BC4C-447A-81BD-E862DF4DB9A9}
2014-02-27 23:46 - 2014-02-27 23:46 - 00000000 ____D () C:\Users\Marty\AppData\Local\{5A6658A0-02D0-4AB5-B83C-54EB5B529FFC}
2014-02-27 11:45 - 2014-02-27 11:46 - 00000000 ____D () C:\Users\Marty\AppData\Local\{9CE3FB80-6F87-4B9F-AE5A-74D7BC008301}
2014-02-26 23:36 - 2014-02-26 23:36 - 00000000 ____D () C:\Users\Marty\AppData\Local\{E95601E2-2C4E-43AD-B28D-77707DAF5629}
2014-02-26 18:51 - 2014-03-04 10:44 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\gtk-2.0
2014-02-26 18:39 - 2014-02-26 18:39 - 00000000 ____D () C:\Users\Marty\.thumbnails
2014-02-26 18:34 - 2014-02-26 18:35 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-235128457-942058757-4155314245-1001
2014-02-26 18:34 - 2014-02-26 18:35 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-235128457-942058757-4155314245-1001
2014-02-26 18:33 - 2014-03-04 10:51 - 00000000 ____D () C:\Users\Marty\.gimp-2.6
2014-02-26 18:33 - 2014-02-27 00:30 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-26 18:33 - 2014-02-26 18:33 - 00000000 ____D () C:\Users\Marty\Documents\gegl-0.0
2014-02-26 18:32 - 2014-02-27 00:30 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Real
2014-02-26 18:31 - 2014-02-27 00:30 - 00000000 ____D () C:\ProgramData\Real
2014-02-26 18:31 - 2014-02-26 18:37 - 00001057 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-02-26 18:31 - 2014-02-26 18:31 - 00000000 ____D () C:\Program Files (x86)\GIMP-2.0
2014-02-26 18:30 - 2014-02-26 18:30 - 00000000 ____D () C:\Users\Marty\Documents\Optimizer Pro
2014-02-26 18:25 - 2014-02-27 00:31 - 00000000 ____D () C:\Program Files (x86)\PursuePoint
2014-02-26 11:35 - 2014-02-26 11:36 - 00000000 ____D () C:\Users\Marty\AppData\Local\{F128EF88-9C29-4DAB-9A71-62D795673988}
2014-02-26 07:57 - 2014-02-26 07:57 - 00000000 ____D () C:\Users\Marty\Desktop\Bilder Frau Borter
2014-02-26 06:39 - 2014-02-26 06:39 - 00030720 _____ () C:\Users\Marty\Desktop\FC Rotkreuz.xls
2014-02-25 22:16 - 2014-02-25 22:16 - 00000000 ____D () C:\Users\Marty\AppData\Local\{9A13D6F4-F658-44B6-A53E-116BF69BE52A}
2014-02-25 10:15 - 2014-02-25 10:15 - 00000000 ____D () C:\Users\Marty\AppData\Local\{1EED7297-E71A-4718-AC7B-6502A34E5607}
2014-02-24 22:11 - 2014-02-24 22:11 - 00000000 ____D () C:\Users\Marty\AppData\Local\{9A2E69EA-8433-4638-93DB-8673DEBCF691}
2014-02-24 10:10 - 2014-02-24 10:11 - 00000000 ____D () C:\Users\Marty\AppData\Local\{DCFEA27E-33D9-44D8-A5DE-F6E5F7FE001B}
2014-02-23 21:11 - 2014-02-23 21:11 - 00000000 ____D () C:\Users\Marty\AppData\Local\{68D43EF6-D95A-42DA-8A4D-24293D5AB7F7}
2014-02-23 09:10 - 2014-02-23 09:10 - 00000000 ____D () C:\Users\Marty\AppData\Local\{147BA528-9C65-4810-9F6D-6B02614AFEC3}
2014-02-22 20:32 - 2014-02-22 20:32 - 00000000 ____D () C:\Users\Marty\AppData\Local\{12FB1A58-3468-4CAE-B0E1-DF12C2EC6562}
2014-02-22 08:31 - 2014-02-22 08:32 - 00000000 ____D () C:\Users\Marty\AppData\Local\{E97A4A72-1A3E-429B-889F-9FCA2403A3BE}
2014-02-21 20:08 - 2014-02-21 20:08 - 00000000 ____D () C:\Users\Marty\AppData\Local\{996B8968-56E3-4C5B-86CF-7A7A6A665B8A}
2014-02-21 07:14 - 2014-02-21 07:14 - 00000000 ____D () C:\Users\Marty\AppData\Local\{2A83714C-058A-4620-B2EF-82A572A2DEA1}
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Marty\AppData\Local\{B7F3083C-8439-43C5-8532-B03B09BB9BF7}
2014-02-20 07:02 - 2014-02-20 07:03 - 00000000 ____D () C:\Users\Marty\AppData\Local\{F1E0CEBB-786A-44B9-8151-2F7D2168A3E2}
2014-02-20 01:18 - 2014-02-20 01:18 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-02-19 19:02 - 2014-02-19 19:02 - 00000000 ____D () C:\Users\Marty\AppData\Local\{E18AD8F1-0145-4D7F-A4F8-E8FDA65422B6}
2014-02-19 06:50 - 2014-02-19 06:50 - 00000000 ____D () C:\Users\Marty\AppData\Local\{497D23B1-693D-4D63-9766-413AC80CEF2F}
2014-02-19 00:52 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-02-19 00:52 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-02-19 00:52 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-02-19 00:52 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-02-19 00:51 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-02-19 00:51 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-02-19 00:50 - 2014-02-19 00:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-19 00:50 - 2014-02-05 10:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-19 00:50 - 2014-02-05 10:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-19 00:49 - 2014-02-08 17:18 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-02-19 00:45 - 2014-02-08 19:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 17715784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-19 00:45 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-19 00:45 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-19 00:45 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-19 00:45 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-18 18:50 - 2014-02-18 18:50 - 00000000 ____D () C:\Users\Marty\AppData\Local\{C44967B2-EE6F-4231-A1B5-067471B3C6CE}
2014-02-18 18:38 - 2014-02-18 18:39 - 75211320 _____ (Samsung Electronics Co., Ltd.) C:\Users\Marty\Downloads\KiesSetup (2).exe
2014-02-18 06:49 - 2014-02-18 06:49 - 00000000 ____D () C:\Users\Marty\AppData\Local\{493C09A9-AF40-4BB0-8F49-317FBD05579F}
2014-02-17 18:38 - 2014-02-17 18:38 - 00000000 ____D () C:\Users\Marty\AppData\Local\{55B6B6D1-A4D1-41EE-901B-883D0D635725}
2014-02-17 06:37 - 2014-02-17 06:38 - 00000000 ____D () C:\Users\Marty\AppData\Local\{576ACAD5-BB6B-42A2-B33D-6BDB71F6B647}
2014-02-16 17:42 - 2014-02-16 17:42 - 00000000 ____D () C:\Users\Marty\AppData\Local\{776662FF-EDF7-4AA7-908B-4C10F73DC0D6}
2014-02-16 01:17 - 2014-02-16 01:18 - 00000000 ____D () C:\Users\Marty\AppData\Local\{3F7EF299-5676-4221-B6FA-AA21BDA51005}
2014-02-15 17:01 - 2014-02-15 17:04 - 00000000 ____D () C:\Users\Marty\Desktop\Tätä Bilder altes Natel
2014-02-15 16:45 - 2014-01-23 04:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-02-15 16:45 - 2014-01-23 04:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 ____D () C:\Users\Marty\AppData\Local\{39FBFE55-2BEE-425D-9476-F54BC0246B16}
2014-02-14 20:41 - 2014-02-14 20:41 - 00000000 ____D () C:\Users\Marty\AppData\Local\{E2466639-1C1A-4C67-A19D-459D215068B5}
2014-02-14 08:40 - 2014-02-14 08:41 - 00000000 ____D () C:\Users\Marty\AppData\Local\{AF05532D-1400-4DFF-8E5F-AC6D843274EF}
2014-02-13 20:40 - 2014-02-13 20:40 - 00000000 ____D () C:\Users\Marty\AppData\Local\{D53434C6-1FE4-4209-8067-A9ABEBFFFA95}
2014-02-13 08:43 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 08:43 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 08:42 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 08:42 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 08:42 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 08:42 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 08:42 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 08:42 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 08:42 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 08:42 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 08:42 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 08:42 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 08:42 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 08:42 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 08:42 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 08:42 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 08:42 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 08:42 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 08:42 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 08:42 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 08:42 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 08:42 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 08:42 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 08:42 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 08:42 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 08:42 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 08:42 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 08:42 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 08:42 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 08:42 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 08:42 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 08:42 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 08:42 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 08:42 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 08:42 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 08:42 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 08:42 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 08:42 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 08:42 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 08:42 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 08:42 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 08:41 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 08:41 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 08:41 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 08:41 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 08:41 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 08:41 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 08:41 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 08:41 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 08:41 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 08:41 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 08:41 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 08:41 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 08:41 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 08:41 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 08:41 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 08:41 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 08:41 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 08:41 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 08:41 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 08:41 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 08:41 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 08:41 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 08:41 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 08:41 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 08:41 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 08:41 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 08:41 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 08:41 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 08:39 - 2014-02-13 08:40 - 00000000 ____D () C:\Users\Marty\AppData\Local\{D6A75AD5-25F7-457E-926C-3F1121F9BA5D}
2014-02-12 21:16 - 2014-02-12 21:16 - 00365322 _____ () C:\Users\Marty\Downloads\SchaubLorenz_3005.zip
2014-02-12 20:32 - 2014-02-12 20:33 - 00000000 ____D () C:\Users\Marty\AppData\Local\{8AD088B5-4FFB-44D0-8798-E377F49BAF66}
2014-02-12 08:32 - 2014-02-12 08:32 - 00000000 ____D () C:\Users\Marty\AppData\Local\{B59D604C-2D41-4D7B-BDD9-79224B221855}
2014-02-11 20:21 - 2014-02-11 20:21 - 00000000 ____D () C:\Users\Marty\AppData\Local\{320B3DF4-B3BB-4F38-B96C-280E0607F533}
2014-02-11 01:43 - 2014-02-11 01:43 - 00000000 ____D () C:\Users\Marty\AppData\Local\{77FB27EF-1BB5-4F98-95C2-AA736EE0D4FC}
2014-02-10 12:57 - 2014-02-10 12:58 - 00000000 ____D () C:\Users\Marty\AppData\Local\{87AE8AD4-73CC-4BCE-AFD3-FBB435E8A221}
2014-02-10 00:57 - 2014-02-10 00:57 - 00000000 ____D () C:\Users\Marty\AppData\Local\{71863DA9-97DE-4A09-89CA-9BC962C2E669}
2014-02-09 12:56 - 2014-02-09 12:57 - 00000000 ____D () C:\Users\Marty\AppData\Local\{2FFC2CC5-4118-4AEA-9F6C-525BE287669B}
2014-02-09 00:56 - 2014-02-09 00:56 - 00000000 ____D () C:\Users\Marty\AppData\Local\{360B13D8-1C16-4D85-A422-2B93A5B3495F}
2014-02-08 12:55 - 2014-02-08 12:55 - 00000000 ____D () C:\Users\Marty\AppData\Local\{488B4281-6981-4D43-A340-B8EF7EAA19E1}
2014-02-08 00:54 - 2014-02-08 00:55 - 00000000 ____D () C:\Users\Marty\AppData\Local\{BCBE3711-C6A8-4D47-BF70-7BB53A5FA799}
2014-02-07 12:44 - 2014-02-07 12:44 - 00000000 ____D () C:\Users\Marty\AppData\Local\{C766032A-F190-4209-AF1A-68C11EB1EF77}
2014-02-07 00:43 - 2014-02-07 00:44 - 00000000 ____D () C:\Users\Marty\AppData\Local\{17A7B69E-8E5A-4358-9882-26B242FB7A94}

==================== One Month Modified Files and Folders =======

2014-03-09 13:34 - 2014-03-03 15:30 - 00023798 _____ () C:\Users\Marty\Downloads\FRST.txt
2014-03-09 13:34 - 2014-03-03 15:30 - 00000000 ____D () C:\FRST
2014-03-09 13:33 - 2014-03-09 13:32 - 02156544 _____ (Farbar) C:\Users\Marty\Downloads\FRST64 (1).exe
2014-03-09 13:00 - 2012-09-11 15:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-09 12:49 - 2013-02-24 09:08 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-09 12:26 - 2014-03-09 12:25 - 00000000 ____D () C:\Users\Marty\AppData\Local\{B2B6C56C-661E-4A57-B120-995D35599C5D}
2014-03-09 12:25 - 2010-08-18 19:06 - 01954889 _____ () C:\Windows\WindowsUpdate.log
2014-03-09 11:25 - 2013-09-16 12:12 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-09 11:21 - 2014-03-09 11:16 - 00000000 ____D () C:\Users\Marty\Desktop\Fotos Michelle
2014-03-09 09:17 - 2010-10-29 16:37 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\HP Support Assistant
2014-03-09 09:17 - 2010-10-16 16:46 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\HpUpdate
2014-03-09 09:17 - 2009-07-14 05:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-09 09:17 - 2009-07-14 05:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-09 09:09 - 2014-03-08 07:53 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-03-09 09:08 - 2013-03-06 23:51 - 00000029 _____ () C:\Windows\SysWOW64\TempWmicBatchFile.bat
2014-03-09 09:07 - 2014-03-09 09:07 - 00000000 ____D () C:\Users\Marty\Documents\TuneClone
2014-03-09 09:07 - 2013-02-24 09:08 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-09 09:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-09 09:07 - 2009-07-14 05:51 - 00258749 _____ () C:\Windows\setupact.log
2014-03-09 09:06 - 2012-10-13 14:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-09 00:21 - 2014-03-09 00:21 - 00000000 ____D () C:\Users\Marty\AppData\Local\{0F29B83F-1858-42C1-9927-9ED3574E83E1}
2014-03-08 11:54 - 2014-03-08 11:54 - 00000000 ____D () C:\Users\Marty\AppData\Local\{1187DE0E-4B36-4557-9F8D-AD4592245AE0}
2014-03-07 23:54 - 2014-03-07 23:53 - 00000000 ____D () C:\Users\Marty\AppData\Local\{9757C1B6-5668-472E-A4C6-69D03A692C9A}
2014-03-07 11:53 - 2014-03-07 11:53 - 00000000 ____D () C:\Users\Marty\AppData\Local\{A3725E6A-4DC4-4A6F-AC37-3F182CF476BD}
2014-03-07 11:52 - 2010-10-21 14:40 - 00000000 ____D () C:\Users\Marty\AppData\Local\CrashDumps
2014-03-06 21:51 - 2014-03-06 21:51 - 00000000 ____D () C:\Users\Marty\AppData\Local\{C51E8A5A-B8D4-4D7F-997B-36E9CCE767A5}
2014-03-06 12:53 - 2011-01-12 08:31 - 00069120 _____ () C:\Users\Marty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-06 12:48 - 2013-08-10 22:59 - 00000000 ___RD () C:\Users\Marty\Desktop\Bär Musik alles
2014-03-06 09:51 - 2014-03-06 09:50 - 00000000 ____D () C:\Users\Marty\AppData\Local\{19E82193-3740-421C-80E8-75E02AED5C51}
2014-03-05 20:37 - 2014-03-05 20:37 - 00000000 ____D () C:\Users\Marty\AppData\Local\{368C6749-916B-453F-A8EC-D03580A8EC2D}
2014-03-05 19:20 - 2012-09-17 07:23 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMarty
2014-03-05 19:20 - 2012-09-17 07:23 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForMarty.job
2014-03-05 14:56 - 2010-07-28 20:36 - 00699698 _____ () C:\Windows\system32\perfh007.dat
2014-03-05 14:56 - 2010-07-28 20:36 - 00149838 _____ () C:\Windows\system32\perfc007.dat
2014-03-05 14:56 - 2009-07-14 06:13 - 01621804 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-05 08:36 - 2014-03-05 08:36 - 00000000 ____D () C:\Users\Marty\AppData\Local\{67B506CB-B86B-4081-9959-7250D3B0E3A8}
2014-03-05 01:18 - 2014-03-05 01:18 - 00000000 _____ () C:\autoexec.bat
2014-03-05 01:17 - 2014-03-05 01:17 - 00003326 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-03-05 01:17 - 2014-03-05 01:17 - 00002256 _____ () C:\Users\Marty\Desktop\SpyHunter.lnk
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 ____D () C:\sh4ldr
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-05 01:17 - 2014-03-05 01:14 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-03-05 01:13 - 2014-03-05 01:13 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\SpyHunter-Installer.exe
2014-03-05 01:07 - 2014-03-05 01:06 - 00011407 _____ () C:\Users\Marty\Documents\log.xml
2014-03-05 00:18 - 2014-03-05 00:18 - 04892480 _____ (WinZip International LLC ) C:\Users\Marty\Downloads\wzmp_8.exe
2014-03-05 00:18 - 2014-03-05 00:18 - 00001151 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-03-05 00:18 - 2014-03-05 00:18 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Nico Mak Computing
2014-03-05 00:18 - 2014-03-05 00:18 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-03-05 00:18 - 2014-03-05 00:18 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-03-05 00:00 - 2013-07-14 23:03 - 00000384 _____ () C:\Windows\Tasks\Adobe Reader and Acrobat Manager (optimized).job
2014-03-04 20:36 - 2014-03-04 20:35 - 00000000 ____D () C:\Users\Marty\AppData\Local\{713C46A1-6529-499B-935F-8A1B76DA8434}
2014-03-04 12:05 - 2013-08-11 00:48 - 00000000 ____D () C:\output
2014-03-04 10:52 - 2014-03-04 10:52 - 00010046 _____ () C:\Users\Marty\.recently-used.xbel
2014-03-04 10:52 - 2010-10-15 16:06 - 00000000 ____D () C:\Users\Marty
2014-03-04 10:51 - 2014-02-26 18:33 - 00000000 ____D () C:\Users\Marty\.gimp-2.6
2014-03-04 10:44 - 2014-02-26 18:51 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\gtk-2.0
2014-03-04 08:53 - 2013-11-19 01:39 - 00002137 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 08:35 - 2014-03-04 08:35 - 00000000 ____D () C:\Users\Marty\AppData\Local\{754483FE-04FE-4BC4-8C2F-006E76C98D66}
2014-03-04 01:06 - 2010-07-28 20:06 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-04 01:05 - 2014-03-04 01:05 - 00000000 ____D () C:\Intel
2014-03-03 23:51 - 2010-10-15 16:14 - 00000000 ___RD () C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-03 23:48 - 2014-03-03 23:48 - 00000000 ____D () C:\Users\Marty\Documents\Simply Super Software
2014-03-03 23:48 - 2014-03-03 23:48 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Simply Super Software
2014-03-03 23:48 - 2014-03-03 23:48 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-03 23:48 - 2014-03-03 23:47 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-03 23:47 - 2014-03-03 23:47 - 00001101 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2014-03-03 23:47 - 2014-03-03 23:47 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-03 23:42 - 2014-03-03 23:42 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Seagate
2014-03-03 23:42 - 2014-03-03 23:42 - 00000000 ____D () C:\ProgramData\Seagate
2014-03-03 23:41 - 2014-03-03 23:41 - 00971360 _____ (Acronis) C:\Windows\system32\Drivers\timntr.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00275552 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00210016 _____ (Acronis) C:\Windows\system32\Drivers\vididr.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00141920 _____ (Acronis) C:\Windows\system32\Drivers\vsflt53.sys
2014-03-03 23:41 - 2014-03-03 23:41 - 00000000 ____D () C:\Program Files (x86)\Seagate
2014-03-03 23:39 - 2014-03-03 23:39 - 00003124 _____ () C:\Windows\System32\Tasks\{D61F51F5-7647-4029-B5A3-B7E2E38DB974}
2014-03-03 23:39 - 2014-03-03 15:05 - 152117008 _____ () C:\Users\Marty\Downloads\DiscWizardSetup-14387.de.exe
2014-03-03 23:35 - 2014-03-03 15:41 - 10284808 _____ (Malwarebytes Corporation ) C:\Users\Marty\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-03 23:35 - 2014-03-03 15:38 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marty\Downloads\HijackThis.exe
2014-03-03 20:03 - 2014-03-03 20:02 - 00000000 ____D () C:\Users\Marty\AppData\Local\{6159AA22-090E-4471-96AD-790F48FBDCE3}
2014-03-03 16:01 - 2014-03-03 16:01 - 00000000 ____D () C:\Users\Marty\Downloads\backups
2014-03-03 15:41 - 2014-03-03 15:41 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-03 15:41 - 2013-09-11 22:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 15:38 - 2014-03-03 15:38 - 00016245 _____ () C:\Users\Marty\Downloads\hijackthis.log
2014-03-03 15:31 - 2014-03-03 15:31 - 00053795 _____ () C:\Users\Marty\Downloads\Addition.txt
2014-03-03 15:29 - 2014-03-03 15:29 - 02156544 _____ (Farbar) C:\Users\Marty\Downloads\FRST64.exe
2014-03-03 14:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-03 14:42 - 2010-06-18 10:15 - 00000000 _RSHD () C:\hp
2014-03-03 14:41 - 2013-02-21 17:28 - 00000000 ____D () C:\Users\Marty\AppData\Local\Apple Computer
2014-03-03 14:40 - 2013-01-10 05:41 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Apple Computer
2014-03-03 14:27 - 2010-10-15 16:06 - 00000448 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-03-03 08:02 - 2014-03-03 08:02 - 00000000 ____D () C:\Users\Marty\AppData\Local\{60B9E35F-26B5-40D7-A13D-740B8451537D}
2014-03-02 16:56 - 2014-03-02 16:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 16:56 - 2014-03-02 16:55 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 16:56 - 2014-03-02 16:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-02 16:56 - 2013-02-21 17:28 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-02 16:55 - 2014-03-02 16:55 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 16:49 - 2014-03-02 16:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-02 16:49 - 2013-11-10 14:57 - 00001807 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-02 12:24 - 2014-03-02 12:24 - 00000000 ____D () C:\Users\Marty\AppData\Local\{66B71434-9C35-421D-BB99-5782DC1DDCCB}
2014-03-02 00:24 - 2014-03-02 00:23 - 00000000 ____D () C:\Users\Marty\AppData\Local\{B181DF72-A06E-4DBB-8CF2-DDAF241CC97D}
2014-03-01 12:23 - 2014-03-01 12:23 - 00000000 ____D () C:\Users\Marty\AppData\Local\{540C4426-3E7C-469C-B3C5-78A42D736778}
2014-02-28 23:47 - 2014-02-28 23:47 - 00000000 ____D () C:\Users\Marty\AppData\Local\{337853AC-DD9E-47B6-A294-A7FEBBBEDAB2}
2014-02-28 11:47 - 2014-02-28 11:46 - 00000000 ____D () C:\Users\Marty\AppData\Local\{ACD36C7A-BC4C-447A-81BD-E862DF4DB9A9}
2014-02-27 23:46 - 2014-02-27 23:46 - 00000000 ____D () C:\Users\Marty\AppData\Local\{5A6658A0-02D0-4AB5-B83C-54EB5B529FFC}
2014-02-27 22:31 - 2010-11-23 22:25 - 00000000 ____D () C:\Windows\Minidump
2014-02-27 22:31 - 2010-08-18 19:03 - 00426519 ____N () C:\Windows\Minidump\022714-34211-01.dmp
2014-02-27 16:21 - 2013-12-13 12:41 - 00000000 ____D () C:\Users\Marty\Desktop\Backup Marty Samsung Bilder
2014-02-27 11:46 - 2014-02-27 11:45 - 00000000 ____D () C:\Users\Marty\AppData\Local\{9CE3FB80-6F87-4B9F-AE5A-74D7BC008301}
2014-02-27 05:55 - 2013-01-14 15:20 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-27 05:55 - 2010-07-28 19:58 - 00783684 _____ () C:\Windows\PFRO.log
2014-02-27 00:40 - 2010-11-09 17:38 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-02-27 00:38 - 2012-11-05 18:25 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stonehill Games
2014-02-27 00:38 - 2012-11-05 18:25 - 00000000 ____D () C:\Program Files (x86)\Stonehill Games
2014-02-27 00:37 - 2013-03-03 21:36 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-02-27 00:31 - 2014-02-26 18:25 - 00000000 ____D () C:\Program Files (x86)\PursuePoint
2014-02-27 00:30 - 2014-02-26 18:33 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-27 00:30 - 2014-02-26 18:32 - 00000000 ____D () C:\Users\Marty\AppData\Roaming\Real
2014-02-27 00:30 - 2014-02-26 18:31 - 00000000 ____D () C:\ProgramData\Real
2014-02-27 00:29 - 2010-11-06 08:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-26 23:36 - 2014-02-26 23:36 - 00000000 ____D () C:\Users\Marty\AppData\Local\{E95601E2-2C4E-43AD-B28D-77707DAF5629}
2014-02-26 18:40 - 2013-09-11 22:44 - 00000199 _____ () C:\Windows\wininit.ini
2014-02-26 18:39 - 2014-02-26 18:39 - 00000000 ____D () C:\Users\Marty\.thumbnails
2014-02-26 18:37 - 2014-02-26 18:31 - 00001057 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-02-26 18:35 - 2014-02-26 18:34 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-235128457-942058757-4155314245-1001
2014-02-26 18:35 - 2014-02-26 18:34 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-235128457-942058757-4155314245-1001
2014-02-26 18:33 - 2014-02-26 18:33 - 00000000 ____D () C:\Users\Marty\Documents\gegl-0.0
2014-02-26 18:31 - 2014-02-26 18:31 - 00000000 ____D () C:\Program Files (x86)\GIMP-2.0
2014-02-26 18:30 - 2014-02-26 18:30 - 00000000 ____D () C:\Users\Marty\Documents\Optimizer Pro
2014-02-26 18:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2014-02-26 11:36 - 2014-02-26 11:35 - 00000000 ____D () C:\Users\Marty\AppData\Local\{F128EF88-9C29-4DAB-9A71-62D795673988}
2014-02-26 07:57 - 2014-02-26 07:57 - 00000000 ____D () C:\Users\Marty\Desktop\Bilder Frau Borter
2014-02-26 06:39 - 2014-02-26 06:39 - 00030720 _____ () C:\Users\Marty\Desktop\FC Rotkreuz.xls
2014-02-25 22:16 - 2014-02-25 22:16 - 00000000 ____D () C:\Users\Marty\AppData\Local\{9A13D6F4-F658-44B6-A53E-116BF69BE52A}
2014-02-25 10:15 - 2014-02-25 10:15 - 00000000 ____D () C:\Users\Marty\AppData\Local\{1EED7297-E71A-4718-AC7B-6502A34E5607}
2014-02-24 22:11 - 2014-02-24 22:11 - 00000000 ____D () C:\Users\Marty\AppData\Local\{9A2E69EA-8433-4638-93DB-8673DEBCF691}
2014-02-24 10:11 - 2014-02-24 10:10 - 00000000 ____D () C:\Users\Marty\AppData\Local\{DCFEA27E-33D9-44D8-A5DE-F6E5F7FE001B}
2014-02-23 21:11 - 2014-02-23 21:11 - 00000000 ____D () C:\Users\Marty\AppData\Local\{68D43EF6-D95A-42DA-8A4D-24293D5AB7F7}
2014-02-23 09:10 - 2014-02-23 09:10 - 00000000 ____D () C:\Users\Marty\AppData\Local\{147BA528-9C65-4810-9F6D-6B02614AFEC3}
2014-02-22 20:32 - 2014-02-22 20:32 - 00000000 ____D () C:\Users\Marty\AppData\Local\{12FB1A58-3468-4CAE-B0E1-DF12C2EC6562}
2014-02-22 13:11 - 2010-10-23 21:30 - 00000000 ____D () C:\Users\Marty\Hauswart
2014-02-22 08:32 - 2014-02-22 08:31 - 00000000 ____D () C:\Users\Marty\AppData\Local\{E97A4A72-1A3E-429B-889F-9FCA2403A3BE}
2014-02-21 20:08 - 2014-02-21 20:08 - 00000000 ____D () C:\Users\Marty\AppData\Local\{996B8968-56E3-4C5B-86CF-7A7A6A665B8A}
2014-02-21 07:14 - 2014-02-21 07:14 - 00000000 ____D () C:\Users\Marty\AppData\Local\{2A83714C-058A-4620-B2EF-82A572A2DEA1}
2014-02-20 22:00 - 2012-09-11 15:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 22:00 - 2012-09-11 15:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-20 22:00 - 2012-09-11 15:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Marty\AppData\Local\{B7F3083C-8439-43C5-8532-B03B09BB9BF7}
2014-02-20 07:03 - 2014-02-20 07:02 - 00000000 ____D () C:\Users\Marty\AppData\Local\{F1E0CEBB-786A-44B9-8151-2F7D2168A3E2}
2014-02-20 07:03 - 2010-10-15 17:07 - 00000000 ____D () C:\Users\Marty\AppData\Local\Windows Live
2014-02-20 01:18 - 2014-02-20 01:18 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-02-20 00:31 - 2010-11-06 08:54 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 19:02 - 2014-02-19 19:02 - 00000000 ____D () C:\Users\Marty\AppData\Local\{E18AD8F1-0145-4D7F-A4F8-E8FDA65422B6}
2014-02-19 06:50 - 2014-02-19 06:50 - 00000000 ____D () C:\Users\Marty\AppData\Local\{497D23B1-693D-4D63-9766-413AC80CEF2F}
2014-02-19 06:04 - 2013-12-02 15:57 - 00000000 ____D () C:\Users\Marty\AppData\Local\NVIDIA Corporation
2014-02-19 06:04 - 2012-10-13 13:59 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-19 00:50 - 2014-02-19 00:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-19 00:50 - 2013-09-17 23:59 - 00000000 ____D () C:\Users\Marty\AppData\Local\NVIDIA
2014-02-19 00:50 - 2011-08-30 16:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-19 00:50 - 2010-07-28 19:56 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-18 18:50 - 2014-02-18 18:50 - 00000000 ____D () C:\Users\Marty\AppData\Local\{C44967B2-EE6F-4231-A1B5-067471B3C6CE}
2014-02-18 18:39 - 2014-02-18 18:38 - 75211320 _____ (Samsung Electronics Co., Ltd.) C:\Users\Marty\Downloads\KiesSetup (2).exe
2014-02-18 18:39 - 2012-01-21 22:09 - 00000000 ____D () C:\Users\Marty\AppData\Local\Downloaded Installations
2014-02-18 12:18 - 2013-09-16 12:11 - 00624224 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-02-18 12:18 - 2013-09-16 12:11 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-02-18 12:18 - 2013-05-05 21:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-02-18 06:49 - 2014-02-18 06:49 - 00000000 ____D () C:\Users\Marty\AppData\Local\{493C09A9-AF40-4BB0-8F49-317FBD05579F}
2014-02-17 21:56 - 2010-08-18 19:03 - 00385279 ____N () C:\Windows\Minidump\021714-78343-01.dmp
2014-02-17 18:38 - 2014-02-17 18:38 - 00000000 ____D () C:\Users\Marty\AppData\Local\{55B6B6D1-A4D1-41EE-901B-883D0D635725}
2014-02-17 06:38 - 2014-02-17 06:37 - 00000000 ____D () C:\Users\Marty\AppData\Local\{576ACAD5-BB6B-42A2-B33D-6BDB71F6B647}
2014-02-16 23:16 - 2010-10-23 21:47 - 00000000 ____D () C:\Users\Marty\Documents\Eigene Scans
2014-02-16 17:44 - 2013-02-24 09:08 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 17:44 - 2013-02-24 09:08 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 17:42 - 2014-02-16 17:42 - 00000000 ____D () C:\Users\Marty\AppData\Local\{776662FF-EDF7-4AA7-908B-4C10F73DC0D6}
2014-02-16 01:18 - 2014-02-16 01:17 - 00000000 ____D () C:\Users\Marty\AppData\Local\{3F7EF299-5676-4221-B6FA-AA21BDA51005}
2014-02-15 17:04 - 2014-02-15 17:01 - 00000000 ____D () C:\Users\Marty\Desktop\Tätä Bilder altes Natel
2014-02-15 16:45 - 2013-03-03 21:36 - 00001964 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 ____D () C:\Users\Marty\AppData\Local\{39FBFE55-2BEE-425D-9476-F54BC0246B16}
2014-02-14 20:41 - 2014-02-14 20:41 - 00000000 ____D () C:\Users\Marty\AppData\Local\{E2466639-1C1A-4C67-A19D-459D215068B5}
2014-02-14 08:41 - 2014-02-14 08:40 - 00000000 ____D () C:\Users\Marty\AppData\Local\{AF05532D-1400-4DFF-8E5F-AC6D843274EF}
2014-02-13 20:40 - 2014-02-13 20:40 - 00000000 ____D () C:\Users\Marty\AppData\Local\{D53434C6-1FE4-4209-8067-A9ABEBFFFA95}
2014-02-13 15:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 08:52 - 2013-08-14 22:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-13 08:52 - 2010-10-16 08:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 08:49 - 2010-10-16 08:48 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 08:45 - 2013-09-17 23:50 - 01595148 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-13 08:40 - 2014-02-13 08:39 - 00000000 ____D () C:\Users\Marty\AppData\Local\{D6A75AD5-25F7-457E-926C-3F1121F9BA5D}
2014-02-12 21:16 - 2014-02-12 21:16 - 00365322 _____ () C:\Users\Marty\Downloads\SchaubLorenz_3005.zip
2014-02-12 20:33 - 2014-02-12 20:32 - 00000000 ____D () C:\Users\Marty\AppData\Local\{8AD088B5-4FFB-44D0-8798-E377F49BAF66}
2014-02-12 08:32 - 2014-02-12 08:32 - 00000000 ____D () C:\Users\Marty\AppData\Local\{B59D604C-2D41-4D7B-BDD9-79224B221855}
2014-02-11 20:21 - 2014-02-11 20:21 - 00000000 ____D () C:\Users\Marty\AppData\Local\{320B3DF4-B3BB-4F38-B96C-280E0607F533}
2014-02-11 01:43 - 2014-02-11 01:43 - 00000000 ____D () C:\Users\Marty\AppData\Local\{77FB27EF-1BB5-4F98-95C2-AA736EE0D4FC}
2014-02-10 12:58 - 2014-02-10 12:57 - 00000000 ____D () C:\Users\Marty\AppData\Local\{87AE8AD4-73CC-4BCE-AFD3-FBB435E8A221}
2014-02-10 00:57 - 2014-02-10 00:57 - 00000000 ____D () C:\Users\Marty\AppData\Local\{71863DA9-97DE-4A09-89CA-9BC962C2E669}
2014-02-09 12:57 - 2014-02-09 12:56 - 00000000 ____D () C:\Users\Marty\AppData\Local\{2FFC2CC5-4118-4AEA-9F6C-525BE287669B}
2014-02-09 00:56 - 2014-02-09 00:56 - 00000000 ____D () C:\Users\Marty\AppData\Local\{360B13D8-1C16-4D85-A422-2B93A5B3495F}
2014-02-08 19:34 - 2014-02-19 00:45 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 17715784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-08 19:34 - 2014-02-19 00:45 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-08 19:34 - 2014-02-19 00:45 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-08 19:34 - 2013-12-02 15:50 - 15740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-08 19:34 - 2013-02-25 23:32 - 02713728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-02-08 19:34 - 2012-10-13 13:59 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-02-08 19:34 - 2012-10-13 13:59 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-02-08 19:34 - 2012-10-13 13:53 - 18257576 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-08 19:34 - 2012-10-13 13:53 - 14669032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-02-08 19:34 - 2012-10-13 13:53 - 03090184 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-02-08 19:34 - 2012-10-13 13:53 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-02-08 18:42 - 2012-10-13 14:00 - 06712608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-02-08 18:42 - 2012-10-13 14:00 - 03498272 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-02-08 18:42 - 2012-10-13 14:00 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-02-08 18:42 - 2012-10-13 14:00 - 00923936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-02-08 18:42 - 2012-10-13 14:00 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-02-08 18:42 - 2012-10-13 14:00 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-02-08 17:18 - 2014-02-19 00:49 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-02-08 12:55 - 2014-02-08 12:55 - 00000000 ____D () C:\Users\Marty\AppData\Local\{488B4281-6981-4D43-A340-B8EF7EAA19E1}
2014-02-08 00:55 - 2014-02-08 00:54 - 00000000 ____D () C:\Users\Marty\AppData\Local\{BCBE3711-C6A8-4D47-BF70-7BB53A5FA799}
2014-02-07 12:44 - 2014-02-07 12:44 - 00000000 ____D () C:\Users\Marty\AppData\Local\{C766032A-F190-4209-AF1A-68C11EB1EF77}
2014-02-07 00:44 - 2014-02-07 00:43 - 00000000 ____D () C:\Users\Marty\AppData\Local\{17A7B69E-8E5A-4358-9882-26B242FB7A94}

Some content of TEMP:
====================
C:\Users\Marty\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 06:55

==================== End Of Log ============================
         

--- --- ---

FRST Additions Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2014 01
Ran by Marty at 2014-03-09 13:55:34
Running from C:\Users\Marty\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.15 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0915-000001000000}) (Version: 9.15.00.0 - Igor Pavlov)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audio Conversion Wizard 1.4 (HKLM-x32\...\Audio Conversion Wizard_is1) (Version: 1.4 - Audio Conversion Wizard)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
C-CHANNEL e-banking (PAYMAKER / NetBanking) (HKLM-x32\...\{77C499C8-AB66-11D5-BFC3-0050DADD1B5E}) (Version:  - )
C-CHANNEL OnlineUpdate (HKLM-x32\...\{408FA92C-0766-48A1-8055-D6DFD27B7C2B}) (Version:  - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2712 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
eMule (HKLM-x32\...\eMule) (Version:  - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
eTax.zug 2011 nP 11.0.4 (HKLM-x32\...\3178-8934-6856-6609) (Version: 11.0.4 - Information Factory AG)
Freemake Video Converter Version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.6.10 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3902 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.0.3902 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3910 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.0.3910 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.0.3911 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.0.3911 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 7520 series - Grundlegende Software für das Gerät (HKLM\...\{62883BA5-32F6-44D0-AF9D-9CBED778F36F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Hilfe (HKLM-x32\...\{2230C40A-ADE0-4231-98EC-7AAFC14BC7F3}) (Version: 28.0.0 - Hewlett Packard)
HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)
HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LightScribe System Software (HKLM-x32\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc. Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.50.862.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.50.859.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.50.861.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
MAGIX MP3 Maker 16 11.0.3.117 (D) (HKLM-x32\...\MAGIX MP3 Maker 16 D) (Version: 11.0.3.117 - MAGIX AG)
MAGIX PC Check & Tuning 2013 (HKLM-x32\...\MAGIX_{25CF2A46-29E1-462F-B5EB-3BF22F4B37DB}) (Version: 9.3.1.4 - MAGIX AG)
MAGIX PC Check & Tuning 2013 (Version: 9.3.1.4 - MAGIX AG) Hidden
MAGIX PC Live (HKLM-x32\...\MAGIX_{ABD8F949-8707-466A-A727-14E703516133}) (Version: 1.1.4734.18600 - MAGIX AG)
MAGIX PC Live (Version: 1.1.4734.18600 - MAGIX AG) Hidden
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.7 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
miCoach Manager (HKLM-x32\...\adidas miCoach Manager_is1) (Version: 5.2.9 - adidas)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1342 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1342 - TomTom)
Nero 7 Essentials (HKLM-x32\...\{F61DD673-0030-4BB2-A382-7E57E97F1031}) (Version: 7.02.8078 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM-x32\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR)
NETGEAR WG111v3 wireless USB 2.0 adapter (x32 Version: 1.01.10 - NETGEAR) Hidden
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4527 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.4527 - CyberLink Corp.) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
Reader for PC (HKLM-x32\...\{71FB3127-E6B2-4058-ACEE-99813554FAB6}) (Version: 2.2.00.11270 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
SCR3xxx Smart Card Reader (HKLM-x32\...\{9C411EF9-6EBA-46E3-8132-EDADF1CC0B16}) (Version: 8.41 - SCM Microsystems)
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Seagate DiscWizard (HKLM-x32\...\{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}) (Version: 13.0.14387 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
simtrain's - Gotthard Route I (HKLM-x32\...\{E9728D55-B764-414A-8ABB-C1B227B35AA0}) (Version:  - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpyHunter (HKLM\...\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Stöck Wyys Stich 10 (HKLM-x32\...\{D707A9BC-2C43-432E-9522-341C7C5E6EBD}) (Version: 10.3 - Optobyte AG)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab for Intel (HKLM-x32\...\{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}) (Version: 4.4.24.0 - Husdawg, LLC)
Trojan Remover 6.9.1.2929 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2929 - Simply Super Software)
TuneClone 2.20 (HKLM\...\TuneClone_is1) (Version:  - TuneClone.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version:  - WAV To MP3 - WAV To MP3 Converter - Download FREE)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
XMind (HKLM-x32\...\XMind) (Version: 3.2.1 - XMind Ltd.)

==================== Restore Points  =========================

26-02-2014 23:27:28 Removed Studie zur Verbesserung von HP Photosmart 7520 series Produkten
26-02-2014 23:29:02 Removed Skype Toolbars
26-02-2014 23:32:18 Removed PlayReady PC Runtime amd64
27-02-2014 21:38:44 Windows Update
03-03-2014 22:40:04 Seagate DiscWizard wird installiert
04-03-2014 00:05:22 MAGIX Treiberaktualisierung: Intel® INF Update Utility 9.3.0.1020
04-03-2014 20:08:21 Windows Update
05-03-2014 00:14:29 Installed SpyHunter
05-03-2014 00:17:17 Installed SpyHunter

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1175E919-3268-4118-961C-983BD7BCFEDB} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {120787BF-FB69-4E06-8CFC-41B0361085AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {1633CA40-F352-4BE1-8F4C-555910337642} - System32\Tasks\HP AR Program Upload - 53d1792edf384e7ab22d28c613f732c4bf0b6bd484a549d6a21b2533e56222ae => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {2ACE881B-6F34-4D34-BF16-79DB55793F9E} - System32\Tasks\{CB221FE9-A95A-4003-8AE3-C5F409DFE297} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {3A998551-2214-4620-A755-ACCEF8F4CF9E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {55C2B1A7-E66A-4114-874B-4022FCB15BB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {598CCB84-3839-47FB-8B00-695DF70A5DB0} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-02] (PC-Doctor, Inc.)
Task: {5C7DFDC6-F552-42E2-9ADC-7D55A41E6B0D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5E385250-ECFC-4190-B14C-A31276384413} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {67A0606F-AFD1-4B47-8E66-20E01E274C09} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {68689E7E-5171-428E-8FF2-2EA77BBB647B} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {69EE056A-B5CA-425E-99FC-B0979F807FA3} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {6B0F42D8-C07E-4D25-A03D-A95995DDF853} - System32\Tasks\{39B03E6A-2151-4A6E-8894-6AC107BFA651} => C:\Program Files (x86)\Microsoft Games\Train Simulator\launcher.exe [2002-02-20] (Kuju Entertainment Ltd)
Task: {7D87AA1D-A616-442A-A368-70F4A2C80065} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-235128457-942058757-4155314245-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {80F5AC15-3585-4161-98CD-D172B45F2DFD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {91D84180-C317-4F02-8A32-EDFCF1BBC61B} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-01-09] (Enigma Software Group USA, LLC.)
Task: {97236846-1B9B-49F3-A262-68625ABBF7BF} - System32\Tasks\{062C6EF6-2D57-4967-96C6-D1B0A12A03F8} => Iexplore.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {9DC8525D-586B-45E8-9B21-8777368DFD1D} - System32\Tasks\{450EF44F-DE16-438E-902D-217280567D71} => C:\Program Files (x86)\Microsoft Games\Train Simulator\launcher.exe [2002-02-20] (Kuju Entertainment Ltd)
Task: {A26F9BB8-E8F5-4DE0-B32B-EB4422D12554} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24] (Google Inc.)
Task: {A31CFA6C-041D-4638-8678-3F0980727AD4} - System32\Tasks\Adobe Reader and Acrobat Manager (optimized) => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {A4C2081D-14B5-43D0-A17A-2DFC8BCAD478} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24] (Google Inc.)
Task: {A6AB1CD2-D07E-40D5-AC2B-536210823B3F} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {C3DC3E06-BA32-43F2-8D8D-A9437C0C5910} - System32\Tasks\HPCeeScheduleForMarty => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {CA335461-3DFC-4318-B3C2-3EA204D61AE1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-235128457-942058757-4155314245-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D26FB1B2-0473-4309-AC24-DDBD0E455F01} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {DEE0F231-E489-4B1F-BEDC-8CD36D0C4097} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E78679C2-5F36-4E2E-95BF-546AAD92159B} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Adobe Reader and Acrobat Manager (optimized).job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMarty.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2012-10-13 14:00 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-06-30 15:54 - 2011-06-30 15:54 - 01233720 _____ () C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll
2010-01-18 18:21 - 2010-01-18 18:21 - 00568888 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2011-06-30 15:52 - 2011-06-30 15:52 - 02674104 _____ () C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
2011-11-11 13:07 - 2011-11-11 13:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-03-05 00:18 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-03-05 00:18 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2013-03-18 20:52 - 2012-02-24 09:00 - 00077824 _____ () C:\Program Files\TuneClone\vtblog.dll
2013-03-18 20:52 - 2012-02-24 09:00 - 00020480 _____ () C:\Program Files\TuneClone\URLLink.dll
2013-03-18 20:52 - 2012-02-24 09:00 - 00036864 _____ () C:\Program Files\TuneClone\EncodeAndTagComm.dll
2013-03-18 20:52 - 2012-02-24 09:00 - 00049152 _____ () C:\Program Files\TuneClone\DL_WMAEncoder.DLL
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-11-29 10:29 - 2013-11-29 10:29 - 00026520 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00082840 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00344984 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2011-03-01 22:14 - 2011-03-01 22:14 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-03-01 22:14 - 2011-03-01 22:14 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-03-01 22:15 - 2011-03-01 22:15 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-03-01 22:15 - 2011-03-01 22:15 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-03-01 22:15 - 2011-03-01 22:15 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2013-11-27 20:48 - 2013-11-27 20:48 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2013-11-26 11:34 - 2013-11-26 11:34 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2011-06-30 15:52 - 2011-06-30 15:52 - 00071008 _____ () C:\Program Files (x86)\Seagate\DiscWizard\Common\rpc_client.dll
2012-07-23 14:10 - 2012-07-23 14:10 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2010-09-28 14:00 - 2010-09-28 14:00 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-09-28 14:00 - 2010-09-28 14:00 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-09-28 14:00 - 2010-09-28 14:00 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2014-02-13 09:46 - 2014-02-13 09:46 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\367540c92c2004ff2c6695778fed5dd6\IsdiInterop.ni.dll
2010-07-28 20:06 - 2011-05-20 09:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0B174FAE
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/09/2014 04:11:53 PM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 04:11:52 PM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:31:16 PM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:31:16 PM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 00:25:37 PM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 11:07:48 AM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 10:46:26 AM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 10:07:48 AM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 09:39:42 AM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:20:45 AM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert


System errors:
=============
Error: (03/07/2014 09:03:24 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎07.‎03.‎2014 um 21:01:18 unerwartet heruntergefahren.

Error: (03/07/2014 11:44:10 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎07.‎03.‎2014 um 11:42:50 unerwartet heruntergefahren.

Error: (03/07/2014 11:26:51 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst nvsvc erreicht.

Error: (03/07/2014 11:26:21 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst nvsvc erreicht.

Error: (03/07/2014 07:59:51 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst nvsvc erreicht.

Error: (03/07/2014 06:35:10 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst nvsvc erreicht.

Error: (03/06/2014 05:18:16 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR9 gefunden.

Error: (03/06/2014 05:18:16 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR9 gefunden.

Error: (03/06/2014 05:18:15 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR9 gefunden.

Error: (03/06/2014 05:18:15 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR9 gefunden.


Microsoft Office Sessions:
=========================
Error: (03/09/2014 04:11:53 PM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 04:11:52 PM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:31:16 PM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:31:16 PM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 00:25:37 PM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 11:07:48 AM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 10:46:26 AM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 10:07:48 AM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 09:39:42 AM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:20:45 AM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert


CodeIntegrity Errors:
===================================
  Date: 2013-03-03 21:35:22.686
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:22.578
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:20.408
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:20.302
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:18.135
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:18.028
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:15.881
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:15.788
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:13.619
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:13.526
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 35%
Total physical RAM: 3959.08 MB
Available physical RAM: 2558.3 MB
Total Pagefile: 7916.34 MB
Available Pagefile: 3724.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1384.32 GB) (Free:1112.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         

--- --- ---


FRST Additions Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2014 01
Ran by Marty at 2014-03-09 13:55:34
Running from C:\Users\Marty\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.15 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0915-000001000000}) (Version: 9.15.00.0 - Igor Pavlov)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audio Conversion Wizard 1.4 (HKLM-x32\...\Audio Conversion Wizard_is1) (Version: 1.4 - Audio Conversion Wizard)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
C-CHANNEL e-banking (PAYMAKER / NetBanking) (HKLM-x32\...\{77C499C8-AB66-11D5-BFC3-0050DADD1B5E}) (Version:  - )
C-CHANNEL OnlineUpdate (HKLM-x32\...\{408FA92C-0766-48A1-8055-D6DFD27B7C2B}) (Version:  - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2712 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
eMule (HKLM-x32\...\eMule) (Version:  - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
eTax.zug 2011 nP 11.0.4 (HKLM-x32\...\3178-8934-6856-6609) (Version: 11.0.4 - Information Factory AG)
Freemake Video Converter Version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.6.10 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3902 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.0.3902 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3910 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.0.3910 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.0.3911 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.0.3911 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 7520 series - Grundlegende Software für das Gerät (HKLM\...\{62883BA5-32F6-44D0-AF9D-9CBED778F36F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Hilfe (HKLM-x32\...\{2230C40A-ADE0-4231-98EC-7AAFC14BC7F3}) (Version: 28.0.0 - Hewlett Packard)
HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)
HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LightScribe System Software (HKLM-x32\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc. Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.50.862.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.50.859.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.50.861.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
MAGIX MP3 Maker 16 11.0.3.117 (D) (HKLM-x32\...\MAGIX MP3 Maker 16 D) (Version: 11.0.3.117 - MAGIX AG)
MAGIX PC Check & Tuning 2013 (HKLM-x32\...\MAGIX_{25CF2A46-29E1-462F-B5EB-3BF22F4B37DB}) (Version: 9.3.1.4 - MAGIX AG)
MAGIX PC Check & Tuning 2013 (Version: 9.3.1.4 - MAGIX AG) Hidden
MAGIX PC Live (HKLM-x32\...\MAGIX_{ABD8F949-8707-466A-A727-14E703516133}) (Version: 1.1.4734.18600 - MAGIX AG)
MAGIX PC Live (Version: 1.1.4734.18600 - MAGIX AG) Hidden
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.7 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
miCoach Manager (HKLM-x32\...\adidas miCoach Manager_is1) (Version: 5.2.9 - adidas)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1342 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1342 - TomTom)
Nero 7 Essentials (HKLM-x32\...\{F61DD673-0030-4BB2-A382-7E57E97F1031}) (Version: 7.02.8078 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM-x32\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR)
NETGEAR WG111v3 wireless USB 2.0 adapter (x32 Version: 1.01.10 - NETGEAR) Hidden
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4527 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.4527 - CyberLink Corp.) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
Reader for PC (HKLM-x32\...\{71FB3127-E6B2-4058-ACEE-99813554FAB6}) (Version: 2.2.00.11270 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
SCR3xxx Smart Card Reader (HKLM-x32\...\{9C411EF9-6EBA-46E3-8132-EDADF1CC0B16}) (Version: 8.41 - SCM Microsystems)
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Seagate DiscWizard (HKLM-x32\...\{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}) (Version: 13.0.14387 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
simtrain's - Gotthard Route I (HKLM-x32\...\{E9728D55-B764-414A-8ABB-C1B227B35AA0}) (Version:  - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpyHunter (HKLM\...\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Stöck Wyys Stich 10 (HKLM-x32\...\{D707A9BC-2C43-432E-9522-341C7C5E6EBD}) (Version: 10.3 - Optobyte AG)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab for Intel (HKLM-x32\...\{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}) (Version: 4.4.24.0 - Husdawg, LLC)
Trojan Remover 6.9.1.2929 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2929 - Simply Super Software)
TuneClone 2.20 (HKLM\...\TuneClone_is1) (Version:  - TuneClone.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version:  - hxxp://www.WAVMP3.net)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
XMind (HKLM-x32\...\XMind) (Version: 3.2.1 - XMind Ltd.)

==================== Restore Points  =========================

26-02-2014 23:27:28 Removed Studie zur Verbesserung von HP Photosmart 7520 series Produkten
26-02-2014 23:29:02 Removed Skype Toolbars
26-02-2014 23:32:18 Removed PlayReady PC Runtime amd64
27-02-2014 21:38:44 Windows Update
03-03-2014 22:40:04 Seagate DiscWizard wird installiert
04-03-2014 00:05:22 MAGIX Treiberaktualisierung: Intel® INF Update Utility 9.3.0.1020
04-03-2014 20:08:21 Windows Update
05-03-2014 00:14:29 Installed SpyHunter
05-03-2014 00:17:17 Installed SpyHunter

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1175E919-3268-4118-961C-983BD7BCFEDB} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {120787BF-FB69-4E06-8CFC-41B0361085AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {1633CA40-F352-4BE1-8F4C-555910337642} - System32\Tasks\HP AR Program Upload - 53d1792edf384e7ab22d28c613f732c4bf0b6bd484a549d6a21b2533e56222ae => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {2ACE881B-6F34-4D34-BF16-79DB55793F9E} - System32\Tasks\{CB221FE9-A95A-4003-8AE3-C5F409DFE297} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {3A998551-2214-4620-A755-ACCEF8F4CF9E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {55C2B1A7-E66A-4114-874B-4022FCB15BB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {598CCB84-3839-47FB-8B00-695DF70A5DB0} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-02] (PC-Doctor, Inc.)
Task: {5C7DFDC6-F552-42E2-9ADC-7D55A41E6B0D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5E385250-ECFC-4190-B14C-A31276384413} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {67A0606F-AFD1-4B47-8E66-20E01E274C09} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {68689E7E-5171-428E-8FF2-2EA77BBB647B} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {69EE056A-B5CA-425E-99FC-B0979F807FA3} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {6B0F42D8-C07E-4D25-A03D-A95995DDF853} - System32\Tasks\{39B03E6A-2151-4A6E-8894-6AC107BFA651} => C:\Program Files (x86)\Microsoft Games\Train Simulator\launcher.exe [2002-02-20] (Kuju Entertainment Ltd)
Task: {7D87AA1D-A616-442A-A368-70F4A2C80065} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-235128457-942058757-4155314245-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {80F5AC15-3585-4161-98CD-D172B45F2DFD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {91D84180-C317-4F02-8A32-EDFCF1BBC61B} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-01-09] (Enigma Software Group USA, LLC.)
Task: {97236846-1B9B-49F3-A262-68625ABBF7BF} - System32\Tasks\{062C6EF6-2D57-4967-96C6-D1B0A12A03F8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.152/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;userdeclined,google-chrome:offered-installed;madedefault
Task: {9DC8525D-586B-45E8-9B21-8777368DFD1D} - System32\Tasks\{450EF44F-DE16-438E-902D-217280567D71} => C:\Program Files (x86)\Microsoft Games\Train Simulator\launcher.exe [2002-02-20] (Kuju Entertainment Ltd)
Task: {A26F9BB8-E8F5-4DE0-B32B-EB4422D12554} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24] (Google Inc.)
Task: {A31CFA6C-041D-4638-8678-3F0980727AD4} - System32\Tasks\Adobe Reader and Acrobat Manager (optimized) => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {A4C2081D-14B5-43D0-A17A-2DFC8BCAD478} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24] (Google Inc.)
Task: {A6AB1CD2-D07E-40D5-AC2B-536210823B3F} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {C3DC3E06-BA32-43F2-8D8D-A9437C0C5910} - System32\Tasks\HPCeeScheduleForMarty => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {CA335461-3DFC-4318-B3C2-3EA204D61AE1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-235128457-942058757-4155314245-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D26FB1B2-0473-4309-AC24-DDBD0E455F01} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {DEE0F231-E489-4B1F-BEDC-8CD36D0C4097} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E78679C2-5F36-4E2E-95BF-546AAD92159B} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Adobe Reader and Acrobat Manager (optimized).job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMarty.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2012-10-13 14:00 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-06-30 15:54 - 2011-06-30 15:54 - 01233720 _____ () C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll
2010-01-18 18:21 - 2010-01-18 18:21 - 00568888 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2011-06-30 15:52 - 2011-06-30 15:52 - 02674104 _____ () C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
2011-11-11 13:07 - 2011-11-11 13:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-03-05 00:18 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-03-05 00:18 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2013-03-18 20:52 - 2012-02-24 09:00 - 00077824 _____ () C:\Program Files\TuneClone\vtblog.dll
2013-03-18 20:52 - 2012-02-24 09:00 - 00020480 _____ () C:\Program Files\TuneClone\URLLink.dll
2013-03-18 20:52 - 2012-02-24 09:00 - 00036864 _____ () C:\Program Files\TuneClone\EncodeAndTagComm.dll
2013-03-18 20:52 - 2012-02-24 09:00 - 00049152 _____ () C:\Program Files\TuneClone\DL_WMAEncoder.DLL
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-11-29 10:29 - 2013-11-29 10:29 - 00026520 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00082840 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00344984 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2011-03-01 22:14 - 2011-03-01 22:14 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-03-01 22:14 - 2011-03-01 22:14 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-03-01 22:15 - 2011-03-01 22:15 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-03-01 22:15 - 2011-03-01 22:15 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-03-01 22:15 - 2011-03-01 22:15 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2013-11-27 20:48 - 2013-11-27 20:48 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2013-11-26 11:34 - 2013-11-26 11:34 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2011-06-30 15:52 - 2011-06-30 15:52 - 00071008 _____ () C:\Program Files (x86)\Seagate\DiscWizard\Common\rpc_client.dll
2012-07-23 14:10 - 2012-07-23 14:10 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2010-09-28 14:00 - 2010-09-28 14:00 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-09-28 14:00 - 2010-09-28 14:00 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-09-28 14:00 - 2010-09-28 14:00 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2014-02-13 09:46 - 2014-02-13 09:46 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\367540c92c2004ff2c6695778fed5dd6\IsdiInterop.ni.dll
2010-07-28 20:06 - 2011-05-20 09:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0B174FAE
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/09/2014 04:11:53 PM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 04:11:52 PM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:31:16 PM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:31:16 PM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 00:25:37 PM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 11:07:48 AM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 10:46:26 AM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 10:07:48 AM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 09:39:42 AM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:20:45 AM) (Source: PreyCronService) (User: )
Description: Zugriff verweigert


System errors:
=============
Error: (03/07/2014 09:03:24 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎07.‎03.‎2014 um 21:01:18 unerwartet heruntergefahren.

Error: (03/07/2014 11:44:10 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎07.‎03.‎2014 um 11:42:50 unerwartet heruntergefahren.

Error: (03/07/2014 11:26:51 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst nvsvc erreicht.

Error: (03/07/2014 11:26:21 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst nvsvc erreicht.

Error: (03/07/2014 07:59:51 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst nvsvc erreicht.

Error: (03/07/2014 06:35:10 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst nvsvc erreicht.

Error: (03/06/2014 05:18:16 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR9 gefunden.

Error: (03/06/2014 05:18:16 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR9 gefunden.

Error: (03/06/2014 05:18:15 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR9 gefunden.

Error: (03/06/2014 05:18:15 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR9 gefunden.


Microsoft Office Sessions:
=========================
Error: (03/09/2014 04:11:53 PM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 04:11:52 PM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:31:16 PM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:31:16 PM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 00:25:37 PM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 11:07:48 AM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 10:46:26 AM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 10:07:48 AM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 09:39:42 AM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert

Error: (03/09/2014 01:20:45 AM) (Source: PreyCronService)(User: )
Description: Zugriff verweigert


CodeIntegrity Errors:
===================================
  Date: 2013-03-03 21:35:22.686
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:22.578
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:20.408
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:20.302
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:18.135
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:18.028
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:15.881
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:15.788
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:13.619
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-03 21:35:13.526
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 35%
Total physical RAM: 3959.08 MB
Available physical RAM: 2558.3 MB
Total Pagefile: 7916.34 MB
Available Pagefile: 3724.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1384.32 GB) (Free:1112.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         

--- --- ---

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Hallo, hier die Combofix.txt:

Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 14-03-05.01 - Marty 10.03.2014  18:13:30.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.41.1031.18.3959.1550 [GMT 1:00]
ausgeführt von:: c:\users\Marty\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\users\Marty\Documents\~WRL1117.tmp
c:\users\Marty\Documents\~WRL3727.tmp
c:\windows\IsUn0407.exe
c:\windows\SysWow64\SET16B5.tmp
c:\windows\SysWow64\SET6D7F.tmp
c:\windows\SysWow64\SET70EB.tmp
c:\windows\SysWow64\SETE69.tmp
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-10 bis 2014-03-10  ))))))))))))))))))))))))))))))
.
.
2014-03-10 17:22 . 2014-03-10 17:22	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-03-10 17:07 . 2014-01-09 02:22	5694464	----a-w-	c:\windows\SysWow64\mstscax.dll
2014-03-10 17:07 . 2014-01-03 22:44	6574592	----a-w-	c:\windows\system32\mstscax.dll
2014-03-09 23:33 . 2014-03-09 23:37	--------	d-----w-	c:\programdata\SecTaskMan
2014-03-09 23:33 . 2014-03-09 23:33	--------	d-----w-	c:\program files (x86)\Security Task Manager
2014-03-09 23:26 . 2014-03-09 23:26	--------	d-----w-	c:\program files (x86)\SmartPCFixer
2014-03-09 21:06 . 2013-09-25 02:23	1030144	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-03-09 21:06 . 2013-09-25 01:57	792576	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-03-05 00:17 . 2014-03-05 00:17	--------	d-----w-	c:\program files\Enigma Software Group
2014-03-05 00:14 . 2014-03-09 23:14	--------	d-----w-	c:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-03-05 00:14 . 2014-03-05 00:14	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2014-03-04 23:18 . 2014-03-09 23:11	--------	d-----w-	c:\users\Marty\AppData\Roaming\Nico Mak Computing
2014-03-04 00:06 . 2012-01-16 10:06	53248	------w-	c:\windows\SysWow64\CSVer.dll
2014-03-04 00:05 . 2014-03-04 00:05	--------	d-----w-	C:\Intel
2014-03-03 22:48 . 2014-03-03 22:48	--------	d-----w-	c:\programdata\Licenses
2014-03-03 22:47 . 2014-03-03 22:47	--------	d-----w-	c:\programdata\Simply Super Software
2014-03-03 22:42 . 2014-03-03 22:42	--------	d-----w-	c:\users\Marty\AppData\Roaming\Seagate
2014-03-03 22:42 . 2014-03-03 22:42	--------	d-----w-	c:\programdata\Seagate
2014-03-03 22:41 . 2014-03-03 22:41	971360	----a-w-	c:\windows\system32\drivers\timntr.sys
2014-03-03 22:41 . 2014-03-03 22:41	210016	----a-w-	c:\windows\system32\drivers\vididr.sys
2014-03-03 22:41 . 2014-03-03 22:41	141920	----a-w-	c:\windows\system32\drivers\vsflt53.sys
2014-03-03 22:41 . 2014-03-03 22:41	275552	----a-w-	c:\windows\system32\drivers\snapman.sys
2014-03-03 22:41 . 2014-03-03 22:41	--------	d-----w-	c:\program files (x86)\Common Files\Acronis
2014-03-03 22:41 . 2014-03-03 22:41	--------	d-----w-	c:\program files (x86)\Common Files\Seagate
2014-03-03 22:41 . 2014-03-03 22:41	--------	d-----w-	c:\program files (x86)\Seagate
2014-03-03 14:30 . 2014-03-09 15:12	--------	d-----w-	C:\FRST
2014-03-02 15:55 . 2014-03-02 15:55	--------	d-----w-	c:\program files\iPod
2014-03-02 15:55 . 2014-03-02 15:56	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 15:55 . 2014-03-02 15:56	--------	d-----w-	c:\program files\iTunes
2014-03-02 15:55 . 2014-03-02 15:56	--------	d-----w-	c:\program files (x86)\iTunes
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2014-03-02 15:49 . 2014-03-02 15:49	--------	d-----w-	c:\program files (x86)\QuickTime
2014-02-26 17:51 . 2014-03-04 09:44	--------	d-----w-	c:\users\Marty\AppData\Roaming\gtk-2.0
2014-02-26 17:39 . 2014-02-26 17:39	--------	d-----w-	c:\users\Marty\.thumbnails
2014-02-26 17:33 . 2014-03-04 09:51	--------	d-----w-	c:\users\Marty\.gimp-2.6
2014-02-26 17:33 . 2014-02-26 23:30	--------	d-----w-	c:\program files (x86)\Real
2014-02-26 17:31 . 2014-02-26 17:31	--------	d-----w-	c:\program files (x86)\GIMP-2.0
2014-02-26 17:25 . 2014-02-26 23:31	--------	d-----w-	c:\program files (x86)\PursuePoint
2014-02-19 23:31 . 2014-02-19 23:31	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-02-18 23:52 . 2010-05-26 10:41	276832	----a-w-	c:\windows\system32\d3dx11_43.dll
2014-02-18 23:52 . 2010-05-26 10:41	248672	------w-	c:\windows\SysWow64\d3dx11_43.dll
2014-02-18 23:52 . 2010-05-26 10:41	511328	----a-w-	c:\windows\system32\d3dx10_43.dll
2014-02-18 23:52 . 2010-05-26 10:41	470880	------w-	c:\windows\SysWow64\d3dx10_43.dll
2014-02-18 23:51 . 2010-05-26 10:41	1998168	------w-	c:\windows\SysWow64\D3DX9_43.dll
2014-02-18 23:51 . 2010-05-26 10:41	2401112	----a-w-	c:\windows\system32\D3DX9_43.dll
2014-02-18 23:50 . 2014-02-05 09:31	1048152	------w-	c:\windows\SysWow64\nvspcap.dll
2014-02-18 23:50 . 2014-02-05 09:30	1179576	----a-w-	c:\windows\system32\nvspcap64.dll
2014-02-18 23:50 . 2014-02-18 23:50	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2014-02-18 23:49 . 2014-02-08 16:18	599840	------w-	c:\windows\SysWow64\nvStreaming.exe
2014-02-15 15:45 . 2014-01-23 03:21	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-02-15 15:45 . 2014-01-23 03:21	108800	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2014-02-13 07:43 . 2013-12-21 08:56	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-02-13 07:43 . 2013-12-21 09:53	548864	----a-w-	c:\windows\system32\vbscript.dll
2014-02-13 07:41 . 2013-12-24 23:09	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-10 17:23 . 2013-03-06 22:51	29	----a-w-	c:\windows\SysWow64\TempWmicBatchFile.bat
2014-02-20 21:00 . 2012-09-11 14:38	71048	------w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-20 21:00 . 2012-09-11 14:38	692616	------w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-18 11:18 . 2013-09-16 11:11	624224	----a-w-	c:\windows\system32\drivers\klif.sys
2014-02-18 11:18 . 2013-09-16 11:11	115296	----a-w-	c:\windows\system32\drivers\klflt.sys
2014-02-18 11:18 . 2013-05-05 20:42	29280	----a-w-	c:\windows\system32\drivers\klkbdflt.sys
2014-02-13 07:49 . 2010-10-16 07:48	88567024	----a-w-	c:\windows\system32\MRT.exe
2014-02-08 18:34 . 2013-12-02 14:50	15740232	------w-	c:\windows\SysWow64\nvwgf2um.dll
2014-02-08 18:34 . 2013-02-25 22:32	2713728	------w-	c:\windows\SysWow64\nvapi.dll
2014-02-08 18:34 . 2012-10-13 12:59	61216	----a-w-	c:\windows\system32\OpenCL.dll
2014-02-08 18:34 . 2012-10-13 12:59	53024	------w-	c:\windows\SysWow64\OpenCL.dll
2014-02-08 18:34 . 2012-10-13 12:53	18257576	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-02-08 18:34 . 2012-10-13 12:53	14669032	------w-	c:\windows\SysWow64\nvd3dum.dll
2014-02-08 18:34 . 2012-10-13 12:53	3090184	----a-w-	c:\windows\system32\nvapi64.dll
2014-02-08 17:42 . 2012-10-13 13:00	6712608	----a-w-	c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2012-10-13 13:00	3498272	----a-w-	c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2012-10-13 13:00	923936	----a-w-	c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2012-10-13 13:00	63776	----a-w-	c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2012-10-13 13:00	386336	----a-w-	c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2012-10-13 13:00	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2014-02-06 09:01 . 2014-03-07 13:55	10536864	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7C93BFE-ADD6-4A1B-A933-56539A33A47F}\mpengine.dll
2014-01-17 15:24 . 2014-01-17 15:24	94208	------w-	c:\windows\SysWow64\QuickTimeVR.qtx
2014-01-17 15:24 . 2014-01-17 15:24	69632	------w-	c:\windows\SysWow64\QuickTime.qts
2013-12-27 18:42 . 2013-09-17 22:59	35104	----a-w-	c:\windows\system32\nvaudcap64v.dll
2013-12-19 20:33 . 2014-01-07 21:57	1884448	----a-w-	c:\windows\system32\nvdispco6433221.dll
2013-12-19 20:33 . 2014-01-07 21:57	1511712	----a-w-	c:\windows\system32\nvdispgenco6433221.dll
2013-12-19 07:07 . 2013-06-06 15:38	178272	----a-w-	c:\windows\system32\drivers\kneps.sys
2013-12-18 20:09 . 2014-01-28 11:55	96168	------w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-18 05:13 . 2010-10-22 10:27	270496	------w-	c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-09-28 1715768]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2014-02-07 1564992]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2014-02-07 845120]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
"AppleIEDAV"="c:\program files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" [2013-11-15 1326408]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\MyDriveConnect.exe" [2013-11-29 473496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
"Reader Application Helper"="c:\program files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2013-11-27 899400]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-02-07 311616]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
"DiscWizardMonitor.exe"="c:\program files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe" [2011-06-30 2674104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys;c:\windows\SYSNATIVE\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys;c:\windows\SYSNATIVE\DRIVERS\connctfy.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C510(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys;c:\windows\SYSNATIVE\DRIVERS\wg111v3.sys [x]
R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys;c:\windows\SYSNATIVE\DRIVERS\S3XXx64.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 UPnPService;UPnPService;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S0 tclondrv;tclondrv;c:\windows\system32\DRIVERS\tclondrv.sys;c:\windows\SYSNATIVE\DRIVERS\tclondrv.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt53.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe;c:\prey\platform\windows\cronsvc.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 13:05	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-11 21:00]
.
2014-03-10 c:\windows\Tasks\Adobe Reader and Acrobat Manager (optimized).job
- c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 16:57]
.
2014-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24 08:08]
.
2014-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24 08:08]
.
2014-03-09 c:\windows\Tasks\HPCeeScheduleForMarty.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2014-03-10 c:\windows\Tasks\hpwuSchd Application (optimized).job
- c:\program files (x86)\HP\HP Software Update\hpwuschd2.exe [2011-10-28 11:18]
.
2014-03-10 c:\windows\Tasks\Java(TM) Platform SE Auto Updater (optimized).job
- c:\program files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 08:16]
.
2014-03-10 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2010-02-01 23:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"TuneClone"="c:\program files\TuneClone\TuneClone.exe" [2012-02-24 4550656]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"Seagate Scheduler2 Service"="c:\program files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [2011-06-30 395624]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.ricardo.ch
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
Trusted Zone: ricardo.ch\www
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{e1578e0c-7554-4980-a160-d0f4f7d8af47} - (no file)
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{1D053BB5-C922-44E3-9910-66585F017505} - (no file)
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-235128457-942058757-4155314245-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-235128457-942058757-4155314245-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DBAFD6CB-3F6B-536C-2BB6-9F47EDAFCAFC}\InProcServer32*]
"bbdgaojjjiaoognihnboficmmnnalejhiikf"=hex:61,61,00,01
"nadgjkmjhkjkihpdgplphbahpjij"=hex:61,61,00,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-03-10  18:32:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-03-10 17:32
.
Vor Suchlauf: 19 Verzeichnis(se), 1'200'967'495'680 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 1'205'248'278'528 Bytes frei
.
- - End Of File - - E92A9CE7FEF7B66D17D57E1AB1F241D8
         

--- --- ---

Beste Grüsse

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Hallo zusammnen
Ich mache dauernd Scans poste die aber helfen tut irgendwie niemand. Es macht doch keinen Sinn mit noch un noch mehr solche Software das System zu scannen. Das was ich gemacht habe sollte doch reichen, oder nicht?
Ich werde halt sonst das System komplett abräumen Partitionen löschen neue machen neu formatieren und neu aufsetzen. Vielleicht hilft ja das dann.
Aber das Problem ist das man ja keine Sicherung machen kann da man ja die Würmer oder so auch savet. Dadurch gehen dann viele Einstellung und Backups zum Beispiel von den Iphones etc. verloren.

Freundliche Grüsse

Zitat:

Ich mache dauernd Scans poste die aber helfen tut irgendwie niemand

Wenn man keine Ahnung hat, einfach......

Zitat:

Es macht doch keinen Sinn mit noch un noch mehr solche Software das System zu scannen

Genau, ich mach das nur damit mein Postcount hoch geht, hab ja sonst nix zu tun

Zitat:

Das was ich gemacht habe sollte doch reichen, oder nicht?

Nö.
Und hättest du fachlich Ahnung von Malware Removal müsste ich dir das noch nit mal erklären

Zitat:

Ich werde halt sonst das System komplett abräumen Partitionen löschen neue machen neu formatieren und neu aufsetzen. Vielleicht hilft ja das dann.

Das hilt auf jeden Fall, auch wenns total unnötig is.

Zitat:

Aber das Problem ist das man ja keine Sicherung machen kann da man ja die Würmer oder so auch savet

Womit wir wieder beim Thema der fachlichen Ahnung wären

Zitat:

Dadurch gehen dann viele Einstellung und Backups zum Beispiel von den Iphones etc. verloren.

jep, real life sucks.

Ma was ganz andres:
würdest anstatt so einen Schmarn zu posten einfach machen was ich dir aufgebe, und mal vielleicht in andre Themen reinschauen würdest, würdest du sehen dass das Ganze bis dato bei 99,999999% immer zum Erfolg führt.

Ich kann dir jetzt haarklein erklären was wir wann machen, aber dazu fehlt mir die Zeit bei der Menge an Leuten, die hier für Lau Hilfe wollen, weil sie sich selbst den Rechner verseucht haben.

Hallo Schrauber

Ich glaube Du hast mich missverstanden, ich wollte nicht meckern, ich habe mich nur gewundert dass viele schreiben man solle den und den Scanner laufen lassen.
Ich verstehe die Log Dateien nur zum Teil sonst würde ich hier ja nicht um Hilfe bitten.
Nur hatte ich nie ein Echo zu den geposteten Log txt^s bekommen. Andere Probleme hier habe ich schon längst gelesen, es trifft leider da auch nichts zu zu dem Problem wo ich habe.
Ich hatte nie Probleme mit Trojaner, Würmer und dergleichen, ich besuche auch keine Sex Seiten und der gleichen oder schwarze Seiten, rein gar nichts so.
Darum kann ich mir nicht gut vorstellen ob jetzt der Rechner Hardwaremässig spukt oder Softwaremässig. Den Combofix hatte ich laufen lassen, ich habe das Gefühl es sei schon besser geworden. Aber ich musste diverse Programme die danach nicht mehr korrekt funktionierten neu installieren. Ich habe einen 2 jährigen HP Rechner der auch eine Rechner Test Software drauf hat. Der checkt regelmässig die Hardware ab und fand nie einen Fehler. Was mein rechner vorallem auch nicht verträgt ist die Aufwachfunktion, das geht eine Ewigkeit bis man nur mal was anklicken kann, so 2-3 Minuten. Alle überflüssige Software habe ich deinstalliert. Auf dem Rechner läuft immer der neueste Kaspersky Security Software. Komischerweise erkennt nicht mal Windows 7 64 bit dass ein Antivirus installiert ist. Der Kaspersky ist ja sehr bekannt und auch nicht schlecht. Was soll ich jetzt tun? Ich wäre schon sehr froh wenn ich den Rechner nicht unbedingt neu aufsetzen muss. Ich kenne mich eigentlich sehr gut mit Computern aus, ich hatte schon Computer gehabt in den 80er wo Virus und so ein Mist noch gar nicht existiert ( zu Commodore Zeiten!). Kein Internet rein gar nichts. Es gab in der Schweiz nur VTX( Videotext).. Also wenn Du mir helfen möchtest oder könntest wäre ich sehr dankbar.

Freundliche Grüsse

B.Marty

Hattest Du die Probleme mit den Programmen nach Combofix auch nach einem Reboot noch? Poste mal das Log.

Hallo Schrauber, hier die Combofix Log.txt
Übrigens brachte der Reboot nichts, es gab auch keine Fehlermeldungen, aber der Combo warf vorallem viele Einstellungen im IExplorer und Kaspersky und der Firewall durcheinander, warum weiss ich auch nicht.


Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 14-03-05.01 - Marty 10.03.2014  18:13:30.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.41.1031.18.3959.1550 [GMT 1:00]
ausgeführt von:: c:\users\Marty\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\users\Marty\Documents\~WRL1117.tmp
c:\users\Marty\Documents\~WRL3727.tmp
c:\windows\IsUn0407.exe
c:\windows\SysWow64\SET16B5.tmp
c:\windows\SysWow64\SET6D7F.tmp
c:\windows\SysWow64\SET70EB.tmp
c:\windows\SysWow64\SETE69.tmp
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-10 bis 2014-03-10  ))))))))))))))))))))))))))))))
.
.
2014-03-10 17:22 . 2014-03-10 17:22	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-03-10 17:07 . 2014-01-09 02:22	5694464	----a-w-	c:\windows\SysWow64\mstscax.dll
2014-03-10 17:07 . 2014-01-03 22:44	6574592	----a-w-	c:\windows\system32\mstscax.dll
2014-03-09 23:33 . 2014-03-09 23:37	--------	d-----w-	c:\programdata\SecTaskMan
2014-03-09 23:33 . 2014-03-09 23:33	--------	d-----w-	c:\program files (x86)\Security Task Manager
2014-03-09 23:26 . 2014-03-09 23:26	--------	d-----w-	c:\program files (x86)\SmartPCFixer
2014-03-09 21:06 . 2013-09-25 02:23	1030144	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-03-09 21:06 . 2013-09-25 01:57	792576	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-03-05 00:17 . 2014-03-05 00:17	--------	d-----w-	c:\program files\Enigma Software Group
2014-03-05 00:14 . 2014-03-09 23:14	--------	d-----w-	c:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-03-05 00:14 . 2014-03-05 00:14	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2014-03-04 23:18 . 2014-03-09 23:11	--------	d-----w-	c:\users\Marty\AppData\Roaming\Nico Mak Computing
2014-03-04 00:06 . 2012-01-16 10:06	53248	------w-	c:\windows\SysWow64\CSVer.dll
2014-03-04 00:05 . 2014-03-04 00:05	--------	d-----w-	C:\Intel
2014-03-03 22:48 . 2014-03-03 22:48	--------	d-----w-	c:\programdata\Licenses
2014-03-03 22:47 . 2014-03-03 22:47	--------	d-----w-	c:\programdata\Simply Super Software
2014-03-03 22:42 . 2014-03-03 22:42	--------	d-----w-	c:\users\Marty\AppData\Roaming\Seagate
2014-03-03 22:42 . 2014-03-03 22:42	--------	d-----w-	c:\programdata\Seagate
2014-03-03 22:41 . 2014-03-03 22:41	971360	----a-w-	c:\windows\system32\drivers\timntr.sys
2014-03-03 22:41 . 2014-03-03 22:41	210016	----a-w-	c:\windows\system32\drivers\vididr.sys
2014-03-03 22:41 . 2014-03-03 22:41	141920	----a-w-	c:\windows\system32\drivers\vsflt53.sys
2014-03-03 22:41 . 2014-03-03 22:41	275552	----a-w-	c:\windows\system32\drivers\snapman.sys
2014-03-03 22:41 . 2014-03-03 22:41	--------	d-----w-	c:\program files (x86)\Common Files\Acronis
2014-03-03 22:41 . 2014-03-03 22:41	--------	d-----w-	c:\program files (x86)\Common Files\Seagate
2014-03-03 22:41 . 2014-03-03 22:41	--------	d-----w-	c:\program files (x86)\Seagate
2014-03-03 14:30 . 2014-03-09 15:12	--------	d-----w-	C:\FRST
2014-03-02 15:55 . 2014-03-02 15:55	--------	d-----w-	c:\program files\iPod
2014-03-02 15:55 . 2014-03-02 15:56	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 15:55 . 2014-03-02 15:56	--------	d-----w-	c:\program files\iTunes
2014-03-02 15:55 . 2014-03-02 15:56	--------	d-----w-	c:\program files (x86)\iTunes
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2014-03-02 15:49 . 2014-03-02 15:49	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2014-03-02 15:49 . 2014-03-02 15:49	--------	d-----w-	c:\program files (x86)\QuickTime
2014-02-26 17:51 . 2014-03-04 09:44	--------	d-----w-	c:\users\Marty\AppData\Roaming\gtk-2.0
2014-02-26 17:39 . 2014-02-26 17:39	--------	d-----w-	c:\users\Marty\.thumbnails
2014-02-26 17:33 . 2014-03-04 09:51	--------	d-----w-	c:\users\Marty\.gimp-2.6
2014-02-26 17:33 . 2014-02-26 23:30	--------	d-----w-	c:\program files (x86)\Real
2014-02-26 17:31 . 2014-02-26 17:31	--------	d-----w-	c:\program files (x86)\GIMP-2.0
2014-02-26 17:25 . 2014-02-26 23:31	--------	d-----w-	c:\program files (x86)\PursuePoint
2014-02-19 23:31 . 2014-02-19 23:31	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-02-18 23:52 . 2010-05-26 10:41	276832	----a-w-	c:\windows\system32\d3dx11_43.dll
2014-02-18 23:52 . 2010-05-26 10:41	248672	------w-	c:\windows\SysWow64\d3dx11_43.dll
2014-02-18 23:52 . 2010-05-26 10:41	511328	----a-w-	c:\windows\system32\d3dx10_43.dll
2014-02-18 23:52 . 2010-05-26 10:41	470880	------w-	c:\windows\SysWow64\d3dx10_43.dll
2014-02-18 23:51 . 2010-05-26 10:41	1998168	------w-	c:\windows\SysWow64\D3DX9_43.dll
2014-02-18 23:51 . 2010-05-26 10:41	2401112	----a-w-	c:\windows\system32\D3DX9_43.dll
2014-02-18 23:50 . 2014-02-05 09:31	1048152	------w-	c:\windows\SysWow64\nvspcap.dll
2014-02-18 23:50 . 2014-02-05 09:30	1179576	----a-w-	c:\windows\system32\nvspcap64.dll
2014-02-18 23:50 . 2014-02-18 23:50	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2014-02-18 23:49 . 2014-02-08 16:18	599840	------w-	c:\windows\SysWow64\nvStreaming.exe
2014-02-15 15:45 . 2014-01-23 03:21	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-02-15 15:45 . 2014-01-23 03:21	108800	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2014-02-13 07:43 . 2013-12-21 08:56	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-02-13 07:43 . 2013-12-21 09:53	548864	----a-w-	c:\windows\system32\vbscript.dll
2014-02-13 07:41 . 2013-12-24 23:09	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-10 17:23 . 2013-03-06 22:51	29	----a-w-	c:\windows\SysWow64\TempWmicBatchFile.bat
2014-02-20 21:00 . 2012-09-11 14:38	71048	------w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-20 21:00 . 2012-09-11 14:38	692616	------w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-18 11:18 . 2013-09-16 11:11	624224	----a-w-	c:\windows\system32\drivers\klif.sys
2014-02-18 11:18 . 2013-09-16 11:11	115296	----a-w-	c:\windows\system32\drivers\klflt.sys
2014-02-18 11:18 . 2013-05-05 20:42	29280	----a-w-	c:\windows\system32\drivers\klkbdflt.sys
2014-02-13 07:49 . 2010-10-16 07:48	88567024	----a-w-	c:\windows\system32\MRT.exe
2014-02-08 18:34 . 2013-12-02 14:50	15740232	------w-	c:\windows\SysWow64\nvwgf2um.dll
2014-02-08 18:34 . 2013-02-25 22:32	2713728	------w-	c:\windows\SysWow64\nvapi.dll
2014-02-08 18:34 . 2012-10-13 12:59	61216	----a-w-	c:\windows\system32\OpenCL.dll
2014-02-08 18:34 . 2012-10-13 12:59	53024	------w-	c:\windows\SysWow64\OpenCL.dll
2014-02-08 18:34 . 2012-10-13 12:53	18257576	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-02-08 18:34 . 2012-10-13 12:53	14669032	------w-	c:\windows\SysWow64\nvd3dum.dll
2014-02-08 18:34 . 2012-10-13 12:53	3090184	----a-w-	c:\windows\system32\nvapi64.dll
2014-02-08 17:42 . 2012-10-13 13:00	6712608	----a-w-	c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2012-10-13 13:00	3498272	----a-w-	c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2012-10-13 13:00	923936	----a-w-	c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2012-10-13 13:00	63776	----a-w-	c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2012-10-13 13:00	386336	----a-w-	c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2012-10-13 13:00	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2014-02-06 09:01 . 2014-03-07 13:55	10536864	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7C93BFE-ADD6-4A1B-A933-56539A33A47F}\mpengine.dll
2014-01-17 15:24 . 2014-01-17 15:24	94208	------w-	c:\windows\SysWow64\QuickTimeVR.qtx
2014-01-17 15:24 . 2014-01-17 15:24	69632	------w-	c:\windows\SysWow64\QuickTime.qts
2013-12-27 18:42 . 2013-09-17 22:59	35104	----a-w-	c:\windows\system32\nvaudcap64v.dll
2013-12-19 20:33 . 2014-01-07 21:57	1884448	----a-w-	c:\windows\system32\nvdispco6433221.dll
2013-12-19 20:33 . 2014-01-07 21:57	1511712	----a-w-	c:\windows\system32\nvdispgenco6433221.dll
2013-12-19 07:07 . 2013-06-06 15:38	178272	----a-w-	c:\windows\system32\drivers\kneps.sys
2013-12-18 20:09 . 2014-01-28 11:55	96168	------w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-18 05:13 . 2010-10-22 10:27	270496	------w-	c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-09-28 1715768]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2014-02-07 1564992]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2014-02-07 845120]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
"AppleIEDAV"="c:\program files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" [2013-11-15 1326408]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\MyDriveConnect.exe" [2013-11-29 473496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
"Reader Application Helper"="c:\program files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2013-11-27 899400]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-02-07 311616]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
"DiscWizardMonitor.exe"="c:\program files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe" [2011-06-30 2674104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys;c:\windows\SYSNATIVE\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys;c:\windows\SYSNATIVE\DRIVERS\connctfy.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C510(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys;c:\windows\SYSNATIVE\DRIVERS\wg111v3.sys [x]
R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys;c:\windows\SYSNATIVE\DRIVERS\S3XXx64.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 UPnPService;UPnPService;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S0 tclondrv;tclondrv;c:\windows\system32\DRIVERS\tclondrv.sys;c:\windows\SYSNATIVE\DRIVERS\tclondrv.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt53.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe;c:\prey\platform\windows\cronsvc.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 13:05	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-11 21:00]
.
2014-03-10 c:\windows\Tasks\Adobe Reader and Acrobat Manager (optimized).job
- c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 16:57]
.
2014-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24 08:08]
.
2014-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24 08:08]
.
2014-03-09 c:\windows\Tasks\HPCeeScheduleForMarty.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2014-03-10 c:\windows\Tasks\hpwuSchd Application (optimized).job
- c:\program files (x86)\HP\HP Software Update\hpwuschd2.exe [2011-10-28 11:18]
.
2014-03-10 c:\windows\Tasks\Java(TM) Platform SE Auto Updater (optimized).job
- c:\program files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 08:16]
.
2014-03-10 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2010-02-01 23:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"TuneClone"="c:\program files\TuneClone\TuneClone.exe" [2012-02-24 4550656]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"Seagate Scheduler2 Service"="c:\program files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [2011-06-30 395624]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.ricardo.ch
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
Trusted Zone: ricardo.ch\www
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{e1578e0c-7554-4980-a160-d0f4f7d8af47} - (no file)
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{1D053BB5-C922-44E3-9910-66585F017505} - (no file)
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-235128457-942058757-4155314245-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-235128457-942058757-4155314245-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DBAFD6CB-3F6B-536C-2BB6-9F47EDAFCAFC}\InProcServer32*]
"bbdgaojjjiaoognihnboficmmnnalejhiikf"=hex:61,61,00,01
"nadgjkmjhkjkihpdgplphbahpjij"=hex:61,61,00,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-03-10  18:32:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-03-10 17:32
.
Vor Suchlauf: 19 Verzeichnis(se), 1'200'967'495'680 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 1'205'248'278'528 Bytes frei
.
- - End Of File - - E92A9CE7FEF7B66D17D57E1AB1F241D8
         

--- --- ---
--- --- ---

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

AdwCleaner Logfile:

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 16/03/2014 um 14:26:45
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Marty - MARTY-HP
# Gestartet von : C:\Users\Marty\Downloads\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Windows\System32\roboot64.exe
Ordner Gefunden C:\Program Files (x86)\Conduit
Ordner Gefunden C:\Program Files (x86)\myfree codec
Ordner Gefunden C:\ProgramData\Babylon
Ordner Gefunden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gefunden C:\ProgramData\SpeedMaxPc
Ordner Gefunden C:\Users\Marty\AppData\Local\Conduit
Ordner Gefunden C:\Users\Marty\AppData\Local\OpenCandy
Ordner Gefunden C:\Users\Marty\AppData\LocalLow\Conduit
Ordner Gefunden C:\Users\Marty\AppData\LocalLow\PriceGong
Ordner Gefunden C:\Users\Marty\AppData\Roaming\Babylon
Ordner Gefunden C:\Users\Marty\AppData\Roaming\BrowserCompanion
Ordner Gefunden C:\Users\Marty\AppData\Roaming\DriverCure
Ordner Gefunden C:\Users\Marty\AppData\Roaming\OpenCandy
Ordner Gefunden C:\Users\Marty\AppData\Roaming\SpeedMaxPc
Ordner Gefunden C:\Users\Marty\AppData\Roaming\Systweak
Ordner Gefunden C:\Users\Marty\Documents\Optimizer Pro

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\Blabbers
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gefunden : HKCU\Software\Myfree Codec
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\SpeedMaxPC
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : [x64] HKCU\Software\Blabbers
Schlüssel Gefunden : [x64] HKCU\Software\IM
Schlüssel Gefunden : [x64] HKCU\Software\ImInstaller
Schlüssel Gefunden : [x64] HKCU\Software\Myfree Codec
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\SpeedMaxPC
Schlüssel Gefunden : [x64] HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3260501
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3272810
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Schlüssel Gefunden : HKLM\Software\Myfree Codec
Schlüssel Gefunden : HKLM\Software\SpeedMaxPC
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


*************************
Hallo Schrauber
Hier der ADW Cleaner

AdwCleaner[R0].txt - [5014 octets] - [16/03/2014 14:26:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5074 octets] ##########
         

--- --- ---


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.16.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Marty :: MARTY-HP [Administrator]

16.03.2014 13:16:18
mbam-log-2014-03-16 (13-16-18).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 228680
Laufzeit: 7 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1578E0C-7554-4980-A160-D0F4F7D8AF47} (PUP.Optional.PursuePoint.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1578E0C-7554-4980-A160-D0F4F7D8AF47} (PUP.Optional.PursuePoint.A) -> Keine Aktion durchgeführt.
HKCU\Software\AppDataLow\Software\PriceGong (PUP.Optional.PriceGong.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Marty\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Marty\AppData\Roaming\OpenCandy\5D1FC712A16746C390864C2A621C94E8 (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Marty\AppData\Roaming\OpenCandy\OpenCandy_71629B7089D94827BB0526065155BEE1 (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.

Infizierte Dateien: 9
C:\Users\Marty\AppData\Roaming\OpenCandy\5D1FC712A16746C390864C2A621C94E8\3982.ico (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Marty\AppData\Roaming\OpenCandy\5D1FC712A16746C390864C2A621C94E8\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Marty\AppData\Roaming\OpenCandy\5D1FC712A16746C390864C2A621C94E8\OCBrowserHelper_1.0.3.85.dll (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Marty\AppData\Roaming\OpenCandy\5D1FC712A16746C390864C2A621C94E8\setup__759.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Marty\AppData\Roaming\OpenCandy\OpenCandy_71629B7089D94827BB0526065155BEE1\2002.ico (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Marty\AppData\Roaming\OpenCandy\OpenCandy_71629B7089D94827BB0526065155BEE1\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Marty\AppData\Roaming\OpenCandy\OpenCandy_71629B7089D94827BB0526065155BEE1\OCBrowserHelper_1.0.2.66.dll (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Marty\AppData\Roaming\OpenCandy\OpenCandy_71629B7089D94827BB0526065155BEE1\toms-gutschein-melder1.0.2.crx (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Marty\AppData\Roaming\OpenCandy\OpenCandy_71629B7089D94827BB0526065155BEE1\toms-gutschein-melder_InstallerCH_p1v3.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.

(Ende)

Alles nochmal. Du hast überall nur Suchen lassen anstatt zu löschen, die Hälfte fehlt und die Logs sind unvollständig/nicht in Codetags