Windows wird mit zunehmender Zeit immer langsamer

daniel_4 · 30.05.2014, 18:44

Liebes Team von Trojaner-Board,

in den letzten Wochen viel mir zunehmend auf, dass Windows immer langsamer bei mir wird und sich auch immer mehr aufhängt. Da ich in der Zwischenzeit keine Programme installiert habe, Hardware verändert habe o.ä. bin ich der Ansicht, dass sich ein Plagegeist bei mir eingenistet hat. Mein Virenprogramm F-Secure hat jedoch noch nichts gemeldet nach intensiven Scan.

Daher poste ich hier einmal meine Logfiles:

Programm - Defogger

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:30 on 30/05/2014 (Daniel)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Programm - FRST (64-Bit)

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by Daniel (administrator) on DANIEL-PC on 30-05-2014 18:35:04
Running from C:\Users\Daniel\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Device Control\fsdevcon64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSMA32.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSHDLL32.EXE
(BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
(BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 5\HelperService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
() C:\Program Files\USBLogon\usblonsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSHDLL64.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FNRB32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FIH32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSM32.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PerfectDisk.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\THXCfg64.dll [17920 2009-10-15] (Creative Technology Ltd.)
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\EptMon64.dll [21504 2009-10-15] (Creative Technology Ltd.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [1454080 2006-12-28] (AVM Berlin)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\Common\FSM32.EXE [306928 2012-06-26] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure TNB] => C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe [1654512 2012-06-26] (F-Secure Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\RunOnce: [DeleteMarkAny] - C:\Windows\SysWOW64\MASetupCleaner.exe [24576 2012-11-28] ((주)마크애니)
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\Explorer: [NoDrives] 0x00000000
AppInit_DLLs:  =>  File Not Found
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {1940599C-32B7-46B3-863C-8A626C042730} URL = 
SearchScopes: HKCU - {1940599C-32B7-46B3-863C-8A626C042730} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Browsing Protection Class - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
BHO-x32: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll (LULU Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Perfect PDF 5 - {9DE41FB9-ACA7-4847-982B-D984042588FC} - C:\Program Files (x86)\soft Xpansion\Perfect PDF 5\PDF4ie.dll (soft Xpansion)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 2012\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} -  No File
Handler-x32: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - C:\Program Files (x86)\Common Files\BinarySense\hlAPP.dll (BinarySense, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.10 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Add to Amazon Wish List Button - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\amznUWL2@amazon.com.xpi [2012-04-09]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\ich@maltegoetz.de.xpi [2012-01-29]
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-29]
FF Extension: User Agent Switcher - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2012-03-12]
FF Extension: YouTube Unblocker - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\youtubeunblocker@unblocker.yt [2014-04-27]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{caad1213-7e0a-45dc-9a65-cd7859bf58d1}.xpi [2014-04-28]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-04-22]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{fd15878e-7528-438b-b493-6e17671d45b7}.xpi [2014-04-27]
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 2012\pfplugin
FF Extension: Steganos Private Favorites - C:\Program Files (x86)\Steganos Privacy Suite 2012\pfplugin [2012-11-11]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 2012\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 2012\spmplugin3 [2012-11-11]
FF HKLM-x32\...\Firefox\Extensions: [fe_12.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_12.0
FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com [2012-10-14]
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext
FF Extension: Soda PDF 5 Converter For Firefox - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext [2013-03-10]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-16]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-16]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-16]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-16]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-16]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-16]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin)
R2 F-Secure Gatekeeper Handler Starter; C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe [220912 2012-06-26] (F-Secure Corporation)
R3 F-Secure Network Request Broker; C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE [188144 2012-06-26] (F-Secure Corporation)
R2 fsdevcon; C:\Program Files (x86)\F-Secure\Device Control\\fsdevcon64.exe [516848 2012-06-26] (F-Secure Corporation)
R2 FSMA; C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE [188144 2012-06-26] (F-Secure Corporation)
R3 FSORSPClient; C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [60352 2013-06-06] (F-Secure Corporation)
R2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [841544 2011-02-18] (BinarySense, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [1488136 2009-07-23] (Raxco Software, Inc.)
R3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1486600 2009-07-23] (Raxco Software, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
R2 Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1237856 2013-01-25] (LULU Software)
S2 Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [877920 2013-01-25] (LULU Software)
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2012-10-29] (Softwareentwicklung Remus - ArchiCrypt)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [160768 2009-07-13] (soft Xpansion)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software)
R2 USBLogonService; C:\Program Files\USBLogon\usblonsvc.exe [9216 2012-10-06] ()
S3 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe" Start=service [X]
S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X]

==================== Drivers (Whitelisted) ====================

R2 acedrv09; C:\Windows\system32\drivers\acedrv09.sys [294720 2010-06-14] (Protect Software GmbH)
R2 acehlp09; C:\Windows\system32\drivers\acehlp09.sys [195248 2010-06-14] (Protect Software GmbH)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S4 F-Secure Filter; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [41072 2012-06-26] ()
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [202176 2013-07-17] (F-Secure Corporation)
S4 F-Secure Recognizer; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [26352 2012-06-26] ()
U5 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-08-15] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R1 fsvista; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [14064 2012-06-26] ()
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
S3 StarOpen; No ImagePath
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2012-10-29] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-08] (TuneUp Software)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [53840 2011-03-03] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [528464 2011-03-03] (Paragon)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [33408 2012-10-14] ()
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-30 18:33 - 2014-05-30 18:34 - 00054481 _____ () C:\Users\Daniel\Desktop\Addition.txt
2014-05-30 18:31 - 2014-05-30 18:35 - 00027222 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-05-30 18:30 - 2014-05-30 18:30 - 00000474 _____ () C:\Users\Daniel\Desktop\defogger_disable.log
2014-05-30 18:30 - 2014-05-30 18:30 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-05-30 18:24 - 2014-05-30 18:24 - 00380416 _____ () C:\Users\Daniel\Desktop\Gmer-19357.exe
2014-05-30 18:23 - 2014-05-30 18:23 - 02066944 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-05-30 18:13 - 2014-05-30 18:13 - 00050477 _____ () C:\Users\Daniel\Desktop\Defogger.exe
2014-05-29 16:51 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-29 16:35 - 2014-05-29 16:35 - 00000000 ____D () C:\Users\Daniel\Desktop\media
2014-05-29 16:34 - 2014-02-27 15:38 - 00245733 ____N () C:\Users\Daniel\Desktop\pass.pkpass
2014-05-29 16:31 - 2014-03-19 03:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-29 16:31 - 2014-03-19 03:27 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-29 16:29 - 2014-05-29 16:30 - 00000000 ____D () C:\Users\Daniel\Desktop\Audible
2014-05-29 12:57 - 2014-05-29 19:20 - 00000000 ____D () C:\Users\Daniel\Desktop\Archiv
2014-05-19 16:05 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-19 16:05 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-19 14:47 - 2014-05-30 18:17 - 00000000 ____D () C:\ProgramData\Deutsche Post AG
2014-05-19 14:47 - 2014-05-19 14:47 - 00000138 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-05-15 15:47 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 15:47 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 15:47 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 15:47 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 15:47 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 15:47 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 15:41 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:40 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:40 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:39 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:39 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:39 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:39 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:39 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:39 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:39 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:39 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:39 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:39 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:39 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:39 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:39 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 23:10 - 2014-05-09 23:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 21:48 - 2014-05-16 15:21 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== One Month Modified Files and Folders =======

2014-05-30 18:35 - 2014-05-30 18:31 - 00027222 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-05-30 18:35 - 2013-11-22 17:20 - 00000000 ____D () C:\FRST
2014-05-30 18:35 - 2010-06-05 11:42 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Temp
2014-05-30 18:34 - 2014-05-30 18:33 - 00054481 _____ () C:\Users\Daniel\Desktop\Addition.txt
2014-05-30 18:30 - 2014-05-30 18:30 - 00000474 _____ () C:\Users\Daniel\Desktop\defogger_disable.log
2014-05-30 18:30 - 2014-05-30 18:30 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-05-30 18:30 - 2010-06-05 11:42 - 00000000 ____D () C:\Users\Daniel
2014-05-30 18:29 - 2013-11-27 16:39 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{263A6FA9-0919-4587-BE68-750D8D06BEB7}
2014-05-30 18:29 - 2012-12-25 19:41 - 00000000 ____D () C:\Users\Daniel\Documents\samsung
2014-05-30 18:27 - 2014-03-27 17:26 - 00000000 ____D () C:\ProgramData\Freemake
2014-05-30 18:27 - 2014-03-27 17:26 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-05-30 18:27 - 2010-10-31 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio & Video
2014-05-30 18:25 - 2012-12-25 19:41 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Samsung
2014-05-30 18:25 - 2012-12-25 18:51 - 00000000 ____D () C:\ProgramData\Samsung
2014-05-30 18:25 - 2012-12-25 18:51 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-30 18:25 - 2010-05-29 23:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-30 18:24 - 2014-05-30 18:24 - 00380416 _____ () C:\Users\Daniel\Desktop\Gmer-19357.exe
2014-05-30 18:23 - 2014-05-30 18:23 - 02066944 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-05-30 18:18 - 2013-11-24 17:08 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-05-30 18:17 - 2014-05-19 14:47 - 00000000 ____D () C:\ProgramData\Deutsche Post AG
2014-05-30 18:13 - 2014-05-30 18:13 - 00050477 _____ () C:\Users\Daniel\Desktop\Defogger.exe
2014-05-30 17:54 - 2012-03-29 11:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-30 17:49 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-30 17:49 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-30 17:44 - 2009-07-14 07:10 - 01524444 _____ () C:\Windows\WindowsUpdate.log
2014-05-30 17:42 - 2013-11-16 13:09 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-30 17:36 - 2013-11-16 13:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-30 17:34 - 2012-08-28 18:26 - 00150334 _____ () C:\Windows\setupact.log
2014-05-30 17:34 - 2011-11-12 20:27 - 00000000 ____D () C:\ProgramData\TEMP
2014-05-30 17:34 - 2010-05-29 22:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-30 17:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-30 14:03 - 2013-11-02 20:32 - 00000542 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-05-30 12:13 - 2010-06-05 19:56 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe
2014-05-30 12:04 - 2013-11-02 20:32 - 00003178 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-05-29 19:40 - 2012-08-11 13:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-29 19:20 - 2014-05-29 12:57 - 00000000 ____D () C:\Users\Daniel\Desktop\Archiv
2014-05-29 16:35 - 2014-05-29 16:35 - 00000000 ____D () C:\Users\Daniel\Desktop\media
2014-05-29 16:30 - 2014-05-29 16:29 - 00000000 ____D () C:\Users\Daniel\Desktop\Audible
2014-05-29 13:05 - 2013-05-22 17:49 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-27 23:36 - 2009-07-14 19:58 - 00724128 _____ () C:\Windows\system32\perfh007.dat
2014-05-27 23:36 - 2009-07-14 19:58 - 00160482 _____ () C:\Windows\system32\perfc007.dat
2014-05-27 23:36 - 2009-07-14 07:13 - 01686146 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-23 22:38 - 2013-04-17 14:56 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2014-05-20 18:37 - 2012-01-28 20:33 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-05-19 16:06 - 2013-11-12 20:03 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NVIDIA Corporation
2014-05-19 16:06 - 2013-09-13 17:18 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-19 16:05 - 2011-04-05 13:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-19 14:47 - 2014-05-19 14:47 - 00000138 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-05-18 19:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 15:23 - 2012-07-27 12:20 - 00000680 __RSH () C:\Users\Daniel\ntuser.pol
2014-05-16 15:23 - 2010-06-06 21:15 - 00000000 ___RD () C:\Users\Daniel\Virtual Machines
2014-05-16 15:21 - 2014-05-06 21:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 15:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 15:47 - 2012-03-23 16:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 15:46 - 2013-07-19 11:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 15:44 - 2010-06-05 20:31 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 21:56 - 2012-03-29 11:48 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 21:56 - 2012-03-29 11:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 21:56 - 2011-05-13 14:05 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-12 07:57 - 2012-10-22 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-09 23:10 - 2014-05-09 23:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-15 15:40 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 15:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 23:37 - 2013-11-16 13:09 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 23:37 - 2013-11-16 13:09 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 17:42 - 2014-05-29 16:51 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-06 06:40 - 2014-05-15 15:47 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 15:47 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 15:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-30 20:29 - 2013-11-03 14:11 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-30 20:29 - 2013-11-03 14:11 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

Files to move or delete:
====================
C:\Users\Daniel\setup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 20:38

==================== End Of Log ============================

Programm - FRST (64-Bit)

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by Daniel at 2014-05-30 18:35:21
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: F-Secure Client Security 9.32 (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: F-Secure Client Security 9.32 (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: F-Secure Internet Security 2011 10.51 (Disabled) {2D7AC0A6-6241-D774-E168-461178D9686C}

==================== Installed Programs ======================

2.0 (HKLM-x32\...\SQLTeacher_is1) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 3.2 64-bit (HKLM\...\{A94AABAE-52F0-48C4-9F94-A4CA4B423576}) (Version: 3.2.1 - Adobe)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio Elements 10.0.9 (HKLM-x32\...\Ashampoo Burning Studio Elements_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
ASUS MultiFrame (HKLM-x32\...\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}) (Version: 1.0.22 - ASUS)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7943 - DsNET Corp)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2001550590.48.56.8988946 - Audible, Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
BenVista PhotoZoom Pro 5.0.6 (HKCU\...\PhotoZoom Pro 5) (Version: 5.0.6 - BenVista Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borland Delphi 7 (HKLM-x32\...\{72263053-50D1-4598-9502-51ED64E54C51}) (Version: 7.0 - Borland Software Corporation)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Corel Applications (HKLM-x32\...\Corel Applications) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
Dell Dock (HKLM-x32\...\Dell Dock) (Version:  - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.3.2.10 - Dell)
Die ersten 10 Jahre (HKLM-x32\...\{1C12B0B2-91FB-439A-A64D-1A239F0B7FAB}) (Version: 1.00.0000 - )
Die Gilde Gold-Edition (HKLM-x32\...\Die Gilde Gold-Edition) (Version: 2.06 - JoWooD Productions Software AG)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Euro Truck Simulator 1.00 (HKLM-x32\...\Euro Truck Simulator) (Version: 1.00 - )
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.0.0.0 - Electronic Arts)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Folderico 4.0 RC12 (HKLM-x32\...\Folderico) (Version: 4.0 RC12 - Shedko ( www.softq.org ))
Formatwandler 4 SE (HKLM-x32\...\{DC4071FC-A3FF-4F6B-0001-CCB79085A90A}) (Version: 4.0.11.615 - S.A.D.)
Franzis 3D-Eisenbahnplaner 11 (HKLM-x32\...\Franzis 3D-Eisenbahnplaner 11_is1) (Version:  - Franzis)
F-Secure Client Security - AntiVirus & AntiSpy-Schutz (HKLM-x32\...\F-Secure Anti-Virus) (Version: 9.30 - F-Secure Corporation)
F-Secure Client Security - Browser-Schutz (HKLM-x32\...\F-Secure ExploitShield) (Version: 1.10.1015 - F-Secure Corporation)
F-Secure Client Security - DeepGuard (HKLM-x32\...\F-Secure HIPS) (Version: 3.00.203 - F-Secure Corporation)
F-Secure Client Security - Web-Datenverkehr-Scanning (HKLM-x32\...\F-Secure Protocol Scanner) (Version: 2.01.2450 - F-Secure Corporation)
F-Secure Gerätesteuerung (HKLM-x32\...\F-Secure Device Control) (Version: 1.00.17436 - F-Secure Corporation)
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.10.0 - International GeoGebra Institute)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth (HKLM-x32\...\{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}) (Version: 7.0.1.8244 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
grafstat4 (HKLM-x32\...\{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1) (Version: 4.290 - DrSoft)
Harry Potter und die Heiligtümer des Todes™ - Teil 1 (HKLM-x32\...\{C9AAF970-4E7E-4C98-AD67-09C74379D345}) (Version: 1.0.0.0 - Electronic Arts)
Hauppauge MCE CI Plugin (HKLM-x32\...\Hauppauge MCE CI Plugin) (Version:  - )
Hauppauge TV Tuner Diagnostics (1.2.7076) (HKLM-x32\...\Hauppauge TV Tuner Diagnostics) (Version: 1.2.7076 - Hauppauge Computer Works, Inc.)
HCW85 Driver Installer (x32 Version: 2.1.27205 - Hauppauge Computer Works) Hidden
HotPotatoes v 6.3.0.4 (HKLM-x32\...\hotpot_is1) (Version:  - HalfBaked)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Incomedia WebSite X5 v9 - Smart (HKLM-x32\...\{08F8A05F-C6FD-4A1C-96DA-4B48AACA7F35}_is1) (Version: 9.0.0.1654 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LifeFrame2 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 2.0.22 - ASUS)
MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.136 - MAGIX AG)
MAGIX Foto Manager 10 (x32 Version: 8.0.1.136 - MAGIX AG) Hidden
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_MSI_Slideshow_Maker_2) (Version: 2.0.0.6 - MAGIX AG)
MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.6 - MAGIX AG) Hidden
MAGIX Web Designer 6 (HKLM-x32\...\MAGIX_MSI_Web_Designer_6_DLM) (Version: 6.0.1.17005 - MAGIX AG)
MAGIX Web Designer 6 (x32 Version: 6.0.1.17005 - MAGIX AG) Hidden
MAGIX Xtreme Foto & Grafik Designer 5 (Silver) (HKLM-x32\...\MAGIX_MSI_XtremeGrafik5_Silver) (Version: 5.1.2.15876 - MAGIX AG)
MAGIX Xtreme Foto & Grafik Designer 5 (Silver) (x32 Version: 5.1.2.15876 - MAGIX AG) Hidden
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version:  - )
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}) (Version: 1.4.915.1 - Fitipower)
Multimedia Card Reader (x32 Version: 1.4.915.1 - Fitipower) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.71 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.8 - )
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.78 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.78 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2078 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 320.78 (Version: 320.78 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PerfectDisk 10 Professional (HKLM\...\{7B738CD9-D107-48C7-8E65-2E6639A39C8D}) (Version: 10.0.116 - Raxco Software, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.)
Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: 1.00.999 - Ubisoft)
Prince of Persia The Sands of Time (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
Prince of Persia The Two Thrones (x32 Version: 1.00.999 - Ubisoft) Hidden
Prince of Persia Warrior Within (HKLM-x32\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - )
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Rettungswagen Simulator 2012 (HKLM-x32\...\Rettungswagen Simulator 2012) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.40.0 - SAMSUNG Electronics Co., Ltd.)
SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (HKLM-x32\...\{41BB84BA-5CE5-403D-9650-990299509F14}) (Version: 13.0.4.705 - SAP)
Secunia PSI (3.0.0.3001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.3001 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
ShareKM 1.0.19 (HKLM-x32\...\ShareKM) (Version: 1.0.19 - Liveov)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
SHIFT 2 UNLEASHED™ (HKLM-x32\...\{E8C37E27-5205-4C8A-BECB-B00533045AAE}) (Version: 1.0.0.0 - Electronic Arts)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Soda PDF 5 (HKLM-x32\...\{4E9B5BFE-856B-4C3A-BE90-4547DC255B22}) (Version: 5.0.131.9113 - LULU SOFTWARE LIMITED)
soft Xpansion Perfect PDF 5 Premium (HKLM-x32\...\{1FD1567B-0129-4FA0-914C-F3E02833F77B}) (Version: 5.0 - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steganos Privacy Suite 12 (HKLM-x32\...\{0F1D1572-9311-4590-A8A6-425224984E54}) (Version: 12.1.1 - Steganos Software GmbH)
Steganos Privacy Suite 2012 (HKLM-x32\...\{B5E2A5D1-3648-4B7A-9F91-AF4A522F2485}) (Version: 13.0.5 - Steganos Software GmbH)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.14484 - TeamViewer)
Test Drive Unlimited (HKLM-x32\...\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}) (Version: 1.00.0000 - Ihr Firmenname)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version:  - )
TimeComX Basic (32-Bit) (HKLM-x32\...\TimeComX Basic 32-Bit) (Version: 1.3.2.4 - Bitdreamers)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version:  - Nadeo)
TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.3600.171 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.171 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.171 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
USBLogon 1.5.0.0 (HKLM\...\{E7D9D138-7DFA-441A-B1A9-703193C5D6D3}_is1) (Version: 1.5.0.0 - Quadsoft)
VirtualDJ Home FREE (HKLM-x32\...\{4DF4CAB9-B628-4924-AD9A-1C457DD2960A}) (Version: 7.0.4 - Atomix Productions)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Youtube Downloader HD v. 2.9.9.13 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)

==================== Restore Points  =========================

30-05-2014 16:15:18 Deutsche Post E-Porto wird entfernt
30-05-2014 16:21:40 Removed Samsung Kies

==================== Hosts content: ==========================

2011-10-24 14:01 - 2013-11-02 20:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0A886F4C-5902-40E0-92A1-F9B349A54A90} - System32\Tasks\TWIN 7 Live-Update => C:\Program Files (x86)\DATA BECKER\TWIN7 2.0\TvDlgSheduler.exe
Task: {0B417F8F-332F-48F9-A96C-EC3C4EE40EC1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {1C617212-531C-4E09-9C94-E23211A7D793} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-16] (Google Inc.)
Task: {2BE5CE0E-2055-459A-825D-84F21CC8F7E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-16] (Google Inc.)
Task: {2E826256-A2DB-4575-B757-C7545D9213F8} - System32\Tasks\TWIN 7 1-Klick-Optimierung => C:\Program Files (x86)\DATA BECKER\TWIN7 2.0\TvDlgSheduler.exe
Task: {43C7F0A9-2C58-4396-A0B3-06E5119363E8} - System32\Tasks\{A05D14E6-C937-4854-9616-0DA1DCA06FB1} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {586E3BE1-38FD-42A5-8E5A-610A3C018D93} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {676EB4AE-2DDB-4E5B-ABFF-6351AA872B6C} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2013-12-11] (TuneUp Software)
Task: {6CCE4CEB-ECCA-48FB-A4ED-777C13AA1131} - System32\Tasks\Google Updater and Installer => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {719D66C2-8E8A-4294-B298-4DAB45F1D361} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {8BE48F83-A861-40C4-8902-F22FBEB28374} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {A30A7DAB-8AF0-4C6F-B2AA-C5BEA45E1DF1} - System32\Tasks\{68F0DC71-ED5A-47F4-A90D-BD88B58E9275} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.0.114.259/es/abandoninstall?page=tsPlugin&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent
Task: {B6DD0240-B173-4894-BAD9-C6AC28177827} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {E53C5BCF-5BDA-44E7-B691-F3BA5810A9E3} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {E54A43A7-B5B9-4513-BE78-9AD79572C138} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\F-Secure\Anti-Virus\fsav.exe [2012-06-26] (F-Secure Corporation)
Task: {F49D6357-D728-4CDA-AA11-DBB081D749EF} - System32\Tasks\AdobeAAMUpdater-1.0-Daniel-PC-Daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {FB4737D6-DEF9-4218-A4D3-BA2689C178C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {FE355981-5699-42DC-BD1E-DC2119AB30A4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~2\F-Secure\Anti-Virus\fsav.exe

==================== Loaded Modules (whitelisted) =============

2013-11-03 12:42 - 2013-08-09 22:07 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-22 17:45 - 2012-10-06 15:49 - 00009216 _____ () C:\Program Files\USBLogon\usblonsvc.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-01-22 15:45 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-05-29 23:01 - 2009-10-02 13:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-10-14 21:41 - 2012-06-26 18:25 - 00208624 _____ () c:\program files (x86)\f-secure\daas2\daas2.dll
2012-10-14 21:46 - 2012-10-14 21:46 - 00030888 _____ () C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\hashlib_x86.dll
2012-10-14 21:41 - 2014-04-28 17:52 - 00949288 _____ () C:\Program Files (x86)\F-Secure\Anti-Virus\fm4av.dll
2012-10-14 21:41 - 2012-06-26 18:25 - 00036864 _____ () C:\Program Files (x86)\F-Secure\Anti-Virus\FSAVHRES.eng
2012-01-22 15:45 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2012-10-14 21:41 - 2012-06-26 18:25 - 00442096 _____ () C:\Program Files (x86)\F-Secure\FSGUI\about.dll
2012-10-14 21:41 - 2012-06-26 18:25 - 00089840 _____ () C:\Program Files (x86)\F-Secure\FSGUI\aboutres.dll
2012-10-14 21:41 - 2012-06-26 18:25 - 00086016 _____ () C:\Program Files (x86)\F-Secure\FSGUI\strres.eng
2012-10-14 21:41 - 2012-06-26 18:25 - 00552688 _____ () C:\Program Files (x86)\F-Secure\FSGUI\gres.dll
2012-10-14 21:41 - 2012-06-26 18:25 - 00045056 _____ () C:\Program Files (x86)\F-Secure\FSGUI\fsavures.eng

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0888F409
AlternateDataStreams: C:\ProgramData\TEMP:2BE9FEFC

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: NielsenUpdate => 2
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BumpTop.lnk => C:\Windows\pss\BumpTop.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^maxdome Download Manager.lnk => C:\Windows\pss\maxdome Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Product Registration.lnk => C:\Windows\pss\Product Registration.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: CCWinTray => C:\Windows\tray\wintmr.exe
MSCONFIG\startupreg: Daniel - Safe => "C:\Program Files (x86)\Steganos Privacy Suite 12\Safe.exe" -entry Safe.ToggleDrive.Daniel - Safe
MSCONFIG\startupreg: EPSON Stylus CX8300 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEP.EXE /FU "C:\Windows\TEMP\E_S424D.tmp" /EF "HKCU"
MSCONFIG\startupreg: FILSHtray => "C:\Program Files (x86)\FILSHtray\FILSHtray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: NielsenOnline => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: rfxsrvtray => "C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe"
MSCONFIG\startupreg: Sony Ericsson PC Suite => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
MSCONFIG\startupreg: SSS12 Browser Monitor => "C:\Program Files (x86)\Steganos Privacy Suite 12\SteganosBrowserMonitor.exe"
MSCONFIG\startupreg: SSS12 File Redirection Starter => "C:\Program Files (x86)\Steganos Privacy Suite 12\fredirstarter.exe"
MSCONFIG\startupreg: SSS12 HotKeys => "C:\Program Files (x86)\Steganos Privacy Suite 12\SteganosHotKeyService.exe"
MSCONFIG\startupreg: SSS2009 Browser Monitor => "C:\Program Files (x86)\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe"
MSCONFIG\startupreg: SSS2009 File Redirection Starter => "C:\Program Files (x86)\Steganos Privacy Suite 11\fredirstarter.exe"
MSCONFIG\startupreg: SSS2009 HotKeys => "C:\Program Files (x86)\Steganos Privacy Suite 11\SteganosHotKeyService.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: USBLogon => C:\Program Files\USBLogon\usblondetect.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Windows Defender => %ProgramFiles(x86)%\Windows Defender\MSASCui.exe -hide

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/30/2014 06:14:41 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1  2014-05-30  18:14:40+02:00  daniel-pc  Daniel-PC\Daniel  F-Secure Anti-Virus
 An error occurred while scanning \DEVICE\HARDDISKVOLUME3\PROGRAM FILES (X86)\PRIMUSFREE\PRIMUSFREE.EXE.

Error: (05/29/2014 06:37:06 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1  2014-05-29  18:36:56+02:00  daniel-pc  Daniel-PC\Daniel  F-Secure Anti-Virus
 Crash detected.

Error: (05/29/2014 04:50:06 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07

Error: (05/29/2014 04:50:05 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07

Error: (05/19/2014 03:58:56 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/19/2014 03:11:54 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/19/2014 02:57:36 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/18/2014 06:39:11 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/17/2014 09:52:56 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/17/2014 01:56:25 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (05/30/2014 05:41:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (05/30/2014 05:37:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {B01383A6-CC92-4E0F-BD05-2C89B1BEB5F4}

Error: (05/30/2014 05:37:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 5 Service" wurde mit folgendem Fehler beendet: 
%%-2147467259

Error: (05/30/2014 05:35:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
UimBus
Uim_IM

Error: (05/30/2014 05:34:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 5 Service" wurde mit folgendem Fehler beendet: 
%%-2147467259

Error: (05/30/2014 05:34:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/30/2014 02:39:50 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Steganos Volatile Disk konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (05/30/2014 02:06:08 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {B01383A6-CC92-4E0F-BD05-2C89B1BEB5F4}

Error: (05/30/2014 02:05:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 5 Service" wurde mit folgendem Fehler beendet: 
%%-2147467259

Error: (05/30/2014 02:03:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
UimBus
Uim_IM


Microsoft Office Sessions:
=========================
Error: (05/30/2014 06:14:41 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1  2014-05-30  18:14:40+02:00  daniel-pc  Daniel-PC\Daniel  F-Secure Anti-Virus
 An error occurred while scanning \DEVICE\HARDDISKVOLUME3\PROGRAM FILES (X86)\PRIMUSFREE\PRIMUSFREE.EXE.

Error: (05/29/2014 06:37:06 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1  2014-05-29  18:36:56+02:00  daniel-pc  Daniel-PC\Daniel  F-Secure Anti-Virus
 Crash detected.

Error: (05/29/2014 04:50:06 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Samsung\Kies\Kies.exe

Error: (05/29/2014 04:50:05 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Samsung\Kies\Kies.exe

Error: (05/19/2014 03:58:56 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)

Error: (05/19/2014 03:11:54 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)

Error: (05/19/2014 02:57:36 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)

Error: (05/18/2014 06:39:11 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)

Error: (05/17/2014 09:52:56 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)

Error: (05/17/2014 01:56:25 PM) (Source: MsiInstaller) (EventID: 1024) (User: Daniel-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2013-11-02 19:20:11.628
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-02 19:20:11.478
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-28 22:54:49.961
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-08 15:50:51.601
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-08 15:29:02.656
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-07 19:26:31.321
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-07 17:17:21.177
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-05 17:42:43.974
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-05 15:54:28.516
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-03 18:04:09.966
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 34%
Total physical RAM: 8151.08 MB
Available physical RAM: 5325.1 MB
Total Pagefile: 16300.34 MB
Available Pagefile: 13599.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Betriebssystem) (Fixed) (Total:1790.01 GB) (Free:493.18 GB) NTFS
Drive d: (Eigene Dateien) (Fixed) (Total:63.02 GB) (Free:7.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1800 GB) (Disk ID: 58000000)
Partition 1: (Not Active) - (Size=86 MB) - (Type=DE)
Partition 2: (Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=-277014904832) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 63 GB) (Disk ID: DD34E22C)
Partition 1: (Not Active) - (Size=63 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Programm - Gmer

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-30 19:34:13
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 Intel___ rev.1.0. 1800,00GB
Running: Gmer-19357.exe; Driver: C:\Users\Daniel\AppData\Local\Temp\uwlirpod.sys


---- Kernel code sections - GMER 2.1 ----

.text  C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                       fffff96000113f00 7 bytes [00, 98, F3, FF, 01, A6, F0]
.text  C:\Windows\System32\win32k.sys!W32pServiceTable + 8                                                                                   fffff96000113f08 3 bytes [C0, 06, 02]

---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe[2440] C:\Windows\syswow64\ADVAPI32.dll!RegOpenKeyExA                     0000000075734887 5 bytes JMP 0000000101043eee
.text  C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe[2440] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69            0000000076611465 2 bytes [61, 76]
.text  C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe[2440] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155           00000000766114bb 2 bytes [61, 76]
.text  ...                                                                                                                                   * 2
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2568] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69   0000000076611465 2 bytes [61, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2568] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155  00000000766114bb 2 bytes [61, 76]
.text  ...                                                                                                                                   * 2
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2884] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                             0000000076611465 2 bytes [61, 76]
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2884] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                            00000000766114bb 2 bytes [61, 76]
.text  ...                                                                                                                                   * 2
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[5608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                              0000000076611465 2 bytes [61, 76]
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[5608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                             00000000766114bb 2 bytes [61, 76]
.text  ...                                                                                                                                   * 2
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[5264] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69     0000000076611465 2 bytes [61, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[5264] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155    00000000766114bb 2 bytes [61, 76]
.text  ...                                                                                                                                   * 2
.text  C:\Program Files (x86)\RocketDock\RocketDock.exe[1020] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                        0000000076611465 2 bytes [61, 76]
.text  C:\Program Files (x86)\RocketDock\RocketDock.exe[1020] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                       00000000766114bb 2 bytes [61, 76]
.text  ...                                                                                                                                   * 2
.text  C:\Program Files (x86)\avmwlanstick\WLanGUI.exe[5364] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                         0000000076611465 2 bytes [61, 76]
.text  C:\Program Files (x86)\avmwlanstick\WLanGUI.exe[5364] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                        00000000766114bb 2 bytes [61, 76]
.text  ...                                                                                                                                   * 2

---- EOF - GMER 2.1 ----

Für jegliche Hilfe möchte ich mich bereits schon im Voraus bedanken und wünsche einen angenehmen Freitagabend

Herzliche Grüße,
Daniel_4

schrauber · 30.05.2014, 20:04

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

daniel_4 · 30.05.2014, 22:11

Code:

ATTFilter

ComboFix 14-05-29.01 - Daniel 30.05.2014  23:04:29.2.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8151.5783 [GMT 2:00]
ausgeführt von:: c:\users\Daniel\Desktop\ComboFix.exe
AV: F-Secure Client Security 9.32 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: F-Secure Internet Security 2011 10.51 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: F-Secure Client Security 9.32 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\PFRO.log
.
---- Vorheriger Suchlauf -------
.
c:\programdata\PCDr\6426\AddOnDownloaded\434373b7-17f4-4a5e-9e8f-2c1bb65cd9e5.dll
c:\programdata\PCDr\6426\AddOnDownloaded\64882123-3c6f-4e15-8579-c6d1ba56c9de.dll
c:\programdata\PCDr\6426\AddOnDownloaded\7bd91bf5-79bd-4c68-b85b-3c132cdb258a.dll
c:\programdata\PCDr\6426\AddOnDownloaded\9c07cc30-4011-4e36-a63d-e59077a22429.dll
c:\programdata\PCDr\6426\AddOnDownloaded\ad817bdc-639c-43e8-b06b-897bcb5b8f23.dll
c:\programdata\PCDr\6426\AddOnDownloaded\aeffdb78-a789-4b6a-b2c2-f85f9b4863e6.dll
c:\programdata\PCDr\6426\AddOnDownloaded\d114d5a6-2ec4-4056-a365-d6281d97c6b6.dll
c:\programdata\PCDr\6426\AddOnDownloaded\d460bca3-24f0-49a7-beed-a064fad82750.dll
c:\programdata\PCDr\6426\AddOnDownloaded\e5847967-7dc8-4833-8ca6-09af078c1bcb.dll
c:\programdata\PCDr\6426\AddOnDownloaded\e60d8e3c-5d91-4f95-b952-3ef470494451.dll
c:\windows\msvcr71.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Legacy_NPF
-------\Service_acedrv11
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-28 bis 2014-05-30  ))))))))))))))))))))))))))))))
.
.
2014-05-30 21:10 . 2014-05-30 21:10	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-05-30 21:10 . 2014-05-30 21:10	--------	d-----w-	c:\users\Gastkonto\AppData\Local\temp
2014-05-30 21:10 . 2014-05-30 21:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-30 10:23 . 2014-04-30 23:20	10702536	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{28BA38BE-1475-4CBE-B574-E5C2870C139D}\mpengine.dll
2014-05-29 14:51 . 2014-05-07 15:42	144664	----a-w-	c:\windows\SysWow64\secman.dll
2014-05-29 14:31 . 2014-03-19 01:27	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-05-29 14:31 . 2014-03-19 01:27	109056	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2014-05-19 14:05 . 2014-03-31 16:42	40392	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-05-19 14:05 . 2014-03-31 16:42	34760	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-05-19 12:47 . 2014-05-30 16:17	--------	d-----w-	c:\programdata\Deutsche Post AG
2014-05-15 13:47 . 2014-05-06 04:40	23544320	----a-w-	c:\windows\system32\mshtml.dll
2014-05-15 13:47 . 2014-05-06 03:00	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-15 13:47 . 2014-05-06 04:17	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-15 13:47 . 2014-05-06 03:07	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-15 13:41 . 2014-03-25 02:43	14175744	----a-w-	c:\windows\system32\shell32.dll
2014-05-15 13:40 . 2014-05-09 06:14	477184	----a-w-	c:\windows\system32\aepdu.dll
2014-05-15 13:40 . 2014-05-09 06:11	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-05-08 13:48 . 2014-05-08 13:48	227704	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-05-06 19:48 . 2014-05-16 13:21	--------	d-s---w-	c:\windows\system32\CompatTel
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 13:44 . 2010-06-05 18:31	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-05-14 19:56 . 2012-03-29 09:48	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-14 19:56 . 2011-05-13 12:05	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-30 18:29 . 2013-11-03 12:11	1081112	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2013-11-03 12:11	1225920	----a-w-	c:\windows\system32\nvspcap64.dll
2014-04-15 00:34 . 2014-04-15 00:34	1070232	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-31 16:42 . 2013-11-03 12:07	37320	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-03-31 07:35 . 2010-06-11 18:54	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-06 09:31 . 2014-04-27 15:30	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-27 15:30	66048	----a-w-	c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-27 15:30	548352	----a-w-	c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-27 15:30	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-27 15:30	2767360	----a-w-	c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-27 15:30	51200	----a-w-	c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-27 15:30	33792	----a-w-	c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-27 15:30	574976	----a-w-	c:\windows\system32\ieui.dll
2014-03-06 08:29 . 2014-04-27 15:30	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-27 15:30	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-27 15:30	752640	----a-w-	c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-27 15:30	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-27 15:30	5784064	----a-w-	c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-27 15:30	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-27 15:30	586240	----a-w-	c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-27 15:30	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-27 15:30	455168	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-27 15:30	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-27 15:30	38400	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-27 15:30	195584	----a-w-	c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-27 15:29	4254720	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-27 15:30	296960	----a-w-	c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-27 15:30	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-27 15:30	592896	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-27 15:30	628736	----a-w-	c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-27 15:30	32256	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-27 15:30	2043904	----a-w-	c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-27 15:30	13551104	----a-w-	c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-27 15:30	1967104	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-27 15:30	2260480	----a-w-	c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-27 15:30	1400832	----a-w-	c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-27 15:30	846336	----a-w-	c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-27 15:30	1789440	----a-w-	c:\windows\SysWow64\wininet.dll
2014-03-04 14:35 . 2014-03-26 19:08	1885472	----a-w-	c:\windows\system32\nvdispco6433523.dll
2014-03-04 14:35 . 2014-03-26 19:08	1516488	----a-w-	c:\windows\system32\nvdispgenco6433523.dll
2014-03-04 14:35 . 2013-11-03 10:42	62408	----a-w-	c:\windows\system32\OpenCL.dll
2014-03-04 14:35 . 2013-11-03 10:42	54216	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-03-04 09:44 . 2014-04-09 20:34	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-09 20:34	243712	----a-w-	c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-09 20:34	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-09 20:34	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-09 20:34	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-09 20:34	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-09 20:34	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-09 20:34	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-09 20:34	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-09 20:34	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-09 20:34	2048	----a-w-	c:\windows\SysWow64\user.exe
2003-03-21 11:45 . 2011-10-25 17:28	250544	----a-w-	c:\program files (x86)\Common Files\keyhelp.ocx
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6}"= "c:\program files (x86)\Soda PDF 5\PDFIEPlugin.dll" [2013-01-25 691040]
.
[HKEY_CLASSES_ROOT\clsid\{f335aba2-fdb4-4644-92b2-5cc4b0fc91d6}]
[HKEY_CLASSES_ROOT\SodaPDF5_IEPlugin.PDFIEConverter.1]
[HKEY_CLASSES_ROOT\TypeLib\{DC275339-6DF9-41FB-AFB8-03BC81FBD9E5}]
[HKEY_CLASSES_ROOT\SodaPDF5_IEPlugin.PDFIEConverter]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	130736	----a-w-	c:\users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	130736	----a-w-	c:\users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	130736	----a-w-	c:\users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	130736	----a-w-	c:\users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27	158224	----a-w-	c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2006-12-27 1454080]
"F-Secure Manager"="c:\program files (x86)\F-Secure\Common\FSM32.EXE" [2012-06-26 306928]
"F-Secure TNB"="c:\program files (x86)\F-Secure\FSGUI\TNBUtil.exe" [2012-06-26 1654512]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-02-06 189480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	PDBoot.exe\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
"IAStorIcon"=c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
"ShwiconXP9106"=c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"PDFPrint"=c:\program files (x86)\PDF24\pdf24.exe
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"SSS2012 HotKeys"="c:\program files (x86)\Steganos Privacy Suite 2012\SteganosHotKeyService.exe"
"SSS2012 File Redirection Starter"="c:\program files (x86)\Steganos Privacy Suite 2012\fredirstarter.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Soda PDF 5 Service;Soda PDF 5 Service;c:\program files (x86)\Soda PDF 5\ConversionService.exe;c:\program files (x86)\Soda PDF 5\ConversionService.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys;c:\windows\SYSNATIVE\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys;c:\windows\SYSNATIVE\DRIVERS\connctfy.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\F-Secure\ORSP Client\fsorsp.exe;c:\program files (x86)\F-Secure\ORSP Client\fsorsp.exe [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys;c:\windows\SYSNATIVE\drivers\HCW85BDA.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SXDS10;soft Xpansion Dispatch Service;c:\program files (x86)\Common Files\soft Xpansion\SXDS10.exe \Service;c:\program files (x86)\Common Files\soft Xpansion\SXDS10.exe \Service [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [x]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [x]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [x]
S1 SLEE_17_DRIVER;Steganos Live Encryption Engine 17 [Driver];c:\windows\Sleen1764.sys;c:\windows\Sleen1764.sys [x]
S1 SLEE_18_DRIVER;Steganos Live Encryption Engine 18 [Driver];c:\windows\Sleen1864.sys;c:\windows\Sleen1864.sys [x]
S1 STGMFEngine64;Steganos RAM Disk Engine 64 Bit [Driver];c:\windows\system32\drivers\STGMFEngine64.sys;c:\windows\SYSNATIVE\drivers\STGMFEngine64.sys [x]
S2 acedrv09;acedrv09;c:\windows\system32\drivers\acedrv09.sys;c:\windows\SYSNATIVE\drivers\acedrv09.sys [x]
S2 acehlp09;acehlp09;c:\windows\system32\drivers\acehlp09.sys;c:\windows\SYSNATIVE\drivers\acehlp09.sys [x]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 fsdevcon;F-Secure Device Control Daemon;c:\program files (x86)\F-Secure\Device Control\\fsdevcon64.exe;c:\program files (x86)\F-Secure\Device Control\\fsdevcon64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 Soda PDF 5 Helper Service;Soda PDF 5 Helper Service;c:\program files (x86)\Soda PDF 5\HelperService.exe;c:\program files (x86)\Soda PDF 5\HelperService.exe [x]
S2 Steganos Volatile Disk;Steganos Volatile Disk;c:\windows\system32\STGRAMDiskHandler64.exe;c:\windows\SYSNATIVE\STGRAMDiskHandler64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
S2 USBLogonService;USBLogonService;c:\program files\USBLogon\usblonsvc.exe;c:\program files\USBLogon\usblonsvc.exe [x]
S3 cbfs3;EldoS Callback File System driver v3;c:\windows\system32\DRIVERS\cbfs3.sys;c:\windows\SYSNATIVE\DRIVERS\cbfs3.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [x]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MonitorFunction;Driver for Monitor;c:\windows\system32\DRIVERS\TVMonitor.sys;c:\windows\SYSNATIVE\DRIVERS\TVMonitor.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-26 18:49	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 19:56]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-16 11:09]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-16 11:09]
.
2014-05-30 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~2\F-Secure\Anti-Virus\fsav.exe [2012-10-14 16:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27	190480	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RunDLLEntry_THXCfg"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"RunDLLEntry_EptMon"="c:\windows\system32\EptMon64.dll" [2009-10-15 21504]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: dell.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FotoManager10Deluxe.8.alb"
.
[HKEY_USERS\S-1-5-21-2679092377-2185092980-2786416117-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:b2,5d,8b,4f,98,10,1a,df,6b,fd,46,b4,72,32,19,5b,45,29,6a,23,a8,44,3c,
   f6,17,e7,44,f6,c7,fa,dc,9e,97,e9,8d,95,a5,97,92,bb,b6,1d,a9,75,13,ce,d3,94,\
"??"=hex:59,e5,97,70,47,08,a5,1e,f6,13,83,cc,52,0d,a6,6c
.
[HKEY_USERS\S-1-5-21-2679092377-2185092980-2786416117-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:ae,42,0d,8a,54,c4,c5,9d,ad,95,e6,7b,09,bd,f1,f6,92,e7,31,f1,03,
   0e,32,34,d1,17,2c,d7,e6,d8,9c,73,f9,83,6d,2b,b1,5d,6f,88,6f,50,82,25,5a,c7,\
"rkeysecu"=hex:48,b3,c7,bf,af,0b,63,46,49,ec,f3,3f,a8,32,35,7c
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-30  23:12:20
ComboFix-quarantined-files.txt  2014-05-30 21:12
.
Vor Suchlauf: 10 Verzeichnis(se), 532.152.614.912 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 532.060.151.808 Bytes frei
.
- - End Of File - - 6BE02453597E6D631DC7A1643E51CA7B

--- --- ---

schrauber · 31.05.2014, 15:43

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

daniel_4 · 31.05.2014, 18:57

Mbam

Zitat:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 31.05.2014
Suchlauf-Zeit: 19:23:56
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.05.31.07
Rootkit Datenbank: v2014.05.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Daniel

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320052
Verstrichene Zeit: 9 Min, 50 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-2679092377-2185092980-2786416117-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [3bb85205bcbfb284d134b0eb18eaa25e],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)

(end)

AdwCleaner

Code:

ATTFilter

# AdwCleaner v3.211 - Bericht erstellt am 31/05/2014 um 19:44:56
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Daniel - DANIEL-PC
# Gestartet von : C:\Users\Daniel\Desktop\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Tobit
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\invalidprefs.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\prefs.js ]


[ Datei : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1683 octets] - [31/05/2014 19:44:08]
AdwCleaner[S0].txt - [1553 octets] - [31/05/2014 19:44:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1613 octets] ##########

JRT

Zitat:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Daniel on 31.05.2014 at 19:51:21,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Daniel\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"

~~~ FireFox

Emptied folder: C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\dph0vwph.tarnfox\minidumps [103 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.05.2014 at 19:56:05,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Frisches FRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by Daniel (administrator) on DANIEL-PC on 31-05-2014 19:57:33
Running from C:\Users\Daniel\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Device Control\fsdevcon64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSMA32.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
(BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 5\HelperService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
() C:\Program Files\USBLogon\usblonsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSLAUNCH.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\THXCfg64.dll [17920 2009-10-15] (Creative Technology Ltd.)
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\EptMon64.dll [21504 2009-10-15] (Creative Technology Ltd.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [1454080 2006-12-28] (AVM Berlin)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\Common\FSM32.EXE [306928 2012-06-26] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure TNB] => C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe [1654512 2012-06-26] (F-Secure Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {1940599C-32B7-46B3-863C-8A626C042730} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Browsing Protection Class - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
BHO-x32: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll (LULU Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Perfect PDF 5 - {9DE41FB9-ACA7-4847-982B-D984042588FC} - C:\Program Files (x86)\soft Xpansion\Perfect PDF 5\PDF4ie.dll (soft Xpansion)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 2012\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} -  No File
Handler-x32: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - C:\Program Files (x86)\Common Files\BinarySense\hlAPP.dll (BinarySense, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.10 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Add to Amazon Wish List Button - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\amznUWL2@amazon.com.xpi [2012-04-09]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\ich@maltegoetz.de.xpi [2012-01-29]
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-29]
FF Extension: User Agent Switcher - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2012-03-12]
FF Extension: YouTube Unblocker - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\youtubeunblocker@unblocker.yt [2014-04-27]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{caad1213-7e0a-45dc-9a65-cd7859bf58d1}.xpi [2014-04-28]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-04-22]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{fd15878e-7528-438b-b493-6e17671d45b7}.xpi [2014-04-27]
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 2012\pfplugin
FF Extension: Steganos Private Favorites - C:\Program Files (x86)\Steganos Privacy Suite 2012\pfplugin [2012-11-11]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 2012\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 2012\spmplugin3 [2012-11-11]
FF HKLM-x32\...\Firefox\Extensions: [fe_12.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_12.0
FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com [2012-10-14]
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext
FF Extension: Soda PDF 5 Converter For Firefox - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext [2013-03-10]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-16]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-16]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-16]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-16]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-16]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-16]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin)
R2 F-Secure Gatekeeper Handler Starter; C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe [220912 2012-06-26] (F-Secure Corporation)
S3 F-Secure Network Request Broker; C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE [188144 2012-06-26] (F-Secure Corporation)
R2 fsdevcon; C:\Program Files (x86)\F-Secure\Device Control\\fsdevcon64.exe [516848 2012-06-26] (F-Secure Corporation)
R2 FSMA; C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE [188144 2012-06-26] (F-Secure Corporation)
S3 FSORSPClient; C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [60352 2013-06-06] (F-Secure Corporation)
R2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [841544 2011-02-18] (BinarySense, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [1488136 2009-07-23] (Raxco Software, Inc.)
S3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1486600 2009-07-23] (Raxco Software, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
R2 Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1237856 2013-01-25] (LULU Software)
S2 Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [877920 2013-01-25] (LULU Software)
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2012-10-29] (Softwareentwicklung Remus - ArchiCrypt)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [160768 2009-07-13] (soft Xpansion)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software)
R2 USBLogonService; C:\Program Files\USBLogon\usblonsvc.exe [9216 2012-10-06] ()
S3 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe" Start=service [X]
S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X]

==================== Drivers (Whitelisted) ====================

R2 acedrv09; C:\Windows\system32\drivers\acedrv09.sys [294720 2010-06-14] (Protect Software GmbH)
R2 acehlp09; C:\Windows\system32\drivers\acehlp09.sys [195248 2010-06-14] (Protect Software GmbH)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S4 F-Secure Filter; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [41072 2012-06-26] ()
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [202176 2013-07-17] (F-Secure Corporation)
S4 F-Secure Recognizer; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [26352 2012-06-26] ()
U5 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-08-15] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R1 fsvista; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [14064 2012-06-26] ()
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
S3 StarOpen; No ImagePath
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2012-10-29] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-08] (TuneUp Software)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [53840 2011-03-03] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [528464 2011-03-03] (Paragon)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [33408 2012-10-14] ()
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-31 19:57 - 2014-05-31 19:57 - 00025471 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-05-31 19:56 - 2014-05-31 19:56 - 00000911 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-05-31 19:47 - 2014-05-31 19:47 - 00001693 _____ () C:\Users\Daniel\Desktop\AdwCleaner[S0].txt
2014-05-31 19:44 - 2014-05-31 19:45 - 00000000 ____D () C:\AdwCleaner
2014-05-31 19:44 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-31 19:43 - 2014-05-31 19:43 - 00001338 _____ () C:\Users\Daniel\Desktop\mbam.txt
2014-05-31 19:19 - 2014-05-31 19:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 19:19 - 2014-05-31 19:19 - 00001120 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-31 19:19 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-31 19:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-31 19:14 - 2014-05-31 19:15 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-05-31 19:14 - 2014-05-31 19:14 - 01327971 _____ () C:\Users\Daniel\Desktop\adwcleaner_3.211.exe
2014-05-31 19:13 - 2014-05-31 19:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-31 11:13 - 2014-05-31 19:46 - 00000866 _____ () C:\Windows\PFRO.log
2014-05-30 23:12 - 2014-05-30 23:12 - 00034837 _____ () C:\ComboFix.txt
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Gastkonto\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-30 23:03 - 2014-05-30 23:12 - 00000000 ____D () C:\ComboFix
2014-05-30 21:11 - 2014-05-30 23:12 - 00000000 ____D () C:\Qoobox
2014-05-30 21:11 - 2014-05-30 21:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-30 21:11 - 2014-05-30 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\zz
2014-05-30 21:11 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-30 21:11 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-30 21:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-30 21:10 - 2014-05-30 21:10 - 05203398 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2014-05-30 18:30 - 2014-05-30 18:30 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-05-30 18:24 - 2014-05-30 18:24 - 00380416 _____ () C:\Users\Daniel\Desktop\Gmer-19357.exe
2014-05-30 18:23 - 2014-05-30 18:23 - 02066944 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-05-30 18:13 - 2014-05-30 18:13 - 00050477 _____ () C:\Users\Daniel\Desktop\Defogger.exe
2014-05-29 16:51 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-29 16:35 - 2014-05-29 16:35 - 00000000 ____D () C:\Users\Daniel\Desktop\media
2014-05-29 16:34 - 2014-02-27 15:38 - 00245733 ____N () C:\Users\Daniel\Desktop\pass.pkpass
2014-05-29 16:31 - 2014-03-19 03:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-29 16:31 - 2014-03-19 03:27 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-29 16:29 - 2014-05-29 16:30 - 00000000 ____D () C:\Users\Daniel\Desktop\Audible
2014-05-29 12:57 - 2014-05-29 19:20 - 00000000 ____D () C:\Users\Daniel\Desktop\Archiv
2014-05-19 16:05 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-19 16:05 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-19 14:47 - 2014-05-30 18:17 - 00000000 ____D () C:\ProgramData\Deutsche Post AG
2014-05-19 14:47 - 2014-05-19 14:47 - 00000138 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-05-15 15:47 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 15:47 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 15:47 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 15:47 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 15:47 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 15:47 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 15:41 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:40 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:40 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:39 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:39 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:39 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:39 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:39 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:39 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:39 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:39 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:39 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:39 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:39 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:39 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:39 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 23:10 - 2014-05-09 23:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 21:48 - 2014-05-16 15:21 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== One Month Modified Files and Folders =======

2014-05-31 19:57 - 2014-05-31 19:57 - 00025471 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-05-31 19:57 - 2013-11-22 17:20 - 00000000 ____D () C:\FRST
2014-05-31 19:57 - 2010-06-05 11:42 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Temp
2014-05-31 19:56 - 2014-05-31 19:56 - 00000911 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-05-31 19:54 - 2012-03-29 11:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-31 19:54 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 19:54 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 19:47 - 2014-05-31 19:47 - 00001693 _____ () C:\Users\Daniel\Desktop\AdwCleaner[S0].txt
2014-05-31 19:47 - 2013-11-16 13:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-31 19:46 - 2014-05-31 11:13 - 00000866 _____ () C:\Windows\PFRO.log
2014-05-31 19:46 - 2012-08-28 18:26 - 00151174 _____ () C:\Windows\setupact.log
2014-05-31 19:46 - 2011-11-12 20:27 - 00000000 ____D () C:\ProgramData\TEMP
2014-05-31 19:46 - 2010-05-29 22:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-31 19:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-31 19:45 - 2014-05-31 19:44 - 00000000 ____D () C:\AdwCleaner
2014-05-31 19:45 - 2009-07-14 07:10 - 01561404 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 19:43 - 2014-05-31 19:43 - 00001338 _____ () C:\Users\Daniel\Desktop\mbam.txt
2014-05-31 19:42 - 2013-11-16 13:09 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-31 19:23 - 2014-05-31 19:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 19:19 - 2014-05-31 19:19 - 00001120 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2012-10-15 17:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-31 19:16 - 2014-05-31 19:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-31 19:15 - 2014-05-31 19:14 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-05-31 19:14 - 2014-05-31 19:14 - 01327971 _____ () C:\Users\Daniel\Desktop\adwcleaner_3.211.exe
2014-05-31 19:10 - 2013-11-27 16:39 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{263A6FA9-0919-4587-BE68-750D8D06BEB7}
2014-05-31 19:03 - 2013-11-02 20:32 - 00000542 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-05-31 12:07 - 2013-05-22 17:49 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-31 11:24 - 2010-06-05 19:56 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe
2014-05-31 11:14 - 2013-11-02 20:32 - 00003178 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-05-30 23:12 - 2014-05-30 23:12 - 00034837 _____ () C:\ComboFix.txt
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Gastkonto\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:03 - 00000000 ____D () C:\ComboFix
2014-05-30 23:12 - 2014-05-30 21:11 - 00000000 ____D () C:\Qoobox
2014-05-30 23:10 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-30 21:34 - 2009-07-14 04:34 - 23855104 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-30 21:33 - 2009-07-14 04:34 - 103284736 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-30 21:33 - 2009-07-14 04:34 - 00786432 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-30 21:33 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-30 21:32 - 2013-11-02 20:09 - 00000000 ____D () C:\Windows\erdnt
2014-05-30 21:11 - 2014-05-30 21:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-30 21:11 - 2014-05-30 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\zz
2014-05-30 21:10 - 2014-05-30 21:10 - 05203398 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2014-05-30 21:07 - 2009-07-14 04:34 - 00102400 _____ () C:\Windows\system32\config\SAM.bak
2014-05-30 18:30 - 2014-05-30 18:30 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-05-30 18:30 - 2010-06-05 11:42 - 00000000 ____D () C:\Users\Daniel
2014-05-30 18:29 - 2012-12-25 19:41 - 00000000 ____D () C:\Users\Daniel\Documents\samsung
2014-05-30 18:27 - 2014-03-27 17:26 - 00000000 ____D () C:\ProgramData\Freemake
2014-05-30 18:27 - 2014-03-27 17:26 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-05-30 18:27 - 2010-10-31 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio & Video
2014-05-30 18:25 - 2012-12-25 19:41 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Samsung
2014-05-30 18:25 - 2012-12-25 18:51 - 00000000 ____D () C:\ProgramData\Samsung
2014-05-30 18:25 - 2012-12-25 18:51 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-30 18:25 - 2010-05-29 23:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-30 18:24 - 2014-05-30 18:24 - 00380416 _____ () C:\Users\Daniel\Desktop\Gmer-19357.exe
2014-05-30 18:23 - 2014-05-30 18:23 - 02066944 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-05-30 18:17 - 2014-05-19 14:47 - 00000000 ____D () C:\ProgramData\Deutsche Post AG
2014-05-30 18:13 - 2014-05-30 18:13 - 00050477 _____ () C:\Users\Daniel\Desktop\Defogger.exe
2014-05-29 19:40 - 2012-08-11 13:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-29 19:20 - 2014-05-29 12:57 - 00000000 ____D () C:\Users\Daniel\Desktop\Archiv
2014-05-29 16:35 - 2014-05-29 16:35 - 00000000 ____D () C:\Users\Daniel\Desktop\media
2014-05-29 16:30 - 2014-05-29 16:29 - 00000000 ____D () C:\Users\Daniel\Desktop\Audible
2014-05-27 23:36 - 2009-07-14 19:58 - 00724128 _____ () C:\Windows\system32\perfh007.dat
2014-05-27 23:36 - 2009-07-14 19:58 - 00160482 _____ () C:\Windows\system32\perfc007.dat
2014-05-27 23:36 - 2009-07-14 07:13 - 01686146 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-23 22:38 - 2013-04-17 14:56 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2014-05-20 18:37 - 2012-01-28 20:33 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-05-19 16:06 - 2013-11-12 20:03 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NVIDIA Corporation
2014-05-19 16:06 - 2013-09-13 17:18 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-19 16:05 - 2011-04-05 13:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-19 14:47 - 2014-05-19 14:47 - 00000138 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-05-18 19:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 15:23 - 2012-07-27 12:20 - 00000680 __RSH () C:\Users\Daniel\ntuser.pol
2014-05-16 15:23 - 2010-06-06 21:15 - 00000000 ___RD () C:\Users\Daniel\Virtual Machines
2014-05-16 15:21 - 2014-05-06 21:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 15:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 15:47 - 2012-03-23 16:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 15:46 - 2013-07-19 11:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 15:44 - 2010-06-05 20:31 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 21:56 - 2012-03-29 11:48 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 21:56 - 2012-03-29 11:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 21:56 - 2011-05-13 14:05 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-12 07:57 - 2012-10-22 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 07:26 - 2014-05-31 19:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-31 19:19 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-31 19:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 23:10 - 2014-05-09 23:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-15 15:40 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 15:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 23:37 - 2013-11-16 13:09 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 23:37 - 2013-11-16 13:09 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 17:42 - 2014-05-29 16:51 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-06 06:40 - 2014-05-15 15:47 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 15:47 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 15:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

Files to move or delete:
====================
C:\Users\Daniel\setup.exe


Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 20:38

==================== End Of Log ============================

--- --- ---

schrauber · 01.06.2014, 14:15

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

daniel_4 · 02.06.2014, 14:58

Eset

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=0813185075b4784687e6b7846b1662b4
# engine=18501
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-01 07:12:15
# local_time=2014-06-01 09:12:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='F-Secure Anti-Virus for Workstations 9.10'
# compatibility_mode=2309 16777213 100 95 12083 60922011 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 85051 153279785 0 0
# scanned=463405
# found=7
# cleaned=0
# scan_time=10845
sh=68C1DB76A8080782E3F450E3F724E4E1564B18F6 ft=1 fh=b4215c27d5d833f4 vn="Variante von Win32/Agent.SZW Trojaner" ac=I fn="C:\Users\Daniel\AppData\Local\TempImages\CheckVer104.exe"
sh=0C321747B581AD79DA70DC9AAB183CC12C3BBEFD ft=1 fh=f2b88ea8fc6d0b9b vn="Variante von Win32/Agent.SZW Trojaner" ac=I fn="C:\Users\Daniel\AppData\Local\TempImages\regver.exe"
sh=07C3A8DE40271B9ECD674AF867A2C7F61D40DFBA ft=1 fh=8a8ff7b630139cd7 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Links\Download\Youtube Converter\YouTubeDownloaderSetup256.exe"
sh=F60E07969E6004CADA706EEF475EDABB30D8D860 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\7da8b4.msi"
sh=29C55C3C13BAFD8C4C36DCD4383FF167B27B48C1 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\9f48a9.msi"
sh=92F39EDA008C8BEBE32916AB0BB6F2DF63CA6CCF ft=1 fh=a028202372fc0896 vn="Win32/MCH potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\drivers\mchccinj.sys"
sh=92F39EDA008C8BEBE32916AB0BB6F2DF63CA6CCF ft=1 fh=a028202372fc0896 vn="Win32/MCH potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\drivers\mchccinj.sys"

SecurityCheck

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
F-Secure Client Security 9.32   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 F-Secure Client Security - AntiVirus & AntiSpy-Schutz 
 Secunia PSI (3.0.0.3001)   
 TuneUp Utilities 2012   
 TuneUp Utilities Language Pack (de-DE) 
 Java 7 Update 45  
 Java version out of Date! 
 Adobe Flash Player 13.0.0.214  
 Adobe Reader XI  
 Mozilla Firefox (29.0.1) 
 Google Chrome 34.0.1847.137  
 Google Chrome 35.0.1916.114  
````````Process Check: objlist.exe by Laurent````````  
 F-Secure Anti-Virus fsgk32st.exe  
 F-Secure Anti-Virus FSGK32.EXE  
 F-Secure Anti-Virus fssm32.exe  
 F-Secure Anti-Virus fsav32.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Frisches FRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 01
Ran by Daniel (administrator) on DANIEL-PC on 02-06-2014 16:00:19
Running from C:\Users\Daniel\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Device Control\fsdevcon64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSMA32.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
(BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSHDLL32.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 5\HelperService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
() C:\Program Files\USBLogon\usblonsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSHDLL64.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FNRB32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FIH32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSM32.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\THXCfg64.dll [17920 2009-10-15] (Creative Technology Ltd.)
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\EptMon64.dll [21504 2009-10-15] (Creative Technology Ltd.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [1454080 2006-12-28] (AVM Berlin)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\Common\FSM32.EXE [306928 2012-06-26] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure TNB] => C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe [1654512 2012-06-26] (F-Secure Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {1940599C-32B7-46B3-863C-8A626C042730} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Browsing Protection Class - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
BHO-x32: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll (LULU Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Perfect PDF 5 - {9DE41FB9-ACA7-4847-982B-D984042588FC} - C:\Program Files (x86)\soft Xpansion\Perfect PDF 5\PDF4ie.dll (soft Xpansion)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 2012\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} -  No File
Handler-x32: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - C:\Program Files (x86)\Common Files\BinarySense\hlAPP.dll (BinarySense, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.10 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Add to Amazon Wish List Button - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\amznUWL2@amazon.com.xpi [2012-04-09]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\ich@maltegoetz.de.xpi [2012-01-29]
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-29]
FF Extension: User Agent Switcher - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2012-03-12]
FF Extension: YouTube Unblocker - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\youtubeunblocker@unblocker.yt [2014-04-27]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{caad1213-7e0a-45dc-9a65-cd7859bf58d1}.xpi [2014-04-28]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-04-22]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{fd15878e-7528-438b-b493-6e17671d45b7}.xpi [2014-04-27]
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com [2012-10-14]
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 2012\pfplugin
FF Extension: Steganos Private Favorites - C:\Program Files (x86)\Steganos Privacy Suite 2012\pfplugin [2012-11-11]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 2012\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 2012\spmplugin3 [2012-11-11]
FF HKLM-x32\...\Firefox\Extensions: [fe_12.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_12.0
FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com [2012-10-14]
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext
FF Extension: Soda PDF 5 Converter For Firefox - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext [2013-03-10]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-16]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-16]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-16]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-16]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-16]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-16]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin)
R2 F-Secure Gatekeeper Handler Starter; C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe [220912 2012-06-26] (F-Secure Corporation)
R3 F-Secure Network Request Broker; C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE [188144 2012-06-26] (F-Secure Corporation)
R2 fsdevcon; C:\Program Files (x86)\F-Secure\Device Control\\fsdevcon64.exe [516848 2012-06-26] (F-Secure Corporation)
R2 FSMA; C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE [188144 2012-06-26] (F-Secure Corporation)
R3 FSORSPClient; C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [60352 2013-06-06] (F-Secure Corporation)
R2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [841544 2011-02-18] (BinarySense, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [1488136 2009-07-23] (Raxco Software, Inc.)
S3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1486600 2009-07-23] (Raxco Software, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
R2 Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1237856 2013-01-25] (LULU Software)
S2 Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [877920 2013-01-25] (LULU Software)
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2012-10-29] (Softwareentwicklung Remus - ArchiCrypt)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [160768 2009-07-13] (soft Xpansion)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software)
R2 USBLogonService; C:\Program Files\USBLogon\usblonsvc.exe [9216 2012-10-06] ()
S3 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe" Start=service [X]
S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X]

==================== Drivers (Whitelisted) ====================

R2 acedrv09; C:\Windows\system32\drivers\acedrv09.sys [294720 2010-06-14] (Protect Software GmbH)
R2 acehlp09; C:\Windows\system32\drivers\acehlp09.sys [195248 2010-06-14] (Protect Software GmbH)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S4 F-Secure Filter; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [41072 2012-06-26] ()
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [202176 2013-07-17] (F-Secure Corporation)
S4 F-Secure Recognizer; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [26352 2012-06-26] ()
U5 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-08-15] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R1 fsvista; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [14064 2012-06-26] ()
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
S3 StarOpen; No ImagePath
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2012-10-29] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-08] (TuneUp Software)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [53840 2011-03-03] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [528464 2011-03-03] (Paragon)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [33408 2012-10-14] ()
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-02 16:00 - 2014-06-02 16:00 - 00026567 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-06-02 16:00 - 2014-06-02 16:00 - 00000000 ____D () C:\Users\Daniel\Desktop\FRST-OlderVersion
2014-06-01 18:03 - 2014-06-01 18:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-01 18:01 - 2014-06-01 18:01 - 02347384 _____ (ESET) C:\Users\Daniel\Desktop\esetsmartinstaller_deu.exe
2014-06-01 18:01 - 2014-06-01 18:01 - 00854367 _____ () C:\Users\Daniel\Desktop\SecurityCheck.exe
2014-05-31 19:44 - 2014-05-31 19:45 - 00000000 ____D () C:\AdwCleaner
2014-05-31 19:44 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-31 19:19 - 2014-05-31 19:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-31 19:19 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-31 19:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-31 19:14 - 2014-05-31 19:15 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-05-31 19:14 - 2014-05-31 19:14 - 01327971 _____ () C:\Users\Daniel\Desktop\adwcleaner_3.211.exe
2014-05-31 19:13 - 2014-05-31 19:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-31 11:13 - 2014-05-31 19:46 - 00000866 _____ () C:\Windows\PFRO.log
2014-05-30 23:12 - 2014-05-30 23:12 - 00034837 _____ () C:\ComboFix.txt
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Gastkonto\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-30 23:03 - 2014-05-30 23:12 - 00000000 ____D () C:\ComboFix
2014-05-30 21:11 - 2014-05-30 23:12 - 00000000 ____D () C:\Qoobox
2014-05-30 21:11 - 2014-05-30 21:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-30 21:11 - 2014-05-30 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\zz
2014-05-30 21:11 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-30 21:11 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-30 21:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-30 21:10 - 2014-05-30 21:10 - 05203398 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2014-05-30 18:30 - 2014-05-30 18:30 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-05-30 18:24 - 2014-05-30 18:24 - 00380416 _____ () C:\Users\Daniel\Desktop\Gmer-19357.exe
2014-05-30 18:23 - 2014-06-02 16:00 - 02067456 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-05-30 18:13 - 2014-05-30 18:13 - 00050477 _____ () C:\Users\Daniel\Desktop\Defogger.exe
2014-05-29 16:51 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-29 16:35 - 2014-05-29 16:35 - 00000000 ____D () C:\Users\Daniel\Desktop\media
2014-05-29 16:34 - 2014-02-27 15:38 - 00245733 ____N () C:\Users\Daniel\Desktop\pass.pkpass
2014-05-29 16:31 - 2014-03-19 03:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-29 16:31 - 2014-03-19 03:27 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-29 16:29 - 2014-05-29 16:30 - 00000000 ____D () C:\Users\Daniel\Desktop\Audible
2014-05-29 12:57 - 2014-05-29 19:20 - 00000000 ____D () C:\Users\Daniel\Desktop\Archiv
2014-05-19 16:05 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-19 16:05 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-19 14:47 - 2014-05-30 18:17 - 00000000 ____D () C:\ProgramData\Deutsche Post AG
2014-05-19 14:47 - 2014-05-19 14:47 - 00000138 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-05-15 15:47 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 15:47 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 15:47 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 15:47 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 15:47 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 15:47 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 15:41 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:40 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:40 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:39 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:39 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:39 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:39 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:39 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:39 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:39 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:39 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:39 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:39 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:39 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:39 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:39 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 23:10 - 2014-05-09 23:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 21:48 - 2014-05-16 15:21 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== One Month Modified Files and Folders =======

2014-06-02 16:00 - 2014-06-02 16:00 - 00026567 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-06-02 16:00 - 2014-06-02 16:00 - 00000000 ____D () C:\Users\Daniel\Desktop\FRST-OlderVersion
2014-06-02 16:00 - 2014-05-30 18:23 - 02067456 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-06-02 16:00 - 2013-11-22 17:20 - 00000000 ____D () C:\FRST
2014-06-02 16:00 - 2010-06-05 11:42 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Temp
2014-06-02 15:54 - 2012-03-29 11:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-02 15:42 - 2013-11-16 13:09 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-02 15:28 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-02 15:28 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-02 15:24 - 2009-07-14 07:10 - 01613477 _____ () C:\Windows\WindowsUpdate.log
2014-06-02 15:21 - 2013-11-16 13:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-02 15:20 - 2013-11-02 20:32 - 00000542 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-06-02 15:20 - 2012-08-28 18:26 - 00152518 _____ () C:\Windows\setupact.log
2014-06-02 15:20 - 2011-11-12 20:27 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-02 15:20 - 2010-05-29 22:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-02 15:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-02 07:59 - 2010-06-05 19:56 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe
2014-06-02 07:50 - 2013-11-02 20:32 - 00003178 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-06-01 19:52 - 2013-11-27 16:39 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{263A6FA9-0919-4587-BE68-750D8D06BEB7}
2014-06-01 18:05 - 2009-07-14 19:58 - 00724128 _____ () C:\Windows\system32\perfh007.dat
2014-06-01 18:05 - 2009-07-14 19:58 - 00160482 _____ () C:\Windows\system32\perfc007.dat
2014-06-01 18:05 - 2009-07-14 07:13 - 01686146 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-01 18:03 - 2014-06-01 18:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-01 18:01 - 2014-06-01 18:01 - 02347384 _____ (ESET) C:\Users\Daniel\Desktop\esetsmartinstaller_deu.exe
2014-06-01 18:01 - 2014-06-01 18:01 - 00854367 _____ () C:\Users\Daniel\Desktop\SecurityCheck.exe
2014-06-01 14:53 - 2012-08-11 13:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-01 12:21 - 2013-05-22 17:49 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-05-31 19:46 - 2014-05-31 11:13 - 00000866 _____ () C:\Windows\PFRO.log
2014-05-31 19:45 - 2014-05-31 19:44 - 00000000 ____D () C:\AdwCleaner
2014-05-31 19:23 - 2014-05-31 19:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2012-10-15 17:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-31 19:16 - 2014-05-31 19:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-31 19:15 - 2014-05-31 19:14 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-05-31 19:14 - 2014-05-31 19:14 - 01327971 _____ () C:\Users\Daniel\Desktop\adwcleaner_3.211.exe
2014-05-30 23:12 - 2014-05-30 23:12 - 00034837 _____ () C:\ComboFix.txt
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Gastkonto\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:03 - 00000000 ____D () C:\ComboFix
2014-05-30 23:12 - 2014-05-30 21:11 - 00000000 ____D () C:\Qoobox
2014-05-30 23:10 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-30 21:34 - 2009-07-14 04:34 - 23855104 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-30 21:33 - 2009-07-14 04:34 - 103284736 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-30 21:33 - 2009-07-14 04:34 - 00786432 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-30 21:33 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-30 21:32 - 2013-11-02 20:09 - 00000000 ____D () C:\Windows\erdnt
2014-05-30 21:11 - 2014-05-30 21:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-30 21:11 - 2014-05-30 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\zz
2014-05-30 21:10 - 2014-05-30 21:10 - 05203398 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2014-05-30 21:07 - 2009-07-14 04:34 - 00102400 _____ () C:\Windows\system32\config\SAM.bak
2014-05-30 18:30 - 2014-05-30 18:30 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-05-30 18:30 - 2010-06-05 11:42 - 00000000 ____D () C:\Users\Daniel
2014-05-30 18:29 - 2012-12-25 19:41 - 00000000 ____D () C:\Users\Daniel\Documents\samsung
2014-05-30 18:27 - 2014-03-27 17:26 - 00000000 ____D () C:\ProgramData\Freemake
2014-05-30 18:27 - 2014-03-27 17:26 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-05-30 18:27 - 2010-10-31 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio & Video
2014-05-30 18:25 - 2012-12-25 19:41 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Samsung
2014-05-30 18:25 - 2012-12-25 18:51 - 00000000 ____D () C:\ProgramData\Samsung
2014-05-30 18:25 - 2012-12-25 18:51 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-30 18:25 - 2010-05-29 23:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-30 18:24 - 2014-05-30 18:24 - 00380416 _____ () C:\Users\Daniel\Desktop\Gmer-19357.exe
2014-05-30 18:17 - 2014-05-19 14:47 - 00000000 ____D () C:\ProgramData\Deutsche Post AG
2014-05-30 18:13 - 2014-05-30 18:13 - 00050477 _____ () C:\Users\Daniel\Desktop\Defogger.exe
2014-05-29 19:20 - 2014-05-29 12:57 - 00000000 ____D () C:\Users\Daniel\Desktop\Archiv
2014-05-29 16:35 - 2014-05-29 16:35 - 00000000 ____D () C:\Users\Daniel\Desktop\media
2014-05-29 16:30 - 2014-05-29 16:29 - 00000000 ____D () C:\Users\Daniel\Desktop\Audible
2014-05-23 22:38 - 2013-04-17 14:56 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2014-05-20 18:37 - 2012-01-28 20:33 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-05-19 16:06 - 2013-11-12 20:03 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NVIDIA Corporation
2014-05-19 16:06 - 2013-09-13 17:18 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-19 16:05 - 2011-04-05 13:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-19 14:47 - 2014-05-19 14:47 - 00000138 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-05-18 19:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 15:23 - 2012-07-27 12:20 - 00000680 __RSH () C:\Users\Daniel\ntuser.pol
2014-05-16 15:23 - 2010-06-06 21:15 - 00000000 ___RD () C:\Users\Daniel\Virtual Machines
2014-05-16 15:21 - 2014-05-06 21:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 15:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 15:47 - 2012-03-23 16:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 15:46 - 2013-07-19 11:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 15:44 - 2010-06-05 20:31 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 21:56 - 2012-03-29 11:48 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 21:56 - 2012-03-29 11:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 21:56 - 2011-05-13 14:05 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-12 07:57 - 2012-10-22 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 07:26 - 2014-05-31 19:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-31 19:19 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-31 19:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 23:10 - 2014-05-09 23:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-15 15:40 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 15:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 23:37 - 2013-11-16 13:09 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 23:37 - 2013-11-16 13:09 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 17:42 - 2014-05-29 16:51 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-06 06:40 - 2014-05-15 15:47 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 15:47 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 15:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

Files to move or delete:
====================
C:\Users\Daniel\setup.exe


Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-01 21:38

==================== End Of Log ============================

--- --- ---

Ehrlich gesagt, habe ich noch nicht wirklich das Gefühl, dass der Rechner wieder schneller läuft. Alles noch sehr schleppend und auch grade Firefox und Programme generell brauchen sehr lange, bis sie sich öffnen. Hängt sich auch noch relativ schnell auf

Liebe Grüße und vielen Dank,
Daniel

schrauber · 03.06.2014, 10:16

Java updatne.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\Daniel\AppData\Local\TempImages
C:\Windows\Installer\7da8b4.msi
C:\Windows\Installer\9f48a9.msi
C:\Windows\System32\drivers\mchccinj.sys
C:\Windows\SysWOW64\drivers\mchccinj.sys

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).

daniel_4 · 03.06.2014, 15:08

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014
Ran by Daniel at 2014-06-03 16:06:08 Run:1
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Daniel\AppData\Local\TempImages
C:\Windows\Installer\7da8b4.msi
C:\Windows\Installer\9f48a9.msi
C:\Windows\System32\drivers\mchccinj.sys
C:\Windows\SysWOW64\drivers\mchccinj.sys
*****************

C:\Users\Daniel\AppData\Local\TempImages => Moved successfully.
C:\Windows\Installer\7da8b4.msi => Moved successfully.
C:\Windows\Installer\9f48a9.msi => Moved successfully.
"C:\Windows\System32\drivers\mchccinj.sys" => File/Directory not found.
C:\Windows\SysWOW64\drivers\mchccinj.sys => Moved successfully.

==== End of Fixlog ====

Der Downloadlink funktioniert nicht. Es kommt folgende Fehlermeldung:

Code:

ATTFilter

OutOfRangeInputOne of the request inputs is out of range.
RequestId:63394476-bbc9-462d-9bdb-b5bcc8bb190c
Time:2014-06-03T14:05:48.9637627Z

Hättest Du vielleicht noch einen anderen für mich, dann installiere ich das Programm gerne und schaue mal nach, was da los ist. Aber Du bist dir schon mal sicher, dass Viren oder evtl. Trojaner von meinem Rechner verschwunden sind?

Viele Grüße,
Daniel

schrauber · 04.06.2014, 09:35

Poste bitte nochmal nen frisches FRST log.

ProcessExplorer:
Process Explorer

daniel_4 · 04.06.2014, 15:14

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Daniel (administrator) on DANIEL-PC on 04-06-2014 16:10:46
Running from C:\Users\Daniel\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Device Control\fsdevcon64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSMA32.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSHDLL32.EXE
(BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
(BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 5\HelperService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
() C:\Program Files\USBLogon\usblonsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSHDLL64.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FNRB32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FIH32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSM32.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\THXCfg64.dll [17920 2009-10-15] (Creative Technology Ltd.)
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\EptMon64.dll [21504 2009-10-15] (Creative Technology Ltd.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [1454080 2006-12-28] (AVM Berlin)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\Common\FSM32.EXE [306928 2012-06-26] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure TNB] => C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe [1654512 2012-06-26] (F-Secure Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2679092377-2185092980-2786416117-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs-x32:  => "" File Not Found
IFEO\taskmgr.exe: [Debugger] "C:\USERS\DANIEL\DESKTOP\PROCESSEXPLORER\PROCEXP.EXE"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {1940599C-32B7-46B3-863C-8A626C042730} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Browsing Protection Class - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
BHO-x32: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll (LULU Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Perfect PDF 5 - {9DE41FB9-ACA7-4847-982B-D984042588FC} - C:\Program Files (x86)\soft Xpansion\Perfect PDF 5\PDF4ie.dll (soft Xpansion)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 2012\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} -  No File
Handler-x32: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - C:\Program Files (x86)\Common Files\BinarySense\hlAPP.dll (BinarySense, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.10 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Add to Amazon Wish List Button - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\amznUWL2@amazon.com.xpi [2012-04-09]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\ich@maltegoetz.de.xpi [2012-01-29]
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-29]
FF Extension: User Agent Switcher - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\smy83vqd.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2012-03-12]
FF Extension: YouTube Unblocker - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\youtubeunblocker@unblocker.yt [2014-04-27]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{caad1213-7e0a-45dc-9a65-cd7859bf58d1}.xpi [2014-04-28]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-04-22]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{fd15878e-7528-438b-b493-6e17671d45b7}.xpi [2014-04-27]
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com [2012-10-14]
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 2012\pfplugin
FF Extension: Steganos Private Favorites - C:\Program Files (x86)\Steganos Privacy Suite 2012\pfplugin [2012-11-11]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 2012\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 2012\spmplugin3 [2012-11-11]
FF HKLM-x32\...\Firefox\Extensions: [fe_12.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_12.0
FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com [2012-10-14]
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext
FF Extension: Soda PDF 5 Converter For Firefox - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext [2013-03-10]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-16]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-16]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-16]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-16]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-16]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-16]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin)
R2 F-Secure Gatekeeper Handler Starter; C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe [220912 2012-06-26] (F-Secure Corporation)
R3 F-Secure Network Request Broker; C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE [188144 2012-06-26] (F-Secure Corporation)
R2 fsdevcon; C:\Program Files (x86)\F-Secure\Device Control\\fsdevcon64.exe [516848 2012-06-26] (F-Secure Corporation)
R2 FSMA; C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE [188144 2012-06-26] (F-Secure Corporation)
R3 FSORSPClient; C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [60352 2013-06-06] (F-Secure Corporation)
R2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [841544 2011-02-18] (BinarySense, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [1488136 2009-07-23] (Raxco Software, Inc.)
S3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1486600 2009-07-23] (Raxco Software, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
R2 Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1237856 2013-01-25] (LULU Software)
S2 Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [877920 2013-01-25] (LULU Software)
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2012-10-29] (Softwareentwicklung Remus - ArchiCrypt)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [160768 2009-07-13] (soft Xpansion)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software)
R2 USBLogonService; C:\Program Files\USBLogon\usblonsvc.exe [9216 2012-10-06] ()
S3 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe" Start=service [X]
S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X]

==================== Drivers (Whitelisted) ====================

R2 acedrv09; C:\Windows\system32\drivers\acedrv09.sys [294720 2010-06-14] (Protect Software GmbH)
R2 acehlp09; C:\Windows\system32\drivers\acehlp09.sys [195248 2010-06-14] (Protect Software GmbH)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S4 F-Secure Filter; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [41072 2012-06-26] ()
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [202176 2013-07-17] (F-Secure Corporation)
S4 F-Secure Recognizer; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [26352 2012-06-26] ()
U5 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-08-15] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R1 fsvista; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [14064 2012-06-26] ()
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
S3 StarOpen; No ImagePath
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2012-10-29] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-08] (TuneUp Software)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [53840 2011-03-03] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [528464 2011-03-03] (Paragon)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [33408 2012-10-14] ()
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-04 16:10 - 2014-06-04 16:10 - 00027044 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-06-04 16:05 - 2014-06-04 16:05 - 01243655 _____ () C:\Users\Daniel\Desktop\ProcessExplorer.zip
2014-06-04 16:05 - 2014-06-04 16:05 - 00000000 ____D () C:\Users\Daniel\Desktop\ProcessExplorer
2014-06-03 18:21 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-03 18:20 - 2014-05-15 01:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-03 18:14 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-03 18:14 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-03 18:14 - 2014-05-20 04:44 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-06-03 17:09 - 2014-06-03 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-03 17:09 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-03 17:09 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-01 18:03 - 2014-06-01 18:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-01 18:01 - 2014-06-01 18:01 - 02347384 _____ (ESET) C:\Users\Daniel\Desktop\esetsmartinstaller_deu.exe
2014-06-01 18:01 - 2014-06-01 18:01 - 00854367 _____ () C:\Users\Daniel\Desktop\SecurityCheck.exe
2014-05-31 19:44 - 2014-05-31 19:45 - 00000000 ____D () C:\AdwCleaner
2014-05-31 19:44 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-31 19:19 - 2014-05-31 19:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-31 19:19 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-31 19:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-31 19:14 - 2014-05-31 19:15 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-05-31 19:14 - 2014-05-31 19:14 - 01327971 _____ () C:\Users\Daniel\Desktop\adwcleaner_3.211.exe
2014-05-31 19:13 - 2014-05-31 19:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-31 11:13 - 2014-06-04 15:40 - 00001214 _____ () C:\Windows\PFRO.log
2014-05-30 23:12 - 2014-05-30 23:12 - 00034837 _____ () C:\ComboFix.txt
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Gastkonto\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-30 23:03 - 2014-05-30 23:12 - 00000000 ____D () C:\ComboFix
2014-05-30 21:11 - 2014-06-03 17:14 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-30 21:11 - 2014-05-30 23:12 - 00000000 ____D () C:\Qoobox
2014-05-30 21:11 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-30 21:11 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-30 21:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-30 21:11 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-30 21:10 - 2014-05-30 21:10 - 05203398 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2014-05-30 18:30 - 2014-05-30 18:30 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-05-30 18:24 - 2014-05-30 18:24 - 00380416 _____ () C:\Users\Daniel\Desktop\Gmer-19357.exe
2014-05-30 18:23 - 2014-06-03 16:05 - 02068992 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-05-30 18:13 - 2014-05-30 18:13 - 00050477 _____ () C:\Users\Daniel\Desktop\Defogger.exe
2014-05-29 16:51 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-29 16:35 - 2014-05-29 16:35 - 00000000 ____D () C:\Users\Daniel\Desktop\media
2014-05-29 16:34 - 2014-02-27 15:38 - 00245733 ____N () C:\Users\Daniel\Desktop\pass.pkpass
2014-05-29 16:31 - 2014-03-19 03:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-29 16:31 - 2014-03-19 03:27 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-29 16:29 - 2014-05-29 16:30 - 00000000 ____D () C:\Users\Daniel\Desktop\Audible
2014-05-29 12:57 - 2014-05-29 19:20 - 00000000 ____D () C:\Users\Daniel\Desktop\Archiv
2014-05-19 16:05 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-19 16:05 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-19 14:47 - 2014-05-30 18:17 - 00000000 ____D () C:\ProgramData\Deutsche Post AG
2014-05-19 14:47 - 2014-05-19 14:47 - 00000138 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-05-15 15:47 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 15:47 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 15:47 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 15:47 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 15:47 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 15:47 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 15:41 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:40 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:40 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:39 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:39 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:39 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:39 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:39 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:39 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:39 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:39 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:39 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:39 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:39 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:39 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:39 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:39 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:39 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:39 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:39 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 23:10 - 2014-05-09 23:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 21:48 - 2014-05-16 15:21 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== One Month Modified Files and Folders =======

2014-06-04 16:11 - 2014-06-04 16:10 - 00027044 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-06-04 16:11 - 2010-06-05 11:42 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Temp
2014-06-04 16:10 - 2013-11-22 17:20 - 00000000 ____D () C:\FRST
2014-06-04 16:05 - 2014-06-04 16:05 - 01243655 _____ () C:\Users\Daniel\Desktop\ProcessExplorer.zip
2014-06-04 16:05 - 2014-06-04 16:05 - 00000000 ____D () C:\Users\Daniel\Desktop\ProcessExplorer
2014-06-04 15:55 - 2013-05-22 17:49 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-06-04 15:54 - 2012-03-29 11:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 15:50 - 2010-06-05 19:56 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe
2014-06-04 15:48 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 15:48 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 15:46 - 2009-07-14 07:10 - 01673904 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 15:45 - 2013-11-27 16:39 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{263A6FA9-0919-4587-BE68-750D8D06BEB7}
2014-06-04 15:42 - 2013-11-16 13:09 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-04 15:42 - 2013-11-16 13:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-04 15:41 - 2013-11-02 20:32 - 00003178 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-06-04 15:41 - 2013-11-02 20:32 - 00000542 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-06-04 15:40 - 2014-05-31 11:13 - 00001214 _____ () C:\Windows\PFRO.log
2014-06-04 15:40 - 2012-08-28 18:26 - 00153405 _____ () C:\Windows\setupact.log
2014-06-04 15:40 - 2011-11-12 20:27 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-04 15:40 - 2010-05-29 22:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-04 15:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-03 18:21 - 2011-04-05 13:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-03 18:15 - 2014-06-03 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-03 17:14 - 2014-05-30 21:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-03 17:08 - 2013-09-13 17:17 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-03 16:05 - 2014-05-30 18:23 - 02068992 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-06-01 18:05 - 2009-07-14 19:58 - 00724128 _____ () C:\Windows\system32\perfh007.dat
2014-06-01 18:05 - 2009-07-14 19:58 - 00160482 _____ () C:\Windows\system32\perfc007.dat
2014-06-01 18:05 - 2009-07-14 07:13 - 01686146 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-01 18:03 - 2014-06-01 18:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-01 18:01 - 2014-06-01 18:01 - 02347384 _____ (ESET) C:\Users\Daniel\Desktop\esetsmartinstaller_deu.exe
2014-06-01 18:01 - 2014-06-01 18:01 - 00854367 _____ () C:\Users\Daniel\Desktop\SecurityCheck.exe
2014-06-01 14:53 - 2012-08-11 13:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-31 19:45 - 2014-05-31 19:44 - 00000000 ____D () C:\AdwCleaner
2014-05-31 19:23 - 2014-05-31 19:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2014-05-31 19:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 19:19 - 2012-10-15 17:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-31 19:16 - 2014-05-31 19:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-31 19:15 - 2014-05-31 19:14 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-05-31 19:14 - 2014-05-31 19:14 - 01327971 _____ () C:\Users\Daniel\Desktop\adwcleaner_3.211.exe
2014-05-30 23:12 - 2014-05-30 23:12 - 00034837 _____ () C:\ComboFix.txt
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Gastkonto\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-30 23:12 - 2014-05-30 23:03 - 00000000 ____D () C:\ComboFix
2014-05-30 23:12 - 2014-05-30 21:11 - 00000000 ____D () C:\Qoobox
2014-05-30 23:10 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-30 21:34 - 2009-07-14 04:34 - 23855104 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-30 21:33 - 2009-07-14 04:34 - 103284736 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-30 21:33 - 2009-07-14 04:34 - 00786432 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-30 21:33 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-30 21:32 - 2013-11-02 20:09 - 00000000 ____D () C:\Windows\erdnt
2014-05-30 21:10 - 2014-05-30 21:10 - 05203398 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2014-05-30 21:07 - 2009-07-14 04:34 - 00102400 _____ () C:\Windows\system32\config\SAM.bak
2014-05-30 18:30 - 2014-05-30 18:30 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-05-30 18:30 - 2010-06-05 11:42 - 00000000 ____D () C:\Users\Daniel
2014-05-30 18:29 - 2012-12-25 19:41 - 00000000 ____D () C:\Users\Daniel\Documents\samsung
2014-05-30 18:27 - 2014-03-27 17:26 - 00000000 ____D () C:\ProgramData\Freemake
2014-05-30 18:27 - 2014-03-27 17:26 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-05-30 18:27 - 2010-10-31 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio & Video
2014-05-30 18:25 - 2012-12-25 19:41 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Samsung
2014-05-30 18:25 - 2012-12-25 18:51 - 00000000 ____D () C:\ProgramData\Samsung
2014-05-30 18:25 - 2012-12-25 18:51 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-30 18:25 - 2010-05-29 23:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-30 18:24 - 2014-05-30 18:24 - 00380416 _____ () C:\Users\Daniel\Desktop\Gmer-19357.exe
2014-05-30 18:17 - 2014-05-19 14:47 - 00000000 ____D () C:\ProgramData\Deutsche Post AG
2014-05-30 18:13 - 2014-05-30 18:13 - 00050477 _____ () C:\Users\Daniel\Desktop\Defogger.exe
2014-05-30 01:07 - 2014-06-03 17:09 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-05-30 01:07 - 2014-06-03 17:09 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-05-30 01:07 - 2013-11-03 14:11 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-30 01:07 - 2013-11-03 14:11 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-05-29 19:20 - 2014-05-29 12:57 - 00000000 ____D () C:\Users\Daniel\Desktop\Archiv
2014-05-29 16:35 - 2014-05-29 16:35 - 00000000 ____D () C:\Users\Daniel\Desktop\media
2014-05-29 16:30 - 2014-05-29 16:29 - 00000000 ____D () C:\Users\Daniel\Desktop\Audible
2014-05-23 22:38 - 2013-04-17 14:56 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2014-05-20 18:37 - 2012-01-28 20:33 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-05-20 04:44 - 2014-06-03 18:14 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-06-03 18:14 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-06-03 18:14 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 04:44 - 2014-03-26 21:08 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2013-11-03 12:42 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-05-20 04:44 - 2013-11-03 12:42 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-05-20 04:44 - 2013-08-27 08:53 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2013-08-27 08:53 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2010-05-30 08:29 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2010-05-30 08:29 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 03:25 - 2009-09-27 18:22 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2009-09-27 18:22 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2009-09-27 18:22 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2009-09-27 18:22 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2009-09-27 18:22 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2009-09-27 18:22 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 01:10 - 2014-06-03 18:21 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-19 16:06 - 2013-11-12 20:03 - 00000000 ____D () C:\Users\Daniel\AppData\Local\NVIDIA Corporation
2014-05-19 16:06 - 2013-09-13 17:18 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-19 14:47 - 2014-05-19 14:47 - 00000138 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-05-18 19:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 15:23 - 2012-07-27 12:20 - 00000680 __RSH () C:\Users\Daniel\ntuser.pol
2014-05-16 15:23 - 2010-06-06 21:15 - 00000000 ___RD () C:\Users\Daniel\Virtual Machines
2014-05-16 15:21 - 2014-05-06 21:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 15:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 15:47 - 2012-03-23 16:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 15:46 - 2013-07-19 11:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 15:44 - 2010-06-05 20:31 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 01:49 - 2014-06-03 18:20 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-14 21:56 - 2012-03-29 11:48 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 21:56 - 2012-03-29 11:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 21:56 - 2011-05-13 14:05 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-12 07:57 - 2012-10-22 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 07:26 - 2014-05-31 19:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-31 19:19 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-31 19:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 23:10 - 2014-05-09 23:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-15 15:40 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 15:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 23:37 - 2013-11-16 13:09 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 23:37 - 2013-11-16 13:09 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 17:42 - 2014-05-29 16:51 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-06 06:40 - 2014-05-15 15:47 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 15:47 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 15:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

Files to move or delete:
====================
C:\Users\Daniel\setup.exe


Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Daniel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Daniel\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Daniel\AppData\Local\Temp\nvStInst.exe
C:\Users\Daniel\AppData\Local\Temp\nvstlink.exe
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-01 21:38

==================== End Of Log ============================

--- --- ---

Die Screenshots vom ProcessExplorer habe ich im Anhang - aber außer dem Systemprozess ist da ja nichts Großes, oder?

Grüße,
Daniel

schrauber · 05.06.2014, 12:29

How to perform a clean boot in Windows

mach bitte mal nen Clean Boot.

daniel_4 · 05.06.2014, 16:25

Also ist ein bisschen schwierig, da ja grundlegende Dienste wie Internet und Co. nicht aktiviert waren, aber man hat - zwar nicht mehr so deutlich wie vorher - noch ein bisschen gemerkt, dass es stockt.

Gruß,
Daniel

schrauber · 06.06.2014, 11:47

Trotz Clean Boot immer noch? Windows DVD da?

daniel_4 · 06.06.2014, 14:44

Also es war sehr schwer einzuschätzen, da ja Internet und sonstige Programme nicht ausgeführt worden sind. Ich würde sagen, es hat minimal gehakt.

Die CD müsste noch irgendwo rumliegen, ja. Habe sie auf jeden Fall nicht weggeschmissenn.

Habe auch heute früh meinen Rechner gestartet und da war alles okay - dann habe ich ihn jetzt gerade gestartet und plötzlich war mein Desktop-Hintergrund weg, nur noch ein schwarzes Bild da. Auch die Tastatur hängt extrem, wenn ich zu schnell was eintippe, kommt Windows gar nicht mehr hinterher das Wort/den Text so schnell anzuzeigen und hängt sich auf.

Grüße,
Daniel

04.06.2014, 09:35	#10
schrauber /// the machine /// TB-Ausbilder	Windows wird mit zunehmender Zeit immer langsamer Poste bitte nochmal nen frisches FRST log. ProcessExplorer: Process Explorer __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

05.06.2014, 12:29	#12
schrauber /// the machine /// TB-Ausbilder	Windows wird mit zunehmender Zeit immer langsamer How to perform a clean boot in Windows mach bitte mal nen Clean Boot. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

06.06.2014, 11:47	#14
schrauber /// the machine /// TB-Ausbilder	Windows wird mit zunehmender Zeit immer langsamer Trotz Clean Boot immer noch? Windows DVD da? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows wird mit zunehmender Zeit immer langsamer

Plagegeister aller Art und deren Bekämpfung: Windows wird mit zunehmender Zeit immer langsamer