File Parade bundle

Lara100 · 10.06.2014, 14:30

Guten Tag,
ich habe mal wieder was eingefangen.
Wenn ich in der Systemsteuerung auf deinstallieren gehe kommt untenstehende Anlage. Malwarebytes hat es scheinbar nicht gefunden.
Vielen Dank im Voraus Lara100

cosinus · 10.06.2014, 14:40

Hi,

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Lara100 · 10.06.2014, 18:53

Hallo Cosinus
Den File Parade habe ich seit dem 4.6. drauf. Am 4.6.habe ich den Scanner laufen lassen und die angefügten TXT gespeichert. In Quarantäne gestellt wurde einiges aber entfernt wurde der File Parade nicht, ob wohl es ja im Programm möglich wäre, wenn er nicht so viele Bedingungen stellen würde.
Ich habe dann seit dem 4.6.nicht mehr auf diesem PC gearbeitet und heute nach meiner Rückkehr mit Malwarebytes gescannt. 2 Zeilen kamen in die Quarantäne, aber der File
Parade ist beharrlich im Programm. Leider finde ich die Txt davon nicht mehr. Soll ich also den FRST 64 Bit neu installieren und laufen lassen?
Bitte beachte, dass ich Laie bin, weiblich und 84 Jahre, und habe manchmal Probleme mit den Fachausdrücken . Ich hoffe jedoch dass ich nach Deinen Anweisungen alles richtig
mache.
Vorerst vielen Dank und freundliche Grüße Lara100

Nachtrag:Ich habe den
Virenscanner Security essential und den Malwarebytes, der mir von Schrauber und M-K-D-B in einer anderen Sache empfohlen wurde. Alle dabei noch benutzten Scanner sind gelöscht.

cosinus · 10.06.2014, 21:38

Bitte poste alle Logfiles in CODE-Tags, wie oben beschrieben. Die Logsfiles von Malwarebytes findest im im Programm selbst unter Verlauf.

Lara100 · 11.06.2014, 09:53

Ich hatte die Logfiles unter Code gespeichert aber sie wurden wegen der Größe nicht weiter geleitet daher habe ich sie unter angehängte Dateien geschickt.
Die logfiles vom 10.6 finde ich nicht auch unter Verlauf, da steht nur die Quarantäne

cosinus · 11.06.2014, 10:28

Zitat:

Zitat von Lara100

Ich hatte die Logfiles unter Code gespeichert aber sie wurden wegen der Größe nicht weiter geleitet daher habe ich sie unter angehängte Dateien geschickt.
Die logfiles vom 10.6 finde ich nicht auch unter Verlauf, da steht nur die Quarantäne

Dazu hatte ich extra nen Lesestoff zu CODE-Tags gepostet...

("Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor ..." )

Zitat:

Zitat von Lara100

Die logfiles vom 10.6 finde ich nicht auch unter Verlauf, da steht nur die Quarantäne

Nee, eben nicht, das ist neben der Quarantäne auch der Bereich für die Anwendungsprotokolle. Folgender Screenshot beweist es

Lara100 · 11.06.2014, 11:01

Anbei ein Sceenhot für die Anwendungsprotokolle

cosinus · 11.06.2014, 11:20

Der Screenshot nutzt rein garnix. Du musst die Suchlauf-Protokolle schon öffnen und in den Inhalt hier posten

Lara100 · 11.06.2014, 13:17

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 10.06.2014
Suchlauf-Zeit: 13:25:59
Logdatei: 10.06. 15.04.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.10.03
Rootkit Datenbank: v2014.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: vollman

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 312924
Verstrichene Zeit: 17 Min, 24 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 2
PUP.Optional.Skytech.A, C:\Users\vollman\AppData\Roaming\sweet-page\UninstallManager.exe, In Quarantäne, [783a4d26ea912d09f0076621956c45bb],
PUP.Optional.Skytech.A, C:\Users\vollman\AppData\Local\Temp\5881814\5881814.zipDir\UninstallManager.exe, In Quarantäne, [e1d11b584b30c67035c28cfbe71a9769],

Physische Sektoren: 0
(No malicious items detected)

Das ist sicher auch nicht was Du sucht. Also lassen wir das.
In den Suchlaufprotokollen ist nichts mehr drin

cosinus · 11.06.2014, 13:35

Doch, genau solche Logfiles mit Funden wollte ich sehen. Jetzt fehlen nur noch die FRST-Logs. Und die bitte in CODE-Tags posten

Lara100 · 11.06.2014, 15:31

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 01
Ran by vollman (administrator) on VOLLMAN-PC on 11-06-2014 16:15:41
Running from C:\Users\vollman\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\DatacardService\DCService.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(www.rene-zeidler.de) C:\Users\vollman\Downloads\SnippingToolPlusv3-4-1-0\Snipping Tool Plus.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\RunOnce: [Uninstall C:\Users\vollman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\vollman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: J - J:\AutoRun.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {38435efe-de06-11e3-9823-0025115aff70} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\start.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {5de808e2-3385-11e1-9a67-0025115aff70} - J:\AutoRun.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {5de808f7-3385-11e1-9a67-0025115aff70} - J:\AutoRun.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {ce94eec5-8180-11e2-bd6e-0025115aff70} - K:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1401469955&from=cor&uid=3219913727_67194_F8C38D75&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=U218DHP&pc=U218
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11DEDE/WOL_WCP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1401469955&from=cor&uid=3219913727_67194_F8C38D75&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{37CAFACC-6286-44F4-85E9-F925D3472D29}: [NameServer]193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\vollman\AppData\Roaming\Mozilla\Firefox\Profiles\w75rmxdg.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-04-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "https://www.google.de/"
CHR DefaultSearchKeyword: arcor.de
CHR DefaultSearchProvider: arcor.de
CHR DefaultSearchURL: hxxp://www.arcor.de/content/arcor_search.jsp?scategorytype=portal&Keywords={searchTerms}&charencoding=utf-8
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-15]
CHR Extension: (Google Drive) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-15]
CHR Extension: (TV) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-04-15]
CHR Extension: (YouTube) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-15]
CHR Extension: (Google-Suche) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-15]
CHR Extension: (Google Wallet) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-12-14] (Macrovision Europe Ltd.) [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-05-29] ()
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-05-29] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)

==================== Drivers (Whitelisted) ====================

S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 cpuz134; \??\C:\Users\vollman\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-11 16:09 - 2014-06-11 16:15 - 00044181 _____ () C:\Users\vollman\Downloads\Addition.txt
2014-06-11 16:07 - 2014-06-11 16:15 - 00016540 _____ () C:\Users\vollman\Downloads\FRST.txt
2014-06-11 16:07 - 2014-06-11 16:15 - 00000000 ____D () C:\FRST
2014-06-11 16:06 - 2014-06-11 16:06 - 02081792 _____ (Farbar) C:\Users\vollman\Downloads\FRST64.exe
2014-06-11 14:37 - 2014-06-11 14:39 - 63320784 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-06-11 13:51 - 2014-06-11 14:06 - 00001437 _____ () C:\Users\vollman\Desktop\10.06. 15.04.txt
2014-06-06 11:19 - 2014-06-06 11:19 - 00000000 ____D () C:\Windows\de
2014-06-06 11:18 - 2014-06-06 11:18 - 00001317 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-06-06 11:17 - 2014-06-06 11:17 - 00001386 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-06-06 11:14 - 2014-06-06 11:14 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-06 11:09 - 2014-06-06 11:09 - 00000382 _____ () C:\Windows\DirectX.log
2014-06-04 21:46 - 2014-06-04 21:47 - 00000424 _____ () C:\DelFix.txt
2014-06-04 21:26 - 2014-06-11 10:12 - 00000560 _____ () C:\Windows\setupact.log
2014-06-04 21:26 - 2014-06-04 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 21:25 - 2014-06-11 10:12 - 00003986 _____ () C:\Windows\PFRO.log
2014-06-04 21:24 - 2014-06-11 14:39 - 00009789 _____ () C:\Windows\IE11_main.log
2014-06-04 21:22 - 2014-06-04 21:24 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\EIE11_DE-DE_WOL_WIN764.EXE
2014-06-04 08:53 - 2014-06-04 08:53 - 00081415 _____ () C:\Users\vollman\Desktop\4.06.14.txt
2014-06-04 08:53 - 2014-06-04 08:52 - 00197342 _____ () C:\Users\vollman\Desktop\XML.Xml
2014-06-03 16:25 - 2014-06-04 09:29 - 00000000 ____D () C:\Program Files\003
2014-06-02 16:06 - 2014-06-04 21:11 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-06-02 16:06 - 2014-06-02 16:06 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\ParetoLogic
2014-06-02 16:06 - 2014-06-02 16:06 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\DriverCure
2014-06-01 08:36 - 2014-06-01 08:42 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\Nicht bestätigt 401013.crdownload
2014-05-31 09:39 - 2014-05-31 09:39 - 00000000 ____D () C:\ProgramData\CDB
2014-05-31 09:38 - 2014-05-31 09:46 - 00000000 ____D () C:\rei
2014-05-31 09:37 - 2014-06-01 08:14 - 00000155 _____ () C:\Windows\Reimage.ini
2014-05-31 09:01 - 2014-05-31 09:04 - 00000000 ____D () C:\Users\vollman\Downloads\AdwCleaner_TSA343TIV
2014-05-31 09:00 - 2014-05-31 09:00 - 00000000 ____D () C:\Program Files (x86)\sweetpacks bundle uninstaller_AdwCleaner_1555515
2014-05-30 20:19 - 2014-05-30 20:19 - 00003256 _____ () C:\Windows\System32\Tasks\{87849BC2-ECCF-417B-BD61-1E3AC5D8C365}
2014-05-30 19:12 - 2014-06-10 14:59 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\sweet-page
2014-05-30 19:12 - 2014-05-30 20:34 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-05-30 19:12 - 2014-05-30 19:12 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\SupTab
2014-05-30 17:27 - 2014-05-30 17:27 - 00000000 ____D () C:\MFT 1863
2014-05-30 16:31 - 2014-06-04 21:24 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-05-30 14:08 - 2014-05-30 14:08 - 00003630 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f
2014-05-30 14:08 - 2014-05-30 14:08 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-05-30 14:08 - 2014-05-30 14:08 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-30 14:07 - 2014-05-30 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-30 14:07 - 2010-06-14 16:24 - 00361320 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5512.dll
2014-05-30 13:19 - 2014-05-30 13:19 - 00347816 _____ (Microsoft Corporation) C:\Users\vollman\Desktop\MicrosoftFixit.IEAddon.FISC.13324879527142381.1.1.Run.exe
2014-05-25 13:28 - 2014-06-11 10:15 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B1EEAAA6-FEE3-4BED-9929-14AC07232F92}
2014-05-24 12:00 - 2014-05-24 12:00 - 04996760 _____ (Systweak Inc ) C:\Users\vollman\Downloads\rcpsetupnewmarm1_newmarm1de_yas (1).exe
2014-05-21 19:41 - 2014-05-21 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2014-05-21 19:39 - 2014-05-21 19:39 - 00000071 _____ () C:\Windows\WinInit.Ini
2014-05-14 10:09 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 10:09 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 10:09 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 10:09 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 10:09 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 10:09 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 07:04 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 07:04 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 07:04 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 07:04 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 07:03 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 07:03 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 07:03 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 07:03 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 07:03 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 07:03 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 07:03 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 07:03 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 07:03 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 07:03 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 07:03 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 07:03 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 07:03 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 07:03 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 07:03 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 07:03 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 10:45 - 2014-05-13 10:46 - 00000193 _____ () C:\Users\vollman\Desktop\Fehlermeldung Nicht genügend Arbeitsspeicher, wenn Sie eine große Anzahl von Programmen ausführen.url
2014-05-13 07:32 - 2014-06-10 11:24 - 00000000 ____D () C:\Users\vollman\Documents\Outlook-Dateien
2014-05-12 18:41 - 2011-12-02 19:18 - 00733184 _____ (www.rene-zeidler.de) C:\Users\vollman\Downloads\Snipping Tool Plus.exe
2014-05-12 17:44 - 2014-05-12 17:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-12 10:07 - 2014-05-12 10:07 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 10:07 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-12 10:07 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-12 10:07 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

==================== One Month Modified Files and Folders =======

2014-06-11 16:15 - 2014-06-11 16:09 - 00044181 _____ () C:\Users\vollman\Downloads\Addition.txt
2014-06-11 16:15 - 2014-06-11 16:07 - 00016540 _____ () C:\Users\vollman\Downloads\FRST.txt
2014-06-11 16:15 - 2014-06-11 16:07 - 00000000 ____D () C:\FRST
2014-06-11 16:15 - 2014-04-09 13:29 - 00000000 ____D () C:\Users\vollman\AppData\Local\Temp
2014-06-11 16:14 - 2012-04-07 09:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-11 16:06 - 2014-06-11 16:06 - 02081792 _____ (Farbar) C:\Users\vollman\Downloads\FRST64.exe
2014-06-11 15:53 - 2011-12-14 23:03 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-11 15:20 - 2011-12-14 20:46 - 01277948 _____ () C:\Windows\WindowsUpdate.log
2014-06-11 14:39 - 2014-06-11 14:37 - 63320784 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-06-11 14:39 - 2014-06-04 21:24 - 00009789 _____ () C:\Windows\IE11_main.log
2014-06-11 14:10 - 2014-04-09 10:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 14:06 - 2014-06-11 13:51 - 00001437 _____ () C:\Users\vollman\Desktop\10.06. 15.04.txt
2014-06-11 12:01 - 2012-05-20 19:16 - 24873472 ___SH () C:\Users\vollman\Desktop\Thumbs.db
2014-06-11 10:19 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-11 10:19 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-11 10:15 - 2014-05-25 13:28 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B1EEAAA6-FEE3-4BED-9929-14AC07232F92}
2014-06-11 10:12 - 2014-06-04 21:26 - 00000560 _____ () C:\Windows\setupact.log
2014-06-11 10:12 - 2014-06-04 21:25 - 00003986 _____ () C:\Windows\PFRO.log
2014-06-11 10:12 - 2011-12-29 20:27 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-06-11 10:12 - 2011-12-14 23:03 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-11 10:12 - 2011-12-14 21:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-11 10:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-10 15:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Globalization
2014-06-10 14:59 - 2014-05-30 19:12 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\sweet-page
2014-06-10 11:24 - 2014-05-13 07:32 - 00000000 ____D () C:\Users\vollman\Documents\Outlook-Dateien
2014-06-06 11:19 - 2014-06-06 11:19 - 00000000 ____D () C:\Windows\de
2014-06-06 11:18 - 2014-06-06 11:18 - 00001317 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-06-06 11:18 - 2011-12-15 22:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-06 11:17 - 2014-06-06 11:17 - 00001386 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-06-06 11:16 - 2013-12-22 23:40 - 00001502 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-06-06 11:14 - 2014-06-06 11:14 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-06 11:14 - 2011-12-14 21:09 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-06 11:09 - 2014-06-06 11:09 - 00000382 _____ () C:\Windows\DirectX.log
2014-06-06 10:58 - 2011-12-15 22:36 - 00000000 ____D () C:\Users\vollman\AppData\Local\Windows Live
2014-06-06 10:46 - 2011-12-15 05:37 - 00717484 _____ () C:\Windows\system32\perfh007.dat
2014-06-06 10:46 - 2011-12-15 05:37 - 00155100 _____ () C:\Windows\system32\perfc007.dat
2014-06-06 10:46 - 2009-07-14 07:13 - 01657328 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 21:47 - 2014-06-04 21:46 - 00000424 _____ () C:\DelFix.txt
2014-06-04 21:26 - 2014-06-04 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 21:24 - 2014-06-04 21:22 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\EIE11_DE-DE_WOL_WIN764.EXE
2014-06-04 21:24 - 2014-05-30 16:31 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-04 21:11 - 2014-06-02 16:06 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-06-04 09:29 - 2014-06-03 16:25 - 00000000 ____D () C:\Program Files\003
2014-06-04 09:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SchCache
2014-06-04 08:53 - 2014-06-04 08:53 - 00081415 _____ () C:\Users\vollman\Desktop\4.06.14.txt
2014-06-04 08:52 - 2014-06-04 08:53 - 00197342 _____ () C:\Users\vollman\Desktop\XML.Xml
2014-06-04 08:52 - 2013-12-26 01:16 - 00000000 ____D () C:\Temp
2014-06-03 16:32 - 2014-05-07 06:34 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\systweak
2014-06-03 16:31 - 2011-12-14 21:00 - 00000000 ___RD () C:\Users\vollman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-03 16:01 - 2011-12-29 20:58 - 00034304 _____ () C:\Users\vollman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-02 19:14 - 2012-10-06 17:55 - 00510976 ___SH () C:\Users\vollman\Documents\Thumbs.db
2014-06-02 16:06 - 2014-06-02 16:06 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\ParetoLogic
2014-06-02 16:06 - 2014-06-02 16:06 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\DriverCure
2014-06-01 08:54 - 2009-08-18 03:51 - 00000000 ____D () C:\ProgramData\Google
2014-06-01 08:54 - 2009-08-18 03:51 - 00000000 ____D () C:\Program Files\Google
2014-06-01 08:54 - 2009-08-18 03:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-01 08:42 - 2014-06-01 08:36 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\Nicht bestätigt 401013.crdownload
2014-06-01 08:14 - 2014-05-31 09:37 - 00000155 _____ () C:\Windows\Reimage.ini
2014-05-31 13:33 - 2013-08-31 22:14 - 00000000 ____D () C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2014-05-31 13:13 - 2014-04-09 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-31 13:13 - 2014-04-09 10:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 09:52 - 2013-08-14 15:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-31 09:46 - 2014-05-31 09:38 - 00000000 ____D () C:\rei
2014-05-31 09:39 - 2014-05-31 09:39 - 00000000 ____D () C:\ProgramData\CDB
2014-05-31 09:04 - 2014-05-31 09:01 - 00000000 ____D () C:\Users\vollman\Downloads\AdwCleaner_TSA343TIV
2014-05-31 09:00 - 2014-05-31 09:00 - 00000000 ____D () C:\Program Files (x86)\sweetpacks bundle uninstaller_AdwCleaner_1555515
2014-05-31 00:55 - 2011-12-16 16:43 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-05-31 00:55 - 2011-12-16 07:15 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\HpUpdate
2014-05-30 22:10 - 2012-11-06 07:56 - 00000000 ____D () C:\Windows\Minidump
2014-05-30 22:10 - 2009-08-18 04:11 - 00000000 ____D () C:\Windows\Panther
2014-05-30 20:34 - 2014-05-30 19:12 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-05-30 20:19 - 2014-05-30 20:19 - 00003256 _____ () C:\Windows\System32\Tasks\{87849BC2-ECCF-417B-BD61-1E3AC5D8C365}
2014-05-30 19:49 - 2014-04-21 08:52 - 00000000 ____D () C:\ProgramData\WPM
2014-05-30 19:12 - 2014-05-30 19:12 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\SupTab
2014-05-30 17:44 - 2011-07-25 00:30 - 00000000 ____D () C:\Users\vollman\Desktop\Homepage Programme
2014-05-30 17:27 - 2014-05-30 17:27 - 00000000 ____D () C:\MFT 1863
2014-05-30 16:08 - 2011-12-14 21:16 - 00000000 ____D () C:\Users\vollman\AppData\Local\Microsoft Help
2014-05-30 14:08 - 2014-05-30 14:08 - 00003630 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f
2014-05-30 14:08 - 2014-05-30 14:08 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-05-30 14:08 - 2014-05-30 14:08 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-30 14:08 - 2014-05-30 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-30 14:08 - 2011-12-16 07:14 - 00000000 ____D () C:\Program Files (x86)\HP
2014-05-30 13:22 - 2011-12-14 22:55 - 00000000 ____D () C:\Users\vollman\AppData\Local\Google
2014-05-30 13:19 - 2014-05-30 13:19 - 00347816 _____ (Microsoft Corporation) C:\Users\vollman\Desktop\MicrosoftFixit.IEAddon.FISC.13324879527142381.1.1.Run.exe
2014-05-30 13:10 - 2009-08-18 03:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-05-25 16:02 - 2011-12-16 07:14 - 00000000 ____D () C:\ProgramData\HP
2014-05-25 15:54 - 2011-12-14 20:55 - 00000000 ____D () C:\Users\vollman
2014-05-25 15:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-25 15:09 - 2011-12-16 16:43 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-05-25 13:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-24 12:00 - 2014-05-24 12:00 - 04996760 _____ (Systweak Inc ) C:\Users\vollman\Downloads\rcpsetupnewmarm1_newmarm1de_yas (1).exe
2014-05-23 16:27 - 2011-12-15 10:20 - 00000000 __RHD () C:\MSOCache
2014-05-21 19:41 - 2014-05-21 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2014-05-21 19:39 - 2014-05-21 19:39 - 00000071 _____ () C:\Windows\WinInit.Ini
2014-05-19 22:12 - 2014-01-17 13:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-16 16:06 - 2014-05-06 20:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 16:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 16:05 - 2014-04-15 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-16 16:05 - 2011-12-29 16:13 - 00000000 ____D () C:\Users\vollman\AppData\Local\www.rene-zeidler.de
2014-05-16 16:05 - 2011-12-14 21:00 - 00000000 ___RD () C:\Users\vollman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 16:05 - 2009-08-18 03:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 20:14 - 2012-04-07 09:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 20:14 - 2012-04-07 09:16 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 20:14 - 2011-12-15 23:31 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 10:46 - 2014-05-13 10:45 - 00000193 _____ () C:\Users\vollman\Desktop\Fehlermeldung Nicht genügend Arbeitsspeicher, wenn Sie eine große Anzahl von Programmen ausführen.url
2014-05-13 07:29 - 2011-12-14 21:00 - 00000000 ____D () C:\Users\vollman\AppData\Local\VirtualStore
2014-05-12 17:44 - 2014-05-12 17:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-12 13:46 - 2012-03-30 16:46 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-05-12 12:05 - 2011-06-13 17:29 - 00000000 ____D () C:\Users\vollman\Desktop\Alle Ordner
2014-05-12 10:08 - 2013-10-28 18:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-12 10:07 - 2014-05-12 10:07 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 10:07 - 2012-09-14 14:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-12 07:26 - 2014-04-09 10:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-04-09 10:29 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-04-09 10:29 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Files to move or delete:
====================
C:\Users\vollman\Fixit50388.reg


Some content of TEMP:
====================
C:\Users\vollman\AppData\Local\Temp\BackupSetup.exe
C:\Users\vollman\AppData\Local\Temp\ICReinstall_InternetExplorer (1).exe
C:\Users\vollman\AppData\Local\Temp\ICReinstall_InternetExplorer.exe
C:\Users\vollman\AppData\Local\Temp\MSN89FC.exe
C:\Users\vollman\AppData\Local\Temp\nsuF8D2.tmp.exe
C:\Users\vollman\AppData\Local\Temp\ReimagePackage.exe
C:\Users\vollman\AppData\Local\Temp\sqlite3.exe
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite39585.dll
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite50118.dll
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite75899.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-09 16:27

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2014 01
Ran by vollman at 2014-06-11 16:14:46
Running from C:\Users\vollman\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acez All Audio Converter v3.0 (HKLM-x32\...\Acez All Audio Converter v3.0_is1) (Version: 3.0 - AcezSoft Inc.)
Acez Mp3 Wav Converter v3.0 (HKLM-x32\...\Acez Mp3 Wav Converter v3.0_is1) (Version: 3.0 - AcezSoft Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player Packages (HKCU\...\Adobe Flash Player Packages) (Version:  - ) <==== ATTENTION
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1.3 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
ezCoverMaker 3.1.0 (HKLM-x32\...\ezCoverMaker 3.1.0) (Version:  - )
FileParade bundle uninstaller (HKLM-x32\...\FileParade bundle uninstaller) (Version: 2.0.0.5 - FileParade) <==== ATTENTION
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotostory 3 für Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät (HKLM\...\{939D91BD-7C35-492A-A8B4-DE99939BD44F}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710a-f Hilfe (HKLM-x32\...\{958B08B0-C784-4A77-8D2B-C0A58F1E14B5}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217010F0}) (Version: 7.0.100 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader Download Manager Packages (HKCU\...\JDownloader Download Manager Packages) (Version:  - ) <==== ATTENTION
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.9.5 - Magical Jelly Bean)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marketsplash Schnellzugriffe (HKLM-x32\...\{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}) (Version: 1.0.0.9 - Hewlett-Packard)
Metaboli (HKLM-x32\...\Metaboli) (Version: 1.00.0006 - Packard Bell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (x32 Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Foto 2006 Suite Edition (HKLM-x32\...\PictureItSuite_v11) (Version: 11.0.0422 - Microsoft Corporation)
Microsoft Foto 2006 Suite Edition Bibliothek (x32 Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Foto 2006 Suite Edition Editor (x32 Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.002.03.03.511 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyTomTom 3.2.0.802 (HKLM-x32\...\MyTomTom) (Version: 3.2.0.802 - TomTom)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NVIDIA 3D Vision Controller-Treiber 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 295.73 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version:  - )
NVIDIA ForceWare Network Access Manager (Version: 1.00.7308 - NVIDIA Corporation) Hidden
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3002 - Acer Incorporated)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.02.3004 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0812 - Packard Bell Incorporated)
Packard Bell Software Suite SE (HKLM-x32\...\Packard Bell Software Suite SE) (Version: 2.01.3001 - Packard Bell)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Packard Bell)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Studie zur Verbesserung von HP Officejet 6500 E710a-f Produkten (HKLM\...\{A5C5CECF-648E-4263-B601-4D4CD3FCD11D}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
SWF Opener (HKLM-x32\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
TomTom HOME (HKLM-x32\...\{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}) (Version: 2.9.2 - Ihr Firmenname)
TomTom HOME 2.7.3.1894 (HKLM-x32\...\TomTom HOME) (Version: 2.7.3.1894 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 beta 12 - Ghisler Software GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.2160.11 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.179 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
ViewSonic Windows 7 x64 Signed Files (HKLM-x32\...\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}) (Version:  - )
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.00.3004 - Packard Bell)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

30-05-2014 16:33:49 Windows Update
31-05-2014 07:50:20 Windows Update
03-06-2014 13:36:05 Windows Update
06-06-2014 09:02:32 Windows Live Essentials
06-06-2014 09:08:57 DirectX wurde installiert
06-06-2014 09:10:04 DirectX wurde installiert
06-06-2014 09:11:18 DirectX wurde installiert
06-06-2014 09:13:16 WLSetup
09-06-2014 13:28:14 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00D68814-844A-42AB-9C05-99187D871824} - System32\Tasks\{ECD20DFD-913A-4D89-B900-1EBE44AC7F2E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {0D205EE3-5DEF-415C-8E62-40E7EC9EE4A9} - System32\Tasks\{9E96B213-4113-487A-A47B-4081220D0578} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {0FDA924E-3A4A-48D4-A0BD-27B744F99FAD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1FE6D328-D9DD-4867-B4A4-4053BA79DC2E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {2D80A978-B9A0-46D8-A09C-D0E7EA2927EB} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {2D9DB01F-29AD-4CF8-9339-998944F91EDA} - System32\Tasks\{0525D9D0-C16A-4840-A60C-1C8CAD63B760} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {2FCA18E6-7B49-463E-9A81-686C59B258EB} - System32\Tasks\{619A8061-4EC8-458F-935D-F114884A276B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {300D254A-AFDB-4801-ABDA-1955E7DB904A} - System32\Tasks\{E2B32E8B-1643-4638-BDD4-1AAEEC468539} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {377A0FE2-D280-4738-B917-74C25380C09F} - System32\Tasks\{00352ED0-98FD-4FAC-BEC7-8A6A922472B0} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.6.0.106&amp;LastError=404
Task: {3B5FB3B8-2469-4C63-A4FB-C4F5A89BAE80} - System32\Tasks\{5906329A-A7D5-4527-AD32-6BCAD320E339} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {40399B12-0B72-4E21-9F4E-C24DC7C87D45} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14] (Google Inc.)
Task: {4CC23FD3-33C1-44B2-B50A-8FDE33BE1137} - System32\Tasks\{40F60CFD-1253-4948-A7A8-ABE69D3BFB51} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {4D8CE891-8A9A-4681-A629-C6677D0E0AE8} - System32\Tasks\{3DB3B9BC-E8A3-49CA-BD70-50F02011FA6C} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)
Task: {577A8793-B331-48B2-957A-1DE4AF03A705} - System32\Tasks\{4F1D47BC-95DB-48A7-95AE-56297C5B93E0} => C:\Program Files (x86)\Microsoft Digital Image 2006\pi.exe [2005-04-22] (Microsoft Corporation)
Task: {65258954-2E2E-43A3-A305-DA6A1C6C8D5A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14] (Google Inc.)
Task: {680324EA-2E00-4ED0-A988-11F948576793} - System32\Tasks\FF Watcher {CE488589-6773-4EBC-A50C-E3568DC9C933} => C:\Program Files\V-bates\PrefHelper.exe
Task: {6A7933DA-EBE6-4547-95EB-FC51FC08760E} - System32\Tasks\{8AFC85A2-C21A-45CF-AFE8-F45EE2913E36} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)
Task: {83DF054A-F3D9-42FF-982D-9F77D1931702} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {85172785-8D8D-4F00-9804-9D488202B01B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {A3199CF2-4798-4AD2-941E-A3D599E3392F} - System32\Tasks\{D379EDCA-EAA4-4E16-A8A4-9EFBCEE41D84} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {AF349124-4D9C-4387-BFDB-F851F1369E1C} - System32\Tasks\{EBBB34EB-E7DD-4AD2-81D2-938C0B2C2F4C} => C:\Program Files (x86)\Microsoft Digital Image 2006\pi.exe [2005-04-22] (Microsoft Corporation)
Task: {B5AF72BC-C74D-4328-BC56-87B875CD5791} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12] (Hewlett-Packard)
Task: {BCD21CF0-1FC0-4A0F-B6D2-2183645EDC4C} - System32\Tasks\{86F33D0B-B59B-41C4-97D3-4A7021E8FFEB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {BE36AB74-F587-44DD-8059-EB3048CD3D36} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {C9CCDCDC-BD44-432F-9E50-A98EC170F490} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {D86C09D9-642A-4DA9-A99B-337D142D252E} - System32\Tasks\{1F462F4D-477B-4986-99E5-A0B6F7B1D674} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {D9692980-4BA3-4D4D-B683-08286BB2A0B0} - System32\Tasks\{FF3FF35D-D81C-4052-A368-6E1E17ADD4D3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {DFAB87C0-CC92-430D-88F8-616DCAE9BC5D} - System32\Tasks\{95772DE5-90C2-4ADE-BB9F-E05381569DBA} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)
Task: {E63454E8-EA82-4B4E-95F7-5EBD1B6BF43C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)
Task: {FFE4D4F9-597F-48BF-96F8-59E779D4E72E} - System32\Tasks\{2C316ABD-A941-4FA4-B2A9-7046CEA58B4F} => Chrome.exe 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-03-06 02:01 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-05-08 13:48 - 2010-05-08 13:48 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2014-04-15 15:59 - 2014-04-15 15:59 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2009-05-29 22:22 - 2009-05-29 22:22 - 00625184 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-05-29 22:21 - 2009-05-29 22:21 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-05-29 22:22 - 2009-05-29 22:22 - 00578080 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2009-05-29 22:22 - 2009-05-29 22:22 - 00207904 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-10-14 14:36 - 2009-10-14 14:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 14:34 - 2009-10-14 14:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-24 06:55 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-24 06:55 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-24 06:55 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-24 06:55 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-24 06:55 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\WinRE{33875bcb0-c571-4ac4-9d2d-87796275a886}:$WIMMOUNTDATA

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============

HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\vollman\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/06/2014 10:59:06 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8007000e) festgestellt.

Error: (06/04/2014 10:18:36 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.


Details:
	Nicht genügend Systemressourcen, um den angeforderten Dienst auszuführen.  (HRESULT : 0x800705aa) (0x800705aa)

Error: (06/04/2014 10:13:03 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.


Details:
	Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  (HRESULT : 0x800705b4) (0x800705b4)

Error: (06/04/2014 10:08:54 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Der Filterhostprozess kann nicht initialisiert werden. Der Vorgang wird abgebrochen.


Details:
	Für diesen Befehl ist nicht genügend Speicher verfügbar.  (HRESULT : 0x80070008) (0x80070008)

Error: (06/04/2014 09:27:36 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1580234929-1931705971-1294809382-1000}/">.

Error: (06/04/2014 09:26:58 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 09:26:58 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 09:26:58 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 09:26:58 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (06/04/2014 09:26:58 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (06/11/2014 10:14:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (06/11/2014 10:14:29 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (06/11/2014 10:12:39 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: 0x80070422

Error: (06/11/2014 10:12:39 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: 0x80070422

Error: (06/10/2014 03:03:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (06/10/2014 03:03:21 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (06/10/2014 03:01:35 PM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: 0x80070422

Error: (06/10/2014 03:01:35 PM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: 0x80070422

Error: (06/10/2014 10:16:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (06/10/2014 10:16:23 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (06/06/2014 10:59:06 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8007000e

Error: (06/04/2014 10:18:36 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: 
Details:
	Nicht genügend Systemressourcen, um den angeforderten Dienst auszuführen.  (HRESULT : 0x800705aa) (0x800705aa)

Error: (06/04/2014 10:13:03 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: 
Details:
	Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  (HRESULT : 0x800705b4) (0x800705b4)

Error: (06/04/2014 10:08:54 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: 
Details:
	Für diesen Befehl ist nicht genügend Speicher verfügbar.  (HRESULT : 0x80070008) (0x80070008)

Error: (06/04/2014 09:27:36 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-1580234929-1931705971-1294809382-1000}/

Error: (06/04/2014 09:26:58 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 09:26:58 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 09:26:58 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 09:26:58 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (06/04/2014 09:26:58 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore


CodeIntegrity Errors:
===================================
  Date: 2014-03-01 14:34:26.047
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-01 14:34:26.016
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-01 14:34:26.001
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-01 14:34:25.969
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 4095.24 MB
Available physical RAM: 2883.25 MB
Total Pagefile: 10175.42 MB
Available Pagefile: 8283.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:284.48 GB) (Free:208.1 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATEN) (Fixed) (Total:166.19 GB) (Free:148 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1B9E7A23)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=284 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=166 GB) - (Type=OF Extended)

cosinus · 11.06.2014, 15:48

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lara100 · 11.06.2014, 16:43

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 01
Ran by vollman (administrator) on VOLLMAN-PC on 11-06-2014 16:48:39
Running from C:\Users\vollman\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\DatacardService\DCService.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(www.rene-zeidler.de) C:\Users\vollman\Downloads\SnippingToolPlusv3-4-1-0\Snipping Tool Plus.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\RunOnce: [Uninstall C:\Users\vollman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\vollman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: J - J:\AutoRun.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {38435efe-de06-11e3-9823-0025115aff70} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\start.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {5de808e2-3385-11e1-9a67-0025115aff70} - J:\AutoRun.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {5de808f7-3385-11e1-9a67-0025115aff70} - J:\AutoRun.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {ce94eec5-8180-11e2-bd6e-0025115aff70} - K:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1401469955&from=cor&uid=3219913727_67194_F8C38D75&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=U218DHP&pc=U218
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11DEDE/WOL_WCP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1401469955&from=cor&uid=3219913727_67194_F8C38D75&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{37CAFACC-6286-44F4-85E9-F925D3472D29}: [NameServer]193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\vollman\AppData\Roaming\Mozilla\Firefox\Profiles\w75rmxdg.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-04-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "https://www.google.de/"
CHR DefaultSearchKeyword: arcor.de
CHR DefaultSearchProvider: arcor.de
CHR DefaultSearchURL: hxxp://www.arcor.de/content/arcor_search.jsp?scategorytype=portal&Keywords={searchTerms}&charencoding=utf-8
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-15]
CHR Extension: (Google Drive) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-15]
CHR Extension: (TV) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-04-15]
CHR Extension: (YouTube) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-15]
CHR Extension: (Google-Suche) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-15]
CHR Extension: (Google Wallet) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-12-14] (Macrovision Europe Ltd.) [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-05-29] ()
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-05-29] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)

==================== Drivers (Whitelisted) ====================

S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 cpuz134; \??\C:\Users\vollman\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-11 16:09 - 2014-06-11 16:25 - 00044180 _____ () C:\Users\vollman\Downloads\Addition.txt
2014-06-11 16:07 - 2014-06-11 16:48 - 00016657 _____ () C:\Users\vollman\Downloads\FRST.txt
2014-06-11 16:07 - 2014-06-11 16:48 - 00000000 ____D () C:\FRST
2014-06-11 16:06 - 2014-06-11 16:06 - 02081792 _____ (Farbar) C:\Users\vollman\Downloads\FRST64.exe
2014-06-11 14:37 - 2014-06-11 14:39 - 63320784 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-06-11 13:51 - 2014-06-11 14:06 - 00001437 _____ () C:\Users\vollman\Desktop\10.06. 15.04.txt
2014-06-06 11:19 - 2014-06-06 11:19 - 00000000 ____D () C:\Windows\de
2014-06-06 11:18 - 2014-06-06 11:18 - 00001317 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-06-06 11:17 - 2014-06-06 11:17 - 00001386 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-06-06 11:14 - 2014-06-06 11:14 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-06 11:09 - 2014-06-06 11:09 - 00000382 _____ () C:\Windows\DirectX.log
2014-06-04 21:46 - 2014-06-04 21:47 - 00000424 _____ () C:\DelFix.txt
2014-06-04 21:26 - 2014-06-11 10:12 - 00000560 _____ () C:\Windows\setupact.log
2014-06-04 21:26 - 2014-06-04 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 21:25 - 2014-06-11 10:12 - 00003986 _____ () C:\Windows\PFRO.log
2014-06-04 21:24 - 2014-06-11 14:39 - 00009789 _____ () C:\Windows\IE11_main.log
2014-06-04 21:22 - 2014-06-04 21:24 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\EIE11_DE-DE_WOL_WIN764.EXE
2014-06-04 08:53 - 2014-06-04 08:53 - 00081415 _____ () C:\Users\vollman\Desktop\4.06.14.txt
2014-06-04 08:53 - 2014-06-04 08:52 - 00197342 _____ () C:\Users\vollman\Desktop\XML.Xml
2014-06-03 16:25 - 2014-06-04 09:29 - 00000000 ____D () C:\Program Files\003
2014-06-02 16:06 - 2014-06-04 21:11 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-06-02 16:06 - 2014-06-02 16:06 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\ParetoLogic
2014-06-02 16:06 - 2014-06-02 16:06 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\DriverCure
2014-06-01 08:36 - 2014-06-01 08:42 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\Nicht bestätigt 401013.crdownload
2014-05-31 09:39 - 2014-05-31 09:39 - 00000000 ____D () C:\ProgramData\CDB
2014-05-31 09:38 - 2014-05-31 09:46 - 00000000 ____D () C:\rei
2014-05-31 09:37 - 2014-06-01 08:14 - 00000155 _____ () C:\Windows\Reimage.ini
2014-05-31 09:01 - 2014-05-31 09:04 - 00000000 ____D () C:\Users\vollman\Downloads\AdwCleaner_TSA343TIV
2014-05-31 09:00 - 2014-05-31 09:00 - 00000000 ____D () C:\Program Files (x86)\sweetpacks bundle uninstaller_AdwCleaner_1555515
2014-05-30 20:19 - 2014-05-30 20:19 - 00003256 _____ () C:\Windows\System32\Tasks\{87849BC2-ECCF-417B-BD61-1E3AC5D8C365}
2014-05-30 19:12 - 2014-06-10 14:59 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\sweet-page
2014-05-30 19:12 - 2014-05-30 20:34 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-05-30 19:12 - 2014-05-30 19:12 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\SupTab
2014-05-30 17:27 - 2014-05-30 17:27 - 00000000 ____D () C:\MFT 1863
2014-05-30 16:31 - 2014-06-04 21:24 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-05-30 14:08 - 2014-05-30 14:08 - 00003630 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f
2014-05-30 14:08 - 2014-05-30 14:08 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-05-30 14:08 - 2014-05-30 14:08 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-30 14:07 - 2014-05-30 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-30 14:07 - 2010-06-14 16:24 - 00361320 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5512.dll
2014-05-30 13:19 - 2014-05-30 13:19 - 00347816 _____ (Microsoft Corporation) C:\Users\vollman\Desktop\MicrosoftFixit.IEAddon.FISC.13324879527142381.1.1.Run.exe
2014-05-25 13:28 - 2014-06-11 16:42 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B1EEAAA6-FEE3-4BED-9929-14AC07232F92}
2014-05-24 12:00 - 2014-05-24 12:00 - 04996760 _____ (Systweak Inc ) C:\Users\vollman\Downloads\rcpsetupnewmarm1_newmarm1de_yas (1).exe
2014-05-21 19:41 - 2014-05-21 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2014-05-21 19:39 - 2014-05-21 19:39 - 00000071 _____ () C:\Windows\WinInit.Ini
2014-05-14 10:09 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 10:09 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 10:09 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 10:09 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 10:09 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 10:09 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 07:04 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 07:04 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 07:04 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 07:04 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 07:03 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 07:03 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 07:03 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 07:03 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 07:03 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 07:03 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 07:03 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 07:03 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 07:03 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 07:03 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 07:03 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 07:03 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 07:03 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 07:03 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 07:03 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 07:03 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 10:45 - 2014-05-13 10:46 - 00000193 _____ () C:\Users\vollman\Desktop\Fehlermeldung Nicht genügend Arbeitsspeicher, wenn Sie eine große Anzahl von Programmen ausführen.url
2014-05-13 07:32 - 2014-06-10 11:24 - 00000000 ____D () C:\Users\vollman\Documents\Outlook-Dateien
2014-05-12 18:41 - 2011-12-02 19:18 - 00733184 _____ (www.rene-zeidler.de) C:\Users\vollman\Downloads\Snipping Tool Plus.exe
2014-05-12 17:44 - 2014-05-12 17:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-12 10:07 - 2014-05-12 10:07 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 10:07 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-12 10:07 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-12 10:07 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

==================== One Month Modified Files and Folders =======

2014-06-11 16:48 - 2014-06-11 16:07 - 00016657 _____ () C:\Users\vollman\Downloads\FRST.txt
2014-06-11 16:48 - 2014-06-11 16:07 - 00000000 ____D () C:\FRST
2014-06-11 16:48 - 2014-04-09 13:29 - 00000000 ____D () C:\Users\vollman\AppData\Local\Temp
2014-06-11 16:42 - 2014-05-25 13:28 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B1EEAAA6-FEE3-4BED-9929-14AC07232F92}
2014-06-11 16:25 - 2014-06-11 16:09 - 00044180 _____ () C:\Users\vollman\Downloads\Addition.txt
2014-06-11 16:25 - 2011-12-14 20:46 - 01286394 _____ () C:\Windows\WindowsUpdate.log
2014-06-11 16:14 - 2012-04-07 09:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-11 16:06 - 2014-06-11 16:06 - 02081792 _____ (Farbar) C:\Users\vollman\Downloads\FRST64.exe
2014-06-11 15:53 - 2011-12-14 23:03 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-11 14:39 - 2014-06-11 14:37 - 63320784 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-06-11 14:39 - 2014-06-04 21:24 - 00009789 _____ () C:\Windows\IE11_main.log
2014-06-11 14:10 - 2014-04-09 10:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 14:06 - 2014-06-11 13:51 - 00001437 _____ () C:\Users\vollman\Desktop\10.06. 15.04.txt
2014-06-11 12:01 - 2012-05-20 19:16 - 24873472 ___SH () C:\Users\vollman\Desktop\Thumbs.db
2014-06-11 10:19 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-11 10:19 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-11 10:12 - 2014-06-04 21:26 - 00000560 _____ () C:\Windows\setupact.log
2014-06-11 10:12 - 2014-06-04 21:25 - 00003986 _____ () C:\Windows\PFRO.log
2014-06-11 10:12 - 2011-12-29 20:27 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-06-11 10:12 - 2011-12-14 23:03 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-11 10:12 - 2011-12-14 21:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-11 10:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-10 15:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Globalization
2014-06-10 14:59 - 2014-05-30 19:12 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\sweet-page
2014-06-10 11:24 - 2014-05-13 07:32 - 00000000 ____D () C:\Users\vollman\Documents\Outlook-Dateien
2014-06-06 11:19 - 2014-06-06 11:19 - 00000000 ____D () C:\Windows\de
2014-06-06 11:18 - 2014-06-06 11:18 - 00001317 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-06-06 11:18 - 2011-12-15 22:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-06 11:17 - 2014-06-06 11:17 - 00001386 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-06-06 11:16 - 2013-12-22 23:40 - 00001502 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-06-06 11:14 - 2014-06-06 11:14 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-06 11:14 - 2011-12-14 21:09 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-06 11:09 - 2014-06-06 11:09 - 00000382 _____ () C:\Windows\DirectX.log
2014-06-06 10:58 - 2011-12-15 22:36 - 00000000 ____D () C:\Users\vollman\AppData\Local\Windows Live
2014-06-06 10:46 - 2011-12-15 05:37 - 00717484 _____ () C:\Windows\system32\perfh007.dat
2014-06-06 10:46 - 2011-12-15 05:37 - 00155100 _____ () C:\Windows\system32\perfc007.dat
2014-06-06 10:46 - 2009-07-14 07:13 - 01657328 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 21:47 - 2014-06-04 21:46 - 00000424 _____ () C:\DelFix.txt
2014-06-04 21:26 - 2014-06-04 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 21:24 - 2014-06-04 21:22 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\EIE11_DE-DE_WOL_WIN764.EXE
2014-06-04 21:24 - 2014-05-30 16:31 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-04 21:11 - 2014-06-02 16:06 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-06-04 09:29 - 2014-06-03 16:25 - 00000000 ____D () C:\Program Files\003
2014-06-04 09:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SchCache
2014-06-04 08:53 - 2014-06-04 08:53 - 00081415 _____ () C:\Users\vollman\Desktop\4.06.14.txt
2014-06-04 08:52 - 2014-06-04 08:53 - 00197342 _____ () C:\Users\vollman\Desktop\XML.Xml
2014-06-04 08:52 - 2013-12-26 01:16 - 00000000 ____D () C:\Temp
2014-06-03 16:32 - 2014-05-07 06:34 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\systweak
2014-06-03 16:31 - 2011-12-14 21:00 - 00000000 ___RD () C:\Users\vollman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-03 16:01 - 2011-12-29 20:58 - 00034304 _____ () C:\Users\vollman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-02 19:14 - 2012-10-06 17:55 - 00510976 ___SH () C:\Users\vollman\Documents\Thumbs.db
2014-06-02 16:06 - 2014-06-02 16:06 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\ParetoLogic
2014-06-02 16:06 - 2014-06-02 16:06 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\DriverCure
2014-06-01 08:54 - 2009-08-18 03:51 - 00000000 ____D () C:\ProgramData\Google
2014-06-01 08:54 - 2009-08-18 03:51 - 00000000 ____D () C:\Program Files\Google
2014-06-01 08:54 - 2009-08-18 03:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-01 08:42 - 2014-06-01 08:36 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\Nicht bestätigt 401013.crdownload
2014-06-01 08:14 - 2014-05-31 09:37 - 00000155 _____ () C:\Windows\Reimage.ini
2014-05-31 13:33 - 2013-08-31 22:14 - 00000000 ____D () C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2014-05-31 13:13 - 2014-04-09 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-31 13:13 - 2014-04-09 10:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 09:52 - 2013-08-14 15:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-31 09:46 - 2014-05-31 09:38 - 00000000 ____D () C:\rei
2014-05-31 09:39 - 2014-05-31 09:39 - 00000000 ____D () C:\ProgramData\CDB
2014-05-31 09:04 - 2014-05-31 09:01 - 00000000 ____D () C:\Users\vollman\Downloads\AdwCleaner_TSA343TIV
2014-05-31 09:00 - 2014-05-31 09:00 - 00000000 ____D () C:\Program Files (x86)\sweetpacks bundle uninstaller_AdwCleaner_1555515
2014-05-31 00:55 - 2011-12-16 16:43 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-05-31 00:55 - 2011-12-16 07:15 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\HpUpdate
2014-05-30 22:10 - 2012-11-06 07:56 - 00000000 ____D () C:\Windows\Minidump
2014-05-30 22:10 - 2009-08-18 04:11 - 00000000 ____D () C:\Windows\Panther
2014-05-30 20:34 - 2014-05-30 19:12 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-05-30 20:19 - 2014-05-30 20:19 - 00003256 _____ () C:\Windows\System32\Tasks\{87849BC2-ECCF-417B-BD61-1E3AC5D8C365}
2014-05-30 19:49 - 2014-04-21 08:52 - 00000000 ____D () C:\ProgramData\WPM
2014-05-30 19:12 - 2014-05-30 19:12 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\SupTab
2014-05-30 17:44 - 2011-07-25 00:30 - 00000000 ____D () C:\Users\vollman\Desktop\Homepage Programme
2014-05-30 17:27 - 2014-05-30 17:27 - 00000000 ____D () C:\MFT 1863
2014-05-30 16:08 - 2011-12-14 21:16 - 00000000 ____D () C:\Users\vollman\AppData\Local\Microsoft Help
2014-05-30 14:08 - 2014-05-30 14:08 - 00003630 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f
2014-05-30 14:08 - 2014-05-30 14:08 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-05-30 14:08 - 2014-05-30 14:08 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-30 14:08 - 2014-05-30 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-30 14:08 - 2011-12-16 07:14 - 00000000 ____D () C:\Program Files (x86)\HP
2014-05-30 13:22 - 2011-12-14 22:55 - 00000000 ____D () C:\Users\vollman\AppData\Local\Google
2014-05-30 13:19 - 2014-05-30 13:19 - 00347816 _____ (Microsoft Corporation) C:\Users\vollman\Desktop\MicrosoftFixit.IEAddon.FISC.13324879527142381.1.1.Run.exe
2014-05-30 13:10 - 2009-08-18 03:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-05-25 16:02 - 2011-12-16 07:14 - 00000000 ____D () C:\ProgramData\HP
2014-05-25 15:54 - 2011-12-14 20:55 - 00000000 ____D () C:\Users\vollman
2014-05-25 15:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-25 15:09 - 2011-12-16 16:43 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-05-25 13:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-24 12:00 - 2014-05-24 12:00 - 04996760 _____ (Systweak Inc ) C:\Users\vollman\Downloads\rcpsetupnewmarm1_newmarm1de_yas (1).exe
2014-05-23 16:27 - 2011-12-15 10:20 - 00000000 __RHD () C:\MSOCache
2014-05-21 19:41 - 2014-05-21 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2014-05-21 19:39 - 2014-05-21 19:39 - 00000071 _____ () C:\Windows\WinInit.Ini
2014-05-19 22:12 - 2014-01-17 13:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-16 16:06 - 2014-05-06 20:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 16:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 16:05 - 2014-04-15 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-16 16:05 - 2011-12-29 16:13 - 00000000 ____D () C:\Users\vollman\AppData\Local\www.rene-zeidler.de
2014-05-16 16:05 - 2011-12-14 21:00 - 00000000 ___RD () C:\Users\vollman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 16:05 - 2009-08-18 03:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 20:14 - 2012-04-07 09:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 20:14 - 2012-04-07 09:16 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 20:14 - 2011-12-15 23:31 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 10:46 - 2014-05-13 10:45 - 00000193 _____ () C:\Users\vollman\Desktop\Fehlermeldung Nicht genügend Arbeitsspeicher, wenn Sie eine große Anzahl von Programmen ausführen.url
2014-05-13 07:29 - 2011-12-14 21:00 - 00000000 ____D () C:\Users\vollman\AppData\Local\VirtualStore
2014-05-12 17:44 - 2014-05-12 17:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-12 13:46 - 2012-03-30 16:46 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-05-12 12:05 - 2011-06-13 17:29 - 00000000 ____D () C:\Users\vollman\Desktop\Alle Ordner
2014-05-12 10:08 - 2013-10-28 18:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-12 10:07 - 2014-05-12 10:07 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 10:07 - 2012-09-14 14:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-12 07:26 - 2014-04-09 10:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-04-09 10:29 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-04-09 10:29 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Files to move or delete:
====================
C:\Users\vollman\Fixit50388.reg


Some content of TEMP:
====================
C:\Users\vollman\AppData\Local\Temp\BackupSetup.exe
C:\Users\vollman\AppData\Local\Temp\ICReinstall_InternetExplorer (1).exe
C:\Users\vollman\AppData\Local\Temp\ICReinstall_InternetExplorer.exe
C:\Users\vollman\AppData\Local\Temp\MSN89FC.exe
C:\Users\vollman\AppData\Local\Temp\nsuF8D2.tmp.exe
C:\Users\vollman\AppData\Local\Temp\ReimagePackage.exe
C:\Users\vollman\AppData\Local\Temp\sqlite3.exe
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite39585.dll
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite50118.dll
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite75899.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-09 16:27

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

# AdwCleaner v3.212 - Bericht erstellt am 11/06/2014 um 16:59:38
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : vollman - VOLLMAN-PC
# Gestartet von : C:\Users\vollman\Downloads\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\vollman\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\vollman\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\vollman\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\vollman\AppData\Roaming\sweet-page
Ordner Gelöscht : C:\Users\vollman\AppData\Roaming\Systweak

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller\FileParade bundle uninstaller.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\CLASSES\OKitSpace
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKCU\Software\ClickConnect
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\ParetoLogic
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileParade bundle uninstaller
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\vollman\AppData\Roaming\Mozilla\Firefox\Profiles\w75rmxdg.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb

*************************

AdwCleaner[R0].txt - [4398 octets] - [11/06/2014 16:56:29]
AdwCleaner[S0].txt - [3648 octets] - [11/06/2014 16:59:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3708 octets] ##########

Code:

ATTFilter

# AdwCleaner v3.212 - Bericht erstellt am 11/06/2014 um 16:59:38
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : vollman - VOLLMAN-PC
# Gestartet von : C:\Users\vollman\Downloads\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\vollman\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\vollman\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\vollman\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\vollman\AppData\Roaming\sweet-page
Ordner Gelöscht : C:\Users\vollman\AppData\Roaming\Systweak

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller\FileParade bundle uninstaller.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\CLASSES\OKitSpace
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKCU\Software\ClickConnect
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\ParetoLogic
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileParade bundle uninstaller
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\vollman\AppData\Roaming\Mozilla\Firefox\Profiles\w75rmxdg.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb

*************************

AdwCleaner[R0].txt - [4398 octets] - [11/06/2014 16:56:29]
AdwCleaner[S0].txt - [3648 octets] - [11/06/2014 16:59:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3708 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by vollman on 11.06.2014 at 17:14:44,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\vollman\appdata\local\{16ADCA25-C115-4587-98CB-6767775CA95E}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.06.2014 at 17:21:44,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 01
Ran by vollman (administrator) on VOLLMAN-PC on 11-06-2014 17:24:23
Running from C:\Users\vollman\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\DatacardService\DCService.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\RunOnce: [Uninstall C:\Users\vollman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\vollman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: J - J:\AutoRun.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {38435efe-de06-11e3-9823-0025115aff70} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\start.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {5de808e2-3385-11e1-9a67-0025115aff70} - J:\AutoRun.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {5de808f7-3385-11e1-9a67-0025115aff70} - J:\AutoRun.exe
HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\...\MountPoints2: {ce94eec5-8180-11e2-bd6e-0025115aff70} - K:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=U218DHP&pc=U218
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11DEDE/WOL_WCP
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{37CAFACC-6286-44F4-85E9-F925D3472D29}: [NameServer]193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\vollman\AppData\Roaming\Mozilla\Firefox\Profiles\w75rmxdg.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-04-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "https://www.google.de/"
CHR DefaultSearchKeyword: arcor.de
CHR DefaultSearchProvider: arcor.de
CHR DefaultSearchURL: hxxp://www.arcor.de/content/arcor_search.jsp?scategorytype=portal&Keywords={searchTerms}&charencoding=utf-8
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-15]
CHR Extension: (Google Drive) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-15]
CHR Extension: (TV) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-04-15]
CHR Extension: (YouTube) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-15]
CHR Extension: (Google-Suche) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-15]
CHR Extension: (Google Wallet) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\vollman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-12-14] (Macrovision Europe Ltd.) [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-05-29] ()
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-05-29] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)

==================== Drivers (Whitelisted) ====================

S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 cpuz134; \??\C:\Users\vollman\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-11 17:21 - 2014-06-11 17:21 - 00000737 _____ () C:\Users\vollman\Desktop\JRT.txt
2014-06-11 17:14 - 2014-06-11 17:14 - 01016261 _____ (Thisisu) C:\Users\vollman\Downloads\JRT_6.1.4.exe
2014-06-11 16:56 - 2014-06-11 16:59 - 00000000 ____D () C:\AdwCleaner
2014-06-11 16:55 - 2014-06-11 16:55 - 01333465 _____ () C:\Users\vollman\Downloads\adwcleaner_3.212.exe
2014-06-11 16:09 - 2014-06-11 16:25 - 00044180 _____ () C:\Users\vollman\Downloads\Addition.txt
2014-06-11 16:07 - 2014-06-11 17:24 - 00015635 _____ () C:\Users\vollman\Downloads\FRST.txt
2014-06-11 16:07 - 2014-06-11 17:24 - 00000000 ____D () C:\FRST
2014-06-11 16:06 - 2014-06-11 16:06 - 02081792 _____ (Farbar) C:\Users\vollman\Downloads\FRST64.exe
2014-06-11 14:37 - 2014-06-11 14:39 - 63320784 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-06-11 13:51 - 2014-06-11 14:06 - 00001437 _____ () C:\Users\vollman\Desktop\10.06. 15.04.txt
2014-06-06 11:19 - 2014-06-06 11:19 - 00000000 ____D () C:\Windows\de
2014-06-06 11:18 - 2014-06-06 11:18 - 00001317 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-06-06 11:17 - 2014-06-06 11:17 - 00001386 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-06-06 11:14 - 2014-06-06 11:14 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-06 11:09 - 2014-06-06 11:09 - 00000382 _____ () C:\Windows\DirectX.log
2014-06-04 21:46 - 2014-06-04 21:47 - 00000424 _____ () C:\DelFix.txt
2014-06-04 21:26 - 2014-06-11 17:02 - 00000616 _____ () C:\Windows\setupact.log
2014-06-04 21:26 - 2014-06-04 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 21:25 - 2014-06-11 17:01 - 00004486 _____ () C:\Windows\PFRO.log
2014-06-04 21:24 - 2014-06-11 14:39 - 00009789 _____ () C:\Windows\IE11_main.log
2014-06-04 21:22 - 2014-06-04 21:24 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\EIE11_DE-DE_WOL_WIN764.EXE
2014-06-04 08:53 - 2014-06-04 08:53 - 00081415 _____ () C:\Users\vollman\Desktop\4.06.14.txt
2014-06-04 08:53 - 2014-06-04 08:52 - 00197342 _____ () C:\Users\vollman\Desktop\XML.Xml
2014-06-01 08:36 - 2014-06-01 08:42 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\Nicht bestätigt 401013.crdownload
2014-05-31 09:39 - 2014-05-31 09:39 - 00000000 ____D () C:\ProgramData\CDB
2014-05-31 09:38 - 2014-05-31 09:46 - 00000000 ____D () C:\rei
2014-05-31 09:37 - 2014-06-01 08:14 - 00000155 _____ () C:\Windows\Reimage.ini
2014-05-31 09:01 - 2014-05-31 09:04 - 00000000 ____D () C:\Users\vollman\Downloads\AdwCleaner_TSA343TIV
2014-05-31 09:00 - 2014-05-31 09:00 - 00000000 ____D () C:\Program Files (x86)\sweetpacks bundle uninstaller_AdwCleaner_1555515
2014-05-30 20:19 - 2014-05-30 20:19 - 00003256 _____ () C:\Windows\System32\Tasks\{87849BC2-ECCF-417B-BD61-1E3AC5D8C365}
2014-05-30 17:27 - 2014-05-30 17:27 - 00000000 ____D () C:\MFT 1863
2014-05-30 16:31 - 2014-06-04 21:24 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-05-30 14:08 - 2014-05-30 14:08 - 00003630 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f
2014-05-30 14:08 - 2014-05-30 14:08 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-05-30 14:08 - 2014-05-30 14:08 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-30 14:07 - 2014-05-30 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-30 14:07 - 2010-06-14 16:24 - 00361320 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5512.dll
2014-05-30 13:19 - 2014-05-30 13:19 - 00347816 _____ (Microsoft Corporation) C:\Users\vollman\Desktop\MicrosoftFixit.IEAddon.FISC.13324879527142381.1.1.Run.exe
2014-05-25 13:28 - 2014-06-11 16:42 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B1EEAAA6-FEE3-4BED-9929-14AC07232F92}
2014-05-24 12:00 - 2014-05-24 12:00 - 04996760 _____ (Systweak Inc ) C:\Users\vollman\Downloads\rcpsetupnewmarm1_newmarm1de_yas (1).exe
2014-05-21 19:41 - 2014-05-21 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2014-05-21 19:39 - 2014-05-21 19:39 - 00000071 _____ () C:\Windows\WinInit.Ini
2014-05-14 10:09 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 10:09 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 10:09 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 10:09 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 10:09 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 10:09 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 07:04 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 07:04 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 07:04 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 07:04 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 07:03 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 07:03 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 07:03 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 07:03 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 07:03 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 07:03 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 07:03 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 07:03 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 07:03 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 07:03 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 07:03 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 07:03 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 07:03 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 07:03 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 07:03 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 07:03 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 07:03 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 07:03 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 07:03 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 10:45 - 2014-05-13 10:46 - 00000193 _____ () C:\Users\vollman\Desktop\Fehlermeldung Nicht genügend Arbeitsspeicher, wenn Sie eine große Anzahl von Programmen ausführen.url
2014-05-13 07:32 - 2014-06-10 11:24 - 00000000 ____D () C:\Users\vollman\Documents\Outlook-Dateien
2014-05-12 18:41 - 2011-12-02 19:18 - 00733184 _____ (www.rene-zeidler.de) C:\Users\vollman\Downloads\Snipping Tool Plus.exe
2014-05-12 17:44 - 2014-05-12 17:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-12 10:07 - 2014-05-12 10:07 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 10:07 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-12 10:07 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-12 10:07 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

==================== One Month Modified Files and Folders =======

2014-06-11 17:24 - 2014-06-11 16:07 - 00015635 _____ () C:\Users\vollman\Downloads\FRST.txt
2014-06-11 17:24 - 2014-06-11 16:07 - 00000000 ____D () C:\FRST
2014-06-11 17:24 - 2014-04-09 13:29 - 00000000 ____D () C:\Users\vollman\AppData\Local\Temp
2014-06-11 17:21 - 2014-06-11 17:21 - 00000737 _____ () C:\Users\vollman\Desktop\JRT.txt
2014-06-11 17:14 - 2014-06-11 17:14 - 01016261 _____ (Thisisu) C:\Users\vollman\Downloads\JRT_6.1.4.exe
2014-06-11 17:14 - 2012-04-07 09:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-11 17:09 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-11 17:09 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-11 17:06 - 2011-12-14 20:46 - 01308055 _____ () C:\Windows\WindowsUpdate.log
2014-06-11 17:02 - 2014-06-04 21:26 - 00000616 _____ () C:\Windows\setupact.log
2014-06-11 17:02 - 2011-12-29 20:27 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-06-11 17:02 - 2011-12-14 23:03 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-11 17:02 - 2011-12-14 21:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-11 17:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-11 17:01 - 2014-06-04 21:25 - 00004486 _____ () C:\Windows\PFRO.log
2014-06-11 16:59 - 2014-06-11 16:56 - 00000000 ____D () C:\AdwCleaner
2014-06-11 16:55 - 2014-06-11 16:55 - 01333465 _____ () C:\Users\vollman\Downloads\adwcleaner_3.212.exe
2014-06-11 16:53 - 2011-12-14 23:03 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-11 16:42 - 2014-05-25 13:28 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B1EEAAA6-FEE3-4BED-9929-14AC07232F92}
2014-06-11 16:25 - 2014-06-11 16:09 - 00044180 _____ () C:\Users\vollman\Downloads\Addition.txt
2014-06-11 16:06 - 2014-06-11 16:06 - 02081792 _____ (Farbar) C:\Users\vollman\Downloads\FRST64.exe
2014-06-11 14:39 - 2014-06-11 14:37 - 63320784 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-06-11 14:39 - 2014-06-04 21:24 - 00009789 _____ () C:\Windows\IE11_main.log
2014-06-11 14:10 - 2014-04-09 10:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 14:06 - 2014-06-11 13:51 - 00001437 _____ () C:\Users\vollman\Desktop\10.06. 15.04.txt
2014-06-11 12:01 - 2012-05-20 19:16 - 24873472 ___SH () C:\Users\vollman\Desktop\Thumbs.db
2014-06-10 15:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Globalization
2014-06-10 11:24 - 2014-05-13 07:32 - 00000000 ____D () C:\Users\vollman\Documents\Outlook-Dateien
2014-06-06 11:19 - 2014-06-06 11:19 - 00000000 ____D () C:\Windows\de
2014-06-06 11:18 - 2014-06-06 11:18 - 00001317 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-06-06 11:18 - 2011-12-15 22:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-06 11:17 - 2014-06-06 11:17 - 00001386 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-06-06 11:16 - 2013-12-22 23:40 - 00001502 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-06-06 11:14 - 2014-06-06 11:14 - 00000000 ____D () C:\Program Files\Windows Live
2014-06-06 11:14 - 2011-12-14 21:09 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-06 11:09 - 2014-06-06 11:09 - 00000382 _____ () C:\Windows\DirectX.log
2014-06-06 10:58 - 2011-12-15 22:36 - 00000000 ____D () C:\Users\vollman\AppData\Local\Windows Live
2014-06-06 10:46 - 2011-12-15 05:37 - 00717484 _____ () C:\Windows\system32\perfh007.dat
2014-06-06 10:46 - 2011-12-15 05:37 - 00155100 _____ () C:\Windows\system32\perfc007.dat
2014-06-06 10:46 - 2009-07-14 07:13 - 01657328 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 21:47 - 2014-06-04 21:46 - 00000424 _____ () C:\DelFix.txt
2014-06-04 21:26 - 2014-06-04 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 21:24 - 2014-06-04 21:22 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\EIE11_DE-DE_WOL_WIN764.EXE
2014-06-04 21:24 - 2014-05-30 16:31 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-04 09:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SchCache
2014-06-04 08:53 - 2014-06-04 08:53 - 00081415 _____ () C:\Users\vollman\Desktop\4.06.14.txt
2014-06-04 08:52 - 2014-06-04 08:53 - 00197342 _____ () C:\Users\vollman\Desktop\XML.Xml
2014-06-04 08:52 - 2013-12-26 01:16 - 00000000 ____D () C:\Temp
2014-06-03 16:31 - 2011-12-14 21:00 - 00000000 ___RD () C:\Users\vollman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-03 16:01 - 2011-12-29 20:58 - 00034304 _____ () C:\Users\vollman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-02 19:14 - 2012-10-06 17:55 - 00510976 ___SH () C:\Users\vollman\Documents\Thumbs.db
2014-06-01 08:54 - 2009-08-18 03:51 - 00000000 ____D () C:\ProgramData\Google
2014-06-01 08:54 - 2009-08-18 03:51 - 00000000 ____D () C:\Program Files\Google
2014-06-01 08:54 - 2009-08-18 03:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-01 08:42 - 2014-06-01 08:36 - 65446536 _____ (Microsoft Corporation) C:\Users\vollman\Downloads\Nicht bestätigt 401013.crdownload
2014-06-01 08:14 - 2014-05-31 09:37 - 00000155 _____ () C:\Windows\Reimage.ini
2014-05-31 13:33 - 2013-08-31 22:14 - 00000000 ____D () C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2014-05-31 13:13 - 2014-04-09 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-31 13:13 - 2014-04-09 10:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 09:52 - 2013-08-14 15:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-31 09:46 - 2014-05-31 09:38 - 00000000 ____D () C:\rei
2014-05-31 09:39 - 2014-05-31 09:39 - 00000000 ____D () C:\ProgramData\CDB
2014-05-31 09:04 - 2014-05-31 09:01 - 00000000 ____D () C:\Users\vollman\Downloads\AdwCleaner_TSA343TIV
2014-05-31 09:00 - 2014-05-31 09:00 - 00000000 ____D () C:\Program Files (x86)\sweetpacks bundle uninstaller_AdwCleaner_1555515
2014-05-31 00:55 - 2011-12-16 16:43 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-05-31 00:55 - 2011-12-16 07:15 - 00000000 ____D () C:\Users\vollman\AppData\Roaming\HpUpdate
2014-05-30 22:10 - 2012-11-06 07:56 - 00000000 ____D () C:\Windows\Minidump
2014-05-30 22:10 - 2009-08-18 04:11 - 00000000 ____D () C:\Windows\Panther
2014-05-30 20:19 - 2014-05-30 20:19 - 00003256 _____ () C:\Windows\System32\Tasks\{87849BC2-ECCF-417B-BD61-1E3AC5D8C365}
2014-05-30 17:44 - 2011-07-25 00:30 - 00000000 ____D () C:\Users\vollman\Desktop\Homepage Programme
2014-05-30 17:27 - 2014-05-30 17:27 - 00000000 ____D () C:\MFT 1863
2014-05-30 16:08 - 2011-12-14 21:16 - 00000000 ____D () C:\Users\vollman\AppData\Local\Microsoft Help
2014-05-30 14:08 - 2014-05-30 14:08 - 00003630 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f
2014-05-30 14:08 - 2014-05-30 14:08 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-05-30 14:08 - 2014-05-30 14:08 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-30 14:08 - 2014-05-30 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-30 14:08 - 2011-12-16 07:14 - 00000000 ____D () C:\Program Files (x86)\HP
2014-05-30 13:22 - 2011-12-14 22:55 - 00000000 ____D () C:\Users\vollman\AppData\Local\Google
2014-05-30 13:19 - 2014-05-30 13:19 - 00347816 _____ (Microsoft Corporation) C:\Users\vollman\Desktop\MicrosoftFixit.IEAddon.FISC.13324879527142381.1.1.Run.exe
2014-05-30 13:10 - 2009-08-18 03:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-05-25 16:02 - 2011-12-16 07:14 - 00000000 ____D () C:\ProgramData\HP
2014-05-25 15:54 - 2011-12-14 20:55 - 00000000 ____D () C:\Users\vollman
2014-05-25 15:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-25 15:09 - 2011-12-16 16:43 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-05-25 13:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-24 12:00 - 2014-05-24 12:00 - 04996760 _____ (Systweak Inc ) C:\Users\vollman\Downloads\rcpsetupnewmarm1_newmarm1de_yas (1).exe
2014-05-23 16:27 - 2011-12-15 10:20 - 00000000 __RHD () C:\MSOCache
2014-05-21 19:41 - 2014-05-21 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
2014-05-21 19:39 - 2014-05-21 19:39 - 00000071 _____ () C:\Windows\WinInit.Ini
2014-05-19 22:12 - 2014-01-17 13:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-16 16:06 - 2014-05-06 20:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 16:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 16:05 - 2014-04-15 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-16 16:05 - 2011-12-29 16:13 - 00000000 ____D () C:\Users\vollman\AppData\Local\www.rene-zeidler.de
2014-05-16 16:05 - 2011-12-14 21:00 - 00000000 ___RD () C:\Users\vollman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 16:05 - 2009-08-18 03:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 20:14 - 2012-04-07 09:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 20:14 - 2012-04-07 09:16 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 20:14 - 2011-12-15 23:31 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 10:46 - 2014-05-13 10:45 - 00000193 _____ () C:\Users\vollman\Desktop\Fehlermeldung Nicht genügend Arbeitsspeicher, wenn Sie eine große Anzahl von Programmen ausführen.url
2014-05-13 07:29 - 2011-12-14 21:00 - 00000000 ____D () C:\Users\vollman\AppData\Local\VirtualStore
2014-05-12 17:44 - 2014-05-12 17:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-12 13:46 - 2012-03-30 16:46 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-05-12 12:05 - 2011-06-13 17:29 - 00000000 ____D () C:\Users\vollman\Desktop\Alle Ordner
2014-05-12 10:08 - 2013-10-28 18:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-12 10:07 - 2014-05-12 10:07 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 10:07 - 2012-09-14 14:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-12 07:26 - 2014-04-09 10:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-04-09 10:29 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-04-09 10:29 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Files to move or delete:
====================
C:\Users\vollman\Fixit50388.reg


Some content of TEMP:
====================
C:\Users\vollman\AppData\Local\Temp\BackupSetup.exe
C:\Users\vollman\AppData\Local\Temp\ICReinstall_InternetExplorer (1).exe
C:\Users\vollman\AppData\Local\Temp\ICReinstall_InternetExplorer.exe
C:\Users\vollman\AppData\Local\Temp\MSN89FC.exe
C:\Users\vollman\AppData\Local\Temp\nsuF8D2.tmp.exe
C:\Users\vollman\AppData\Local\Temp\Quarantine.exe
C:\Users\vollman\AppData\Local\Temp\ReimagePackage.exe
C:\Users\vollman\AppData\Local\Temp\sqlite3.exe
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite39585.dll
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite50118.dll
C:\Users\vollman\AppData\Local\Temp\System.Data.SQLite75899.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-09 16:27

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Das ist also FRST.txt aber Addition.txt finde ich diesmal nicht.

File parade bundle ist aus der Systemsteuerung weg

cosinus · 11.06.2014, 18:23

Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

Lara100 · 11.06.2014, 18:33

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2014 01
Ran by vollman at 2014-06-11 19:31:50
Running from C:\Users\vollman\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acez All Audio Converter v3.0 (HKLM-x32\...\Acez All Audio Converter v3.0_is1) (Version: 3.0 - AcezSoft Inc.)
Acez Mp3 Wav Converter v3.0 (HKLM-x32\...\Acez Mp3 Wav Converter v3.0_is1) (Version: 3.0 - AcezSoft Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player Packages (HKCU\...\Adobe Flash Player Packages) (Version:  - ) <==== ATTENTION
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1.3 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
ezCoverMaker 3.1.0 (HKLM-x32\...\ezCoverMaker 3.1.0) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotostory 3 für Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät (HKLM\...\{939D91BD-7C35-492A-A8B4-DE99939BD44F}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710a-f Hilfe (HKLM-x32\...\{958B08B0-C784-4A77-8D2B-C0A58F1E14B5}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217010F0}) (Version: 7.0.100 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader Download Manager Packages (HKCU\...\JDownloader Download Manager Packages) (Version:  - ) <==== ATTENTION
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.9.5 - Magical Jelly Bean)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marketsplash Schnellzugriffe (HKLM-x32\...\{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}) (Version: 1.0.0.9 - Hewlett-Packard)
Metaboli (HKLM-x32\...\Metaboli) (Version: 1.00.0006 - Packard Bell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (x32 Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Foto 2006 Suite Edition (HKLM-x32\...\PictureItSuite_v11) (Version: 11.0.0422 - Microsoft Corporation)
Microsoft Foto 2006 Suite Edition Bibliothek (x32 Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Foto 2006 Suite Edition Editor (x32 Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.002.03.03.511 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyTomTom 3.2.0.802 (HKLM-x32\...\MyTomTom) (Version: 3.2.0.802 - TomTom)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NVIDIA 3D Vision Controller-Treiber 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 295.73 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version:  - )
NVIDIA ForceWare Network Access Manager (Version: 1.00.7308 - NVIDIA Corporation) Hidden
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3002 - Acer Incorporated)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.02.3004 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0812 - Packard Bell Incorporated)
Packard Bell Software Suite SE (HKLM-x32\...\Packard Bell Software Suite SE) (Version: 2.01.3001 - Packard Bell)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Packard Bell)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Studie zur Verbesserung von HP Officejet 6500 E710a-f Produkten (HKLM\...\{A5C5CECF-648E-4263-B601-4D4CD3FCD11D}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
SWF Opener (HKLM-x32\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
TomTom HOME (HKLM-x32\...\{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}) (Version: 2.9.2 - Ihr Firmenname)
TomTom HOME 2.7.3.1894 (HKLM-x32\...\TomTom HOME) (Version: 2.7.3.1894 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 beta 12 - Ghisler Software GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.2160.11 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.179 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
ViewSonic Windows 7 x64 Signed Files (HKLM-x32\...\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}) (Version:  - )
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.00.3004 - Packard Bell)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

30-05-2014 16:33:49 Windows Update
31-05-2014 07:50:20 Windows Update
03-06-2014 13:36:05 Windows Update
06-06-2014 09:02:32 Windows Live Essentials
06-06-2014 09:08:57 DirectX wurde installiert
06-06-2014 09:10:04 DirectX wurde installiert
06-06-2014 09:11:18 DirectX wurde installiert
06-06-2014 09:13:16 WLSetup
09-06-2014 13:28:14 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00D68814-844A-42AB-9C05-99187D871824} - System32\Tasks\{ECD20DFD-913A-4D89-B900-1EBE44AC7F2E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {0D205EE3-5DEF-415C-8E62-40E7EC9EE4A9} - System32\Tasks\{9E96B213-4113-487A-A47B-4081220D0578} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {0FDA924E-3A4A-48D4-A0BD-27B744F99FAD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1FE6D328-D9DD-4867-B4A4-4053BA79DC2E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {2D80A978-B9A0-46D8-A09C-D0E7EA2927EB} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {2D9DB01F-29AD-4CF8-9339-998944F91EDA} - System32\Tasks\{0525D9D0-C16A-4840-A60C-1C8CAD63B760} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {2FCA18E6-7B49-463E-9A81-686C59B258EB} - System32\Tasks\{619A8061-4EC8-458F-935D-F114884A276B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {300D254A-AFDB-4801-ABDA-1955E7DB904A} - System32\Tasks\{E2B32E8B-1643-4638-BDD4-1AAEEC468539} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {377A0FE2-D280-4738-B917-74C25380C09F} - System32\Tasks\{00352ED0-98FD-4FAC-BEC7-8A6A922472B0} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.6.0.106&amp;LastError=404
Task: {3B5FB3B8-2469-4C63-A4FB-C4F5A89BAE80} - System32\Tasks\{5906329A-A7D5-4527-AD32-6BCAD320E339} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {40399B12-0B72-4E21-9F4E-C24DC7C87D45} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14] (Google Inc.)
Task: {4CC23FD3-33C1-44B2-B50A-8FDE33BE1137} - System32\Tasks\{40F60CFD-1253-4948-A7A8-ABE69D3BFB51} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {4D8CE891-8A9A-4681-A629-C6677D0E0AE8} - System32\Tasks\{3DB3B9BC-E8A3-49CA-BD70-50F02011FA6C} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)
Task: {577A8793-B331-48B2-957A-1DE4AF03A705} - System32\Tasks\{4F1D47BC-95DB-48A7-95AE-56297C5B93E0} => C:\Program Files (x86)\Microsoft Digital Image 2006\pi.exe [2005-04-22] (Microsoft Corporation)
Task: {65258954-2E2E-43A3-A305-DA6A1C6C8D5A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14] (Google Inc.)
Task: {680324EA-2E00-4ED0-A988-11F948576793} - System32\Tasks\FF Watcher {CE488589-6773-4EBC-A50C-E3568DC9C933} => C:\Program Files\V-bates\PrefHelper.exe
Task: {6A7933DA-EBE6-4547-95EB-FC51FC08760E} - System32\Tasks\{8AFC85A2-C21A-45CF-AFE8-F45EE2913E36} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)
Task: {83DF054A-F3D9-42FF-982D-9F77D1931702} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {85172785-8D8D-4F00-9804-9D488202B01B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {A3199CF2-4798-4AD2-941E-A3D599E3392F} - System32\Tasks\{D379EDCA-EAA4-4E16-A8A4-9EFBCEE41D84} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {AF349124-4D9C-4387-BFDB-F851F1369E1C} - System32\Tasks\{EBBB34EB-E7DD-4AD2-81D2-938C0B2C2F4C} => C:\Program Files (x86)\Microsoft Digital Image 2006\pi.exe [2005-04-22] (Microsoft Corporation)
Task: {B5AF72BC-C74D-4328-BC56-87B875CD5791} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12] (Hewlett-Packard)
Task: {BCD21CF0-1FC0-4A0F-B6D2-2183645EDC4C} - System32\Tasks\{86F33D0B-B59B-41C4-97D3-4A7021E8FFEB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {BE36AB74-F587-44DD-8059-EB3048CD3D36} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {C9CCDCDC-BD44-432F-9E50-A98EC170F490} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {D86C09D9-642A-4DA9-A99B-337D142D252E} - System32\Tasks\{1F462F4D-477B-4986-99E5-A0B6F7B1D674} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {D9692980-4BA3-4D4D-B683-08286BB2A0B0} - System32\Tasks\{FF3FF35D-D81C-4052-A368-6E1E17ADD4D3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {DFAB87C0-CC92-430D-88F8-616DCAE9BC5D} - System32\Tasks\{95772DE5-90C2-4ADE-BB9F-E05381569DBA} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)
Task: {E63454E8-EA82-4B4E-95F7-5EBD1B6BF43C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)
Task: {FFE4D4F9-597F-48BF-96F8-59E779D4E72E} - System32\Tasks\{2C316ABD-A941-4FA4-B2A9-7046CEA58B4F} => Chrome.exe 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-03-06 02:01 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-05-08 13:48 - 2010-05-08 13:48 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2014-04-15 15:59 - 2014-04-15 15:59 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2009-05-29 22:22 - 2009-05-29 22:22 - 00625184 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-05-29 22:21 - 2009-05-29 22:21 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-05-29 22:22 - 2009-05-29 22:22 - 00578080 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2009-05-29 22:22 - 2009-05-29 22:22 - 00207904 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2009-10-14 14:36 - 2009-10-14 14:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 14:34 - 2009-10-14 14:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-07-14 01:57 - 2009-07-14 03:40 - 00069120 _____ () C:\Windows\system32\BWContextHandler.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\WinRE{33875bcb0-c571-4ac4-9d2d-87796275a886}:$WIMMOUNTDATA

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============

HKU\S-1-5-21-1580234929-1931705971-1294809382-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\vollman\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/11/2014 07:19:32 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:36:44 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:36:04 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:35:00 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:29:12 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:22:45 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:20:34 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (06/11/2014 07:19:32 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:36:44 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:36:04 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:35:00 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:29:12 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:22:45 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (06/11/2014 06:20:34 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: vollman-PC)
Description: HRESULT:0x8004FF06
Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.


CodeIntegrity Errors:
===================================
  Date: 2014-03-01 14:34:26.047
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-01 14:34:26.016
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-01 14:34:26.001
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-01 14:34:25.969
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 74%
Total physical RAM: 4095.24 MB
Available physical RAM: 1059.82 MB
Total Pagefile: 4109.42 MB
Available Pagefile: 1237.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:284.48 GB) (Free:214.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATEN) (Fixed) (Total:166.19 GB) (Free:148 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1B9E7A23)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=284 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=166 GB) - (Type=OF Extended)

==================== End Of Log ============================

10.06.2014, 21:38	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	File Parade bundle Bitte poste alle Logfiles in CODE-Tags, wie oben beschrieben. Die Logsfiles von Malwarebytes findest im im Programm selbst unter Verlauf. __________________ Logfiles bitte immer in CODE-Tags posten

11.06.2014, 11:20	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	File Parade bundle Der Screenshot nutzt rein garnix. Du musst die Suchlauf-Protokolle schon öffnen und in den Inhalt hier posten __________________ Logfiles bitte immer in CODE-Tags posten

11.06.2014, 13:35	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	File Parade bundle Doch, genau solche Logfiles mit Funden wollte ich sehen. Jetzt fehlen nur noch die FRST-Logs. Und die bitte in CODE-Tags posten __________________ Logfiles bitte immer in CODE-Tags posten

11.06.2014, 18:23	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	File Parade bundle Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken. __________________ Logfiles bitte immer in CODE-Tags posten

File Parade bundle

Plagegeister aller Art und deren Bekämpfung: File Parade bundle