cdn.cloudwm-Seite kann nicht geladen werden!

bommel99 · 15.07.2014, 19:53

Hallo,

Seit gestern habe ich dass problem, dass sich ein Popup-Fenster immer öffnet mit dem link cdn.cloudwm..... wenn ich IE oder Mozilla starte!
Der Browser verlangsamt sich auch oder hängt sich ganz auf.
Außerdem geht Google überhaupt nicht mehr ! Manche andere Seiten ebenso.
Es kommt immer die Fehlermeldung, dass die Seite nicht angezeigt werden kann.

Ich hoffe ihr könnt mir helfen.

Danke schonmal.

Mfg Bommel99

schrauber · 15.07.2014, 20:23

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

bommel99 · 15.07.2014, 21:14

Hier die FRST.txt datei.

bommel99 · 15.07.2014, 21:15

http://www.trojaner-board.de/attachm...1&d=1405455284

Und hier die Addition.txt Datei.

hxxp://www.trojaner-board.de/attachment.php?attachmentid=68274&stc=1&d=1405455290

schrauber · 16.07.2014, 18:44

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

bommel99 · 16.07.2014, 19:09

FRST-Logdatei

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by Christoph (administrator) on PC-CHRISTOPH on 15-07-2014 22:02:53
Running from C:\Users\Christoph\Desktop
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TODO: <Company name>) C:\Program Files (x86)\iSafe\appstore\appstoreSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Tools\Stardock\Decor8\Decor8Srv.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Stardock Software, Inc) C:\Tools\Stardock\Decor8\Decor8_64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Tools\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Tools\ Malwarebytes Anti-Malware \mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Tools\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(TuneUp Software) C:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Tools\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Install\Microsoft Office\Office15\ONENOTEM.EXE
(Dropbox, Inc.) C:\Users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Adobe Systems Inc.) C:\Install\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Isis\isis.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\iSafe\appstore\ipcdl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Woodtale Technology Inc) C:\Program Files (x86)\iSafe\appstore\asBsn.exe
(Mozilla Corporation) C:\Tools\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Tools\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Blizzard Entertainment) D:\WOW\World of Warcraft\4.3.4 WoW.exe
(Skype Technologies S.A.) C:\Tools\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [Shwicon9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe [262144 2012-06-28] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Install\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Install\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [WsmUpdater] => C:\Program Files (x86)\Web Solution Mart\Windows 8 Codecs Pack\Updater.exe [292208 2012-05-18] (Web Solution Mart)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [480648 2014-04-01] (Autodesk Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Tools\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [Isis] => C:\Program Files (x86)\Isis\Isis.exe [330544 2014-07-14] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Atheros Communications))
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3507760142-4053387310-2989893969-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3507760142-4053387310-2989893969-1001\...\Run: [iCloudServices] => C:\Tools\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3507760142-4053387310-2989893969-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-3507760142-4053387310-2989893969-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
IFEO\dllfixer.exe: [Debugger] "C:\Tools\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\taskmgr.exe: [Debugger] C:\Tools\TuneUp Utilities 2014\PMLauncher.exe
IFEO\teamviewer.exe: [Debugger] "C:\Tools\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\tunngle.exe: [Debugger] "C:\Tools\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Tools\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Install\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Install\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Install\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Install\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Install\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Install\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Install\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL = 
SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Install\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Install\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Install\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Install\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Tools\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @ptc.com/ProductViewLite - C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll (PTC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Tools\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Tools\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Install\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: Fast Dial - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default\Extensions\fastdial@telega.phpnet.us [2013-09-16]
FF Extension: OpenDownload² - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default\Extensions\{210249CE-F888-11DD-B868-4CB456D89593} [2014-01-05]
FF Extension: Adblock Plus - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-16]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Install\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Install\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-08-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2014-07-15]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF [2014-04-06]
FF StartMenuInternet: FIREFOX.EXE - C:\Tools\Mozilla Firefox\firefox.exe

==================== Services (Whitelisted) =================

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [581000 2014-04-01] (Autodesk Inc.)
R2 appstoreService; C:\Program Files (x86)\iSafe\appstore\appstoreSvc.exe [15192 2014-07-04] (TODO: <Company name>)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S2 AxAutoMntSrv; C:\Tools\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 Decor8; C:\Tools\Stardock\Decor8\Decor8Srv.exe [74416 2012-11-27] (Stardock Software, Inc)
S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-06-19] (Dell Products, LP.) [File not signed]
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2010-01-11] (Stardock Corporation) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [118048 2014-07-11] (Elex do Brasil Participações Ltda)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Tools\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Tools\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 StarWindServiceAE; C:\Tools\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TeamViewer8; C:\Tools\TeamViewer\Version8\TeamViewer_Service.exe [5087584 2013-10-01] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2099512 2013-10-12] (TuneUp Software)
S4 TunngleService; C:\Tools\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49560 2012-09-17] (Asmedia Technology) [File not signed]
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140714.001\IDSvia64.sys [525016 2014-04-04] (Symantec Corporation)
R1 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [247488 2014-07-11] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45248 2014-07-11] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [78016 2014-07-11] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys [65216 2014-07-11] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [48640 2014-07-09] (Elex do Brasil Participações Ltda)
R1 isis; C:\Windows\System32\drivers\isis.sys [52016 2014-07-14] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140715.001\ENG64.SYS [126040 2014-04-06] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140715.001\EX64.SYS [2099288 2014-04-06] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-08-16] (Duplex Secure Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
S3 STHFK; C:\Windows\System32\Drivers\sthfk64.sys [46632 2012-02-03] (CSR plc.)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1504000.00D\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-04-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-08-16] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-08-16] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-06-06] (WinISO.com)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
U3 anx0qrid; C:\Windows\System32\Drivers\anx0qrid.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-15 22:02 - 2014-07-15 22:02 - 00030594 _____ () C:\Users\Christoph\Desktop\FRST.txt
2014-07-15 21:58 - 2014-07-15 21:58 - 02086912 _____ (Farbar) C:\Users\Christoph\Desktop\FRST64.exe
2014-07-15 20:33 - 2014-07-15 20:33 - 00000000 ___RD () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-15 19:33 - 2014-07-15 19:33 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\isafe
2014-07-15 19:27 - 2014-07-15 19:27 - 00000658 _____ () C:\zoek-results.log
2014-07-15 19:26 - 2014-07-15 19:27 - 00000495 _____ () C:\runcheck.txt
2014-07-15 19:26 - 2014-07-15 19:26 - 00000000 ____D () C:\zoek_backup
2014-07-15 19:25 - 2014-07-15 22:02 - 00000000 ____D () C:\FRST
2014-07-15 18:57 - 2014-07-15 21:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 18:57 - 2014-07-15 18:57 - 00000814 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-15 18:57 - 2014-07-15 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-15 18:57 - 2014-07-15 18:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-15 18:57 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-15 18:57 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-15 18:57 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-14 21:32 - 2014-07-15 20:31 - 00381318 _____ () C:\Windows\PFRO.log
2014-07-14 21:16 - 2014-07-14 23:02 - 00032314 _____ () C:\Windows\WindowsUpdate.log
2014-07-14 20:55 - 2014-07-14 20:55 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\computer software market
2014-07-14 20:51 - 2014-07-14 20:51 - 05117752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 20:46 - 2014-07-14 20:46 - 00001973 _____ () C:\Users\Public\Desktop\YAC App Store.lnk
2014-07-14 20:46 - 2014-07-14 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC App Store
2014-07-14 20:45 - 2014-07-15 21:56 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-07-14 20:45 - 2014-07-14 20:45 - 00001791 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-07-14 20:45 - 2014-07-14 20:45 - 00000000 ____D () C:\Windows\system32\log
2014-07-14 20:45 - 2014-07-14 20:45 - 00000000 ____D () C:\Windows\SMinidump
2014-07-14 20:45 - 2014-07-14 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-07-14 20:45 - 2014-07-11 14:28 - 00045248 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-07-14 20:39 - 2014-07-14 20:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-14 20:35 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-14 20:35 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-14 20:35 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-14 20:35 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-14 20:35 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-14 20:35 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-14 20:35 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-14 20:35 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-14 20:35 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-14 20:35 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-14 20:35 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-14 20:35 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-14 20:35 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-14 20:35 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-14 20:34 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-14 20:34 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-14 20:34 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-14 20:34 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-14 20:34 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-14 20:34 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-14 20:34 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-14 20:34 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-14 20:34 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-14 20:34 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-14 20:34 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-14 20:34 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-14 20:34 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-14 20:34 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-14 20:34 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-14 20:34 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-07-14 20:34 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-07-14 18:46 - 2014-07-14 18:46 - 00000000 ____D () C:\Program Files (x86)\Isis
2014-07-14 16:41 - 2014-07-14 16:41 - 00052016 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\isis.sys
2014-07-13 20:18 - 2014-07-13 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-08 19:30 - 2014-07-08 19:30 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-06 18:24 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-06 18:24 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-06 18:24 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-06 18:23 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-06 18:23 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-06 18:23 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-06 18:23 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-06 18:23 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-06 18:23 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-06 18:23 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-06 18:23 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-06 18:23 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-06 18:23 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-06 18:23 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-06 18:23 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-06 18:23 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-06 18:23 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-06 18:23 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-05 18:55 - 2014-07-06 18:23 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\MAGIX
2014-07-05 18:55 - 2014-07-06 18:23 - 00000000 ____D () C:\ProgramData\MAGIX
2014-07-05 18:55 - 2014-07-05 18:55 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Xara
2014-07-05 18:55 - 2014-07-05 18:55 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-07-05 08:16 - 2014-07-14 17:48 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Adobe
2014-06-23 21:15 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-23 21:15 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-23 21:14 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-23 21:14 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-23 21:09 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-23 21:09 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-23 20:32 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-16 16:22 - 2014-06-16 16:24 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Curse Advertising
2014-06-16 16:22 - 2014-06-16 16:22 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-15 19:50 - 2014-06-15 19:50 - 00000000 ____D () C:\TokensBackup
2014-06-15 18:38 - 2014-07-14 21:31 - 00000000 ____D () C:\Program Files\KMSpico
2014-06-15 18:38 - 2014-07-14 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2014-06-15 18:38 - 2014-06-15 18:38 - 00003352 _____ () C:\Windows\System32\Tasks\AutoPico Daily Restart

==================== One Month Modified Files and Folders =======

2014-07-15 22:03 - 2013-08-15 18:28 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Skype
2014-07-15 22:02 - 2014-07-15 22:02 - 00030594 _____ () C:\Users\Christoph\Desktop\FRST.txt
2014-07-15 22:02 - 2014-07-15 19:25 - 00000000 ____D () C:\FRST
2014-07-15 21:58 - 2014-07-15 21:58 - 02086912 _____ (Farbar) C:\Users\Christoph\Desktop\FRST64.exe
2014-07-15 21:56 - 2014-07-14 20:45 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-07-15 21:48 - 2014-02-11 19:28 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-15 21:30 - 2013-08-16 13:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-15 21:21 - 2014-07-15 18:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-15 20:53 - 2013-08-15 12:56 - 00000000 ____D () C:\Users\Christoph\Documents\Outlook-Dateien
2014-07-15 20:52 - 2013-08-16 12:29 - 00005138 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-CHRISTOPH-Christoph PC-Christoph
2014-07-15 20:37 - 2012-07-26 12:27 - 00756568 _____ () C:\Windows\system32\perfh007.dat
2014-07-15 20:37 - 2012-07-26 12:27 - 00157238 _____ () C:\Windows\system32\perfc007.dat
2014-07-15 20:37 - 2012-07-26 09:28 - 01757638 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-15 20:33 - 2014-07-15 20:33 - 00000000 ___RD () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-15 20:31 - 2014-07-14 21:32 - 00381318 _____ () C:\Windows\PFRO.log
2014-07-15 20:31 - 2014-05-15 16:25 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\DropboxMaster
2014-07-15 20:31 - 2014-02-11 19:28 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-15 20:31 - 2013-08-15 17:26 - 00000000 ___RD () C:\Users\Christoph\Dropbox
2014-07-15 20:31 - 2013-08-15 17:25 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Dropbox
2014-07-15 20:31 - 2013-08-15 09:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-15 20:31 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-15 19:33 - 2014-07-15 19:33 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\isafe
2014-07-15 19:31 - 2013-10-01 21:21 - 00000000 ___HD () C:\AdwCleaner
2014-07-15 19:27 - 2014-07-15 19:27 - 00000658 _____ () C:\zoek-results.log
2014-07-15 19:27 - 2014-07-15 19:26 - 00000495 _____ () C:\runcheck.txt
2014-07-15 19:26 - 2014-07-15 19:26 - 00000000 ____D () C:\zoek_backup
2014-07-15 19:05 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-15 19:04 - 2012-07-26 07:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-07-15 18:57 - 2014-07-15 18:57 - 00000814 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-15 18:57 - 2014-07-15 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-15 18:57 - 2014-07-15 18:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-15 18:57 - 2013-08-15 12:31 - 00000000 ____D () C:\Tools
2014-07-15 18:42 - 2013-08-15 13:02 - 00000000 ____D () C:\Users\Christoph\AppData\Local\CrashDumps
2014-07-14 23:02 - 2014-07-14 21:16 - 00032314 _____ () C:\Windows\WindowsUpdate.log
2014-07-14 21:34 - 2014-01-03 19:00 - 00000000 ____D () C:\Users\Christoph\AppData\Local\NPE
2014-07-14 21:31 - 2014-06-15 18:38 - 00000000 ____D () C:\Program Files\KMSpico
2014-07-14 21:05 - 2014-06-15 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2014-07-14 21:05 - 2014-05-03 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Architecture 2015 - Deutsch (German)
2014-07-14 21:05 - 2014-04-01 15:07 - 00000000 ____D () C:\Windows\Minidump
2014-07-14 21:05 - 2014-01-09 17:53 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\vlc
2014-07-14 21:05 - 2013-10-28 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2014-07-14 21:05 - 2013-08-25 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-07-14 21:05 - 2013-08-25 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2014 - Deutsch (German)
2014-07-14 21:05 - 2013-08-17 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-07-14 21:05 - 2013-08-15 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series
2014-07-14 21:05 - 2013-08-15 09:46 - 00000000 ___RD () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-14 21:05 - 2013-02-16 14:23 - 00000000 ____D () C:\Windows\Panther
2014-07-14 21:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-14 20:55 - 2014-07-14 20:55 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\computer software market
2014-07-14 20:51 - 2014-07-14 20:51 - 05117752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 20:46 - 2014-07-14 20:46 - 00001973 _____ () C:\Users\Public\Desktop\YAC App Store.lnk
2014-07-14 20:46 - 2014-07-14 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC App Store
2014-07-14 20:45 - 2014-07-14 20:45 - 00001791 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-07-14 20:45 - 2014-07-14 20:45 - 00000000 ____D () C:\Windows\system32\log
2014-07-14 20:45 - 2014-07-14 20:45 - 00000000 ____D () C:\Windows\SMinidump
2014-07-14 20:45 - 2014-07-14 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-07-14 20:40 - 2013-12-27 15:27 - 00000326 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2014-07-14 20:40 - 2013-12-27 15:27 - 00000310 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-07-14 20:39 - 2014-07-14 20:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-14 20:39 - 2013-12-27 15:27 - 00003114 _____ () C:\Windows\System32\Tasks\RDReminder
2014-07-14 20:39 - 2013-12-27 15:27 - 00003064 _____ () C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates
2014-07-14 20:39 - 2013-12-27 15:27 - 00003050 _____ () C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2014-07-14 20:39 - 2013-08-15 11:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-14 20:39 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-14 20:39 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-14 20:39 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-14 20:39 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-14 20:38 - 2013-02-16 14:59 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-14 20:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-14 20:24 - 2013-08-16 00:24 - 00000879 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-14 20:24 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-07-14 19:49 - 2014-04-06 19:30 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-14 19:49 - 2014-04-06 19:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-07-14 19:49 - 2014-04-06 19:29 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-07-14 18:46 - 2014-07-14 18:46 - 00000000 ____D () C:\Program Files (x86)\Isis
2014-07-14 17:48 - 2014-07-05 08:16 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Adobe
2014-07-14 16:41 - 2014-07-14 16:41 - 00052016 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\isis.sys
2014-07-13 20:18 - 2014-07-13 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-13 20:18 - 2013-11-06 19:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-13 20:18 - 2013-11-06 19:44 - 00000000 ____D () C:\Program Files\iTunes
2014-07-13 20:18 - 2013-11-06 19:44 - 00000000 ____D () C:\Program Files\iPod
2014-07-13 17:51 - 2013-08-16 11:15 - 03629056 ___SH () C:\Users\Christoph\Desktop\Thumbs.db
2014-07-13 10:21 - 2013-08-15 10:28 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3507760142-4053387310-2989893969-1001
2014-07-11 14:28 - 2014-07-14 20:45 - 00045248 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-07-09 20:23 - 2013-08-15 10:46 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Deployment
2014-07-08 19:30 - 2014-07-08 19:30 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 19:30 - 2013-08-16 13:47 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-06 22:56 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-06 22:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-06 18:26 - 2013-08-15 12:43 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Microsoft Help
2014-07-06 18:23 - 2014-07-05 18:55 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\MAGIX
2014-07-06 18:23 - 2014-07-05 18:55 - 00000000 ____D () C:\ProgramData\MAGIX
2014-07-05 18:55 - 2014-07-05 18:55 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Xara
2014-07-05 18:55 - 2014-07-05 18:55 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-07-05 18:55 - 2007-04-27 10:43 - 00120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll
2014-07-01 00:42 - 2014-07-14 20:34 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-14 20:34 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 00:42 - 2014-07-14 20:34 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-06-28 05:35 - 2014-07-14 20:34 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-26 22:53 - 2012-07-26 10:14 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:53 - 2012-07-26 10:14 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 19:57 - 2013-08-18 19:54 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Paint.NET
2014-06-26 17:43 - 2014-02-11 19:28 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 17:43 - 2014-02-11 19:28 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 18:12 - 2013-08-15 12:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-24 18:12 - 2013-08-15 12:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-23 21:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-19 04:12 - 2014-07-14 20:35 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 04:12 - 2014-07-14 20:35 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 04:12 - 2014-07-14 20:35 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-19 04:12 - 2014-07-14 20:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-19 04:12 - 2014-07-14 20:35 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 04:11 - 2014-07-14 20:35 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 04:11 - 2014-07-14 20:35 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 04:11 - 2014-07-14 20:35 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 04:10 - 2014-07-14 20:35 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 04:09 - 2014-07-14 20:35 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 02:53 - 2014-07-14 20:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:53 - 2014-07-14 20:35 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 02:53 - 2014-07-14 20:35 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 02:53 - 2014-07-14 20:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 02:53 - 2014-07-14 20:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 02:53 - 2014-07-14 20:35 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 02:53 - 2014-07-14 20:35 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 02:52 - 2014-07-14 20:35 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 02:52 - 2014-07-14 20:35 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 02:33 - 2014-07-14 20:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 02:30 - 2014-07-14 20:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 00:05 - 2014-07-14 20:35 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-18 01:27 - 2014-07-14 20:34 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 01:24 - 2014-07-14 20:34 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-16 16:24 - 2014-06-16 16:22 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Curse Advertising
2014-06-16 16:22 - 2014-06-16 16:22 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-16 12:36 - 2013-08-15 09:46 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Packages
2014-06-15 19:50 - 2014-06-15 19:50 - 00000000 ____D () C:\TokensBackup
2014-06-15 18:38 - 2014-06-15 18:38 - 00003352 _____ () C:\Windows\System32\Tasks\AutoPico Daily Restart
2014-06-15 11:15 - 2013-08-15 12:51 - 00000000 ____D () C:\ProgramData\CanonIJPLM

Some content of TEMP:
====================
C:\Users\Christoph\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9pdhia.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-10 19:22

==================== End Of Log ============================

--- --- ---

bommel99 · 16.07.2014, 19:12

Additon-Logdatei

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by Christoph at 2014-07-15 22:03:10
Running from C:\Users\Christoph\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Online (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{5CEBB0CE-1783-40C2-A7E1-02EE705820F0}) (Version: 1.0 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}) (Version: 1.0 - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Outlook Addin 2010 (HKCU\...\D9918D4858F5B722A4667B7989E1983A8FCC0462) (Version: 1.0.0.0 - Microsoft)
AutoCAD 2014 - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD Architecture 2015 - Deutsch (German) (Version: 7.7.49.0 - Autodesk) Hidden
AutoCAD Architecture 2015 Language Pack - Deutsch (German) (Version: 7.7.49.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 2.2.12.0 - Autodesk)
Autodesk AutoCAD 2014 - Deutsch (German) (HKLM\...\AutoCAD 2014 - Deutsch (German)) (Version: 19.1.18.0 - Autodesk)
Autodesk AutoCAD Architecture 2015 - Deutsch (German) (HKLM\...\AutoCAD Architecture 2015 - Deutsch (German)) (Version: 7.7.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 Ultimate Vault Hunter Edition (Game of the Year) 1.5.0 (HKLM-x32\...\Borderlands 2 Ultimate Vault Hunter Edition (Game of the Year) 1.5.0) (Version:  - )
calibre 64bit (HKLM\...\{573AFB32-7DDF-40CF-BF13-D6E10922EBBA}) (Version: 1.38.0 - Kovid Goyal)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon iP7200 series Benutzerregistrierung (HKLM-x32\...\Canon iP7200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version:  - Canon Inc.)
CopyTrans Control Center deinstallieren (HKCU\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
Creo Elements/Pro Release 5.0 Datecode M220 (HKLM\...\Creo Elements/Pro Release 5.0 Datecode M220) (Version: 5.0 - PTC)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
Decor8 (HKLM\...\Decor8_is1) (Version: 1.00 - Stardock Corporation)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD09282B-E878-4C2C-914D-E67475E4729C}) (Version:  - Microsoft)
Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
Dell System Detect Bootstrapper (HKCU\...\8e3135b376bd523e) (Version: 1.1.0.15 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 1.0 - Dll-Files.com)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FreeOCR v5.0 (HKLM-x32\...\freeocr_is1) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
ipswDownloader 2.0 (HKLM-x32\...\ipswDownloader) (Version: 2.0 - Sergey 'iOrange' Kudlay)
iSkysoft Video Converter Ultimate(Build 4.5.1.0) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 4.5.1.0 - iSkysoft Software)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
KMSpico 5.2.1 (HKLM\...\KMSpico v5.2.1_is1) (Version: 5.2 - )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movavi Video Converter 14 (HKLM-x32\...\Movavi Video Converter 14) (Version: 14.0.1 - Movavi)
Movavi Video Suite 12 (HKLM-x32\...\Movavi Video Suite 12) (Version: 12.0.0 - Movavi)
Mozilla Firefox 23.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 23.0 (x86 de)) (Version: 23.0 - Mozilla)
Mozilla Firefox 30.0 (x86 de) (HKCU\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{4B3D9AA4-B47A-4349-A64F-04D5A9226D7C}) (Version: 2.2.915.108 - Fitipower)
Multimedia Card Reader (x32 Version: 2.2.915.108 - Fitipower) Hidden
Nero 12 Content Pack (HKLM-x32\...\{4E7AC009-5212-499F-942F-A5AA42AE359E}) (Version: 12.0.00400 - Nero AG)
Nero Abstract Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero BackItUp (x32 Version: 12.5.7000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20030 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 12.5.6000 - Nero AG) Hidden
Nero Cliparts (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.21800 - Nero AG) Hidden
Nero Disc Menus 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 2 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 3 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Express (x32 Version: 12.5.7000 - Nero AG) Hidden
Nero Family and Events Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Football (Soccer) Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Holiday and Sports Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Image Samples (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Platinum Effects 12 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.11000 - Nero AG) Hidden
Nero Retro Film Themes (x32 Version: 12.0.11700 - Nero AG) Hidden
Nero Video (x32 Version: 12.5.4000 - Nero AG) Hidden
Nero Video Samples (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Video Transitions 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF ePub DRM Removal (HKLM-x32\...\PDFePubRMRemoval) (Version: 1.4.1 - eBook Converter)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Start8 (HKLM-x32\...\{F9FADF71-8E4E-4482-B95C-0F7A9F1B68AF}_is1) (Version: 1.15 - Stardock Corperation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SuperTooth Update (HKLM-x32\...\{DF91F7F8-7CE1-47A4-B636-7C488ACF89D9}) (Version: 1.0.5 - SuperTooth)
SYMplus Drehen deu (HKLM-x32\...\SYMplus Drehen deu) (Version:  - )
SYMplus Fräsen deu (HKLM-x32\...\SYMplus Fräsen deu) (Version:  - )
Tabellenbuch Metall 7.0 (HKLM-x32\...\Tabellenbuch Metall 7.0) (Version: 7.0 - Verlag Europa-Lehrmittel)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
True Image 2013 (HKLM-x32\...\{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
True Image 2013 Plus Pack (HKLM-x32\...\{1547FF3D-F82F-46AE-819B-78C7BB3D53EC}) (Version: 16.0.6514 - Acronis)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.143 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.143 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.143 - TuneUp Software) Hidden
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CE9A9D7C-B6FB-4F6C-8BDE-9A1ADBBAC1EE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{B386BAA9-7D92-450E-B43E-BD96B01ADEC0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F6CE638B-5A06-4EDD-A1FA-BFA827D14071}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{927B47DF-91B2-4EBF-9B66-43B2C95E41BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{7BD6AF81-49D4-482A-8CDD-90B4031627F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows 8 Codecs Pack 1.0.0 (HKLM\...\w8cpsetup_is1) (Version: 1.0.0 - Web Solution Mart)
Windows-Treiberpaket - SuperTooth Hands Free Kit DFU driver (02/03/2012 2.4.0.1) (HKLM\...\2871F06F054D47C19D51F0DC5B6DAAA67ED6CEFF) (Version: 02/03/2012 2.4.0.1 - SuperTooth)
WinISO (HKLM-x32\...\WinISO) (Version: 6.3.0.4905 - WinISO Computing Inc.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wise Folder Hider 1.37 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 1.37 - WiseCleaner.com, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xilisoft Download YouTube Video (HKLM-x32\...\Xilisoft Download YouTube Video) (Version: 5.1.1.20131226 - Xilisoft)
Xilisoft HD Video Converter (HKLM-x32\...\Xilisoft HD Video Converter) (Version: 7.7.2.20130313 - Xilisoft)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.7.2.20130619 - Xilisoft)
YAC App Store (HKLM-x32\...\Computer Software Market) (Version:  - Woodtale Technology Inc.)
Yet Another Cleaner! (HKLM-x32\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA)

==================== Restore Points  =========================

02-07-2014 16:52:05 Geplanter Prüfpunkt
06-07-2014 16:22:33 Revo Uninstaller Pro's restore point - MAGIX Page & Layout Designer 2013
14-07-2014 17:08:59 Geplanter Prüfpunkt
15-07-2014 17:27:04 zoek.exe restore point

==================== Hosts content: ==========================

2012-07-26 07:26 - 2013-08-25 16:21 - 00001126 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost


==================== Scheduled Tasks (whitelisted) =============

Task: {0C661C50-B4E8-4CAB-B937-92CD33F2FF93} - System32\Tasks\Mozilla Download Ordner täglich löschen => C:\Users\Christoph\Documents\Scripte\Mozilla Download Ordner löschen.cmd [2013-08-17] ()
Task: {19E2F560-2A53-4479-B22E-DADC940E60BD} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2AD60B55-D2A3-41BA-91BD-AA66F5EE1CDB} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {3658DF82-6C72-4A78-AD84-15FC8EBC6415} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {47B830E4-C3FB-442E-BAA4-4EF095654B38} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-14] (Microsoft Corporation)
Task: {50911FCF-12A4-4B4C-BE22-D32C3FEC273F} - System32\Tasks\Windows Defender Update => C:\Program Files\Windows Defender\MpCmdRun.exe [2014-03-29] (Microsoft Corporation)
Task: {516DE7EB-35E6-439B-91D6-90F1961ADAD5} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5D88260A-0CE4-4FC7-9780-58EB7A3DCE92} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {689A9598-23A9-4977-B90D-B078BE50320C} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Tools\TuneUp Utilities 2013\OneClick.exe
Task: {79A0D83C-6CB6-4172-86C6-DCF66A3599F1} - \Speedial No Task File <==== ATTENTION
Task: {79C4D5BD-FC1A-467A-BB55-BC618FF9F3FF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {81A389BB-9648-4DEB-8A24-2A96C3281793} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {82267B82-3D7F-4753-A26C-F96D39EF2272} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-chrisisvg@t-online.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {964CF19B-66D4-45D4-825A-DC49E215DB68} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
Task: {A099081A-6F62-4152-B337-4F21B0D96BAB} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-08-29] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A7DDC67E-2201-4D52-8BC7-EC09B8B66E2A} - System32\Tasks\AutoPico Daily Restart => C:\Program
Task: {B0044D3C-9225-44A2-A0E6-AD0D6D005E2D} - System32\Tasks\Auto Re-Aktivierung => C:\Windows\TriggerKMS.exe [2013-08-15] ()
Task: {B15A0B49-E13B-4704-B886-328BE2ABBC78} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BFEE1BEE-9E23-48BE-B6B4-FF2C304CB4F3} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-CHRISTOPH-Christoph PC-Christoph => C:\Install\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)
Task: {C15CFCC9-5C7B-4E0A-B843-E957D5B6C6CF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C7DD5E95-FC84-465C-960B-51B9A0186B3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
Task: {D58C85BD-BA6F-488E-9E50-7EE73503AB75} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com)
Task: {D6825C2B-18AE-4983-B5E1-4905EFC82DAF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {D68B9CAA-36FA-4665-AE5A-8211EE812F5F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-09-05] (Adobe Systems Incorporated)
Task: {D9676AD8-E923-4C69-BDE4-2E9A5C82F156} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {DB8D5048-D6FA-4FB6-9A5E-E819D2BCDB10} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FE81F7AC-CFAB-478D-B8E7-D6BEF2205C10} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-15 09:50 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-15 12:55 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-12 03:29 - 2013-10-12 03:29 - 00757048 _____ () C:\Tools\TuneUp Utilities 2014\avgrepliba.dll
2013-03-27 22:39 - 2013-03-27 22:39 - 00021824 _____ () C:\Install\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2013-08-16 22:55 - 2013-03-25 10:57 - 00721917 _____ () C:\Windows\SysWOW64\ISCM64.dll
2012-12-28 14:39 - 2012-12-28 14:39 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 14:36 - 2012-12-28 14:36 - 00084480 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 14:41 - 2012-12-28 14:41 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2014-07-14 16:41 - 2014-07-14 16:41 - 00330544 _____ () C:\Program Files (x86)\Isis\isis.exe
2012-12-28 14:42 - 2012-12-28 14:42 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2012-12-28 14:36 - 2012-12-28 14:36 - 00020992 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2014-07-14 20:46 - 2014-07-04 12:51 - 02229592 ____N () C:\Program Files (x86)\iSafe\appstore\ipcdl.exe
2014-07-14 20:46 - 2014-07-04 12:51 - 00298840 ____N () C:\Program Files (x86)\iSafe\appstore\asSvc.dll
2014-07-14 20:46 - 2014-07-04 12:51 - 00093016 ____N () C:\Program Files (x86)\iSafe\appstore\curlpp.dll
2014-07-14 20:46 - 2014-07-04 12:51 - 00066392 ____N () C:\Program Files (x86)\iSafe\appstore\zlib1.dll
2014-07-14 20:46 - 2014-07-04 12:51 - 00427864 ____N () C:\Program Files (x86)\iSafe\appstore\ipcproxy.dll
2014-07-14 20:45 - 2014-07-11 14:22 - 00092320 ____N () C:\Program Files (x86)\iSafe\curlpp.dll
2014-07-14 20:45 - 2014-07-11 14:22 - 00065696 ____N () C:\Program Files (x86)\iSafe\zlib1.dll
2014-07-14 20:45 - 2014-07-11 14:22 - 00427168 ____N () C:\Program Files (x86)\iSafe\ipcproxy.dll
2014-07-14 20:45 - 2014-07-09 14:48 - 00176976 ____N () C:\Program Files (x86)\iSafe\tws\unrar.dll
2014-07-14 20:45 - 2014-07-09 14:48 - 00068432 ____N () C:\Program Files (x86)\iSafe\tws\zlib1.dll
2014-07-14 20:45 - 2014-07-09 14:48 - 00087744 ____N () C:\Program Files (x86)\iSafe\tws\unacev2.dll
2014-05-03 12:01 - 2014-04-01 08:07 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-05-03 12:01 - 2014-04-01 08:07 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Tools\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Tools\Common Files\Apple\Internet Services\libxml2.dll
2014-07-15 20:31 - 2014-07-15 20:31 - 00043008 _____ () c:\Users\Christoph\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9pdhia.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Christoph\AppData\Roaming\Dropbox\bin\libcef.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2011-09-05 19:05 - 2011-09-05 19:05 - 00019968 _____ () C:\Install\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2014-04-04 10:25 - 2014-04-04 10:25 - 00102400 _____ () C:\Program Files (x86)\Isis\nfapi.dll
2014-06-05 06:41 - 2014-06-05 06:41 - 00331776 _____ () C:\Program Files (x86)\Isis\ProtocolFilters.dll
2014-02-23 12:42 - 2014-02-23 12:42 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b1c5b85477b09ceb4fa27fdf6e37e617\PSIClient.ni.dll
2013-03-27 22:09 - 2013-03-27 22:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-08-15 11:19 - 2012-06-26 01:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-06-10 21:01 - 2014-06-10 21:01 - 03852912 _____ () C:\Tools\Mozilla Firefox\mozjs.dll
2013-03-27 22:36 - 2013-03-27 22:36 - 00021312 _____ () C:\Install\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\Run32: => "Shwicon9106"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKCU\...\StartupApproved\StartupFolder: => "dffsetup.exe"
HKCU\...\StartupApproved\Run: => "DellSystemDetect"
HKCU\...\StartupApproved\Run: => "WinApplet"
HKCU\...\StartupApproved\Run: => "AdobeBridge"
HKCU\...\StartupApproved\Run: => "Autodesk Sync"

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/15/2014 07:39:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/15/2014 07:39:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/15/2014 07:39:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/15/2014 07:24:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/15/2014 06:42:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xd8c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (07/14/2014 09:05:44 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (07/14/2014 08:57:29 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (07/14/2014 08:53:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 3.2.0.0, Zeitstempel: 0x518c2ae8
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x000007f9fc730b22
ID des fehlerhaften Prozesses: 0xba8
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Vollständiger Name des fehlerhaften Pakets: Service_KMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Service_KMS.exe5

Error: (07/14/2014 08:46:47 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.

Error: (07/14/2014 08:42:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 3.2.0.0, Zeitstempel: 0x518c2ae8
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x000007f993910b22
ID des fehlerhaften Prozesses: 0x9e4
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Vollständiger Name des fehlerhaften Pakets: Service_KMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Service_KMS.exe5


System errors:
=============
Error: (07/15/2014 08:33:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Digital Delivery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/15/2014 08:31:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service KMSELDI" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/15/2014 07:35:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Digital Delivery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/15/2014 07:32:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service KMSELDI" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/15/2014 07:07:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Digital Delivery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/15/2014 07:04:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service KMSELDI" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/15/2014 05:54:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Digital Delivery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/15/2014 05:52:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service KMSELDI" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/15/2014 07:11:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Digital Delivery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/15/2014 07:09:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service KMSELDI" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (07/15/2014 07:39:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\esetsmartinstaller_deu.exe

Error: (07/15/2014 07:39:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\esetsmartinstaller_deu.exe

Error: (07/15/2014 07:39:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\esetsmartinstaller_deu.exe

Error: (07/15/2014 07:24:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\esetsmartinstaller_deu.exe

Error: (07/15/2014 06:42:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141bd8c01cfa0486aaf075eC:\Tools\Mozilla Firefox\plugin-container.exeC:\Tools\Mozilla Firefox\mozalloc.dll0708dee4-0c3f-11e4-bff7-a417314f2138

Error: (07/14/2014 09:05:44 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/14/2014 08:57:29 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/14/2014 08:53:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe3.2.0.0518c2ae8unknown0.0.0.00000000000000000000007f9fc730b22ba801cf9f9494f4c5ebC:\Program Files\KMSpico\Service_KMS.exeunknown275dd6b0-0b88-11e4-bff4-a417314f2138

Error: (07/14/2014 08:46:47 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/14/2014 08:42:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe3.2.0.0518c2ae8unknown0.0.0.00000000000000000000007f993910b229e401cf9f9316528347C:\Program Files\KMSpico\Service_KMS.exeunknowna7c60bc2-0b86-11e4-bff3-a417314f2138


==================== Memory info =========================== 

Percentage of memory in use: 43%
Total physical RAM: 12248.94 MB
Available physical RAM: 6921.56 MB
Total Pagefile: 13976.94 MB
Available Pagefile: 8184.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:167.68 GB) (Free:26.37 GB) NTFS
Drive d: (Privat) (Fixed) (Total:97.66 GB) (Free:64.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Downloads) (Fixed) (Total:1765.36 GB) (Free:722.84 GB) NTFS
Drive f: (Medien) (Fixed) (Total:1397.14 GB) (Free:241.81 GB) NTFS
Drive g: (Spiele) (Fixed) (Total:29.82 GB) (Free:18.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 168 GB) (Disk ID: E4E25076)
Partition 1: (Active) - (Size=168 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: B1F9A386)
Partition 1: (Not Active) - (Size=30 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1397 GB) (Disk ID: 4F1C19AB)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 09F9A1E4)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-303485157376) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 17.07.2014, 15:18

Ich find die neue Malware ja geil

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

bommel99 · 17.07.2014, 19:38

Wieso ist das komisch?

Bestimmt peinlich

Naja her die Logdatei

Norton habe ich versucht zu schließen ging aber nie ganz...

Code:

ATTFilter

ComboFix 14-07-17.03 - Christoph 17.07.2014  20:29:24.1.8 - x64
Microsoft Windows 8 Pro  6.2.9200.0.1252.49.1031.18.12249.9775 [GMT 2:00]
ausgeführt von:: c:\users\Christoph\Desktop\ComboFix.exe
AV: Norton 360 Online *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton 360 Online *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\RadioRage_4j
c:\program files (x86)\RadioRage_4j\bar\1.bin\4jauxstb64.dll
c:\program files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe
c:\program files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe
c:\program files (x86)\RadioRage_4j\bar\1.bin\4jbrmon64.exe
c:\program files (x86)\RadioRage_4j\bar\1.bin\4jbrstub64.dll
c:\program files (x86)\RadioRage_4j\bar\1.bin\4jdlghk64.dll
c:\program files (x86)\RadioRage_4j\bar\1.bin\4jhighin.exe
c:\program files (x86)\RadioRage_4j\bar\1.bin\4jmedint.exe
c:\program files (x86)\RadioRage_4j\bar\1.bin\4jskplay.exe
c:\program files (x86)\RadioRage_4j\bar\1.bin\4jSrchMn.exe
c:\program files (x86)\RadioRage_4j\bar\1.bin\APPINTEGRATOR.EXE
c:\program files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
c:\program files (x86)\RadioRage_4j\bar\1.bin\AppIntegratorStub64.dll
c:\program files (x86)\RadioRage_4j\bar\1.bin\ASSISTMONITOR64.DLL
c:\program files (x86)\RadioRage_4j\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL
c:\program files (x86)\RadioRage_4j\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL
c:\program files (x86)\RadioRage_4j\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE
c:\program files (x86)\RadioRage_4j\bar\1.bin\assists\ie_default_search_provider\CONFIG.XML
c:\program files (x86)\RadioRage_4j\bar\1.bin\BOOTSTRAP.JS
c:\program files (x86)\RadioRage_4j\bar\1.bin\CrExtP4j.exe
c:\program files (x86)\RadioRage_4j\bar\1.bin\FF-NativeMessagingDispatcher.dll
c:\program files (x86)\RadioRage_4j\bar\1.bin\Hpg64.dll
c:\program files (x86)\RadioRage_4j\bar\1.bin\LOGO.BMP
c:\program files (x86)\RadioRage_4j\bar\gen1\COMMON.T8S
c:\program files (x86)\RadioRage_4j\bar\IE9Mesg\COMMON.T8S
c:\program files (x86)\RadioRage_4j\bar\Message\COMMON.T8S
c:\program files (x86)\RadioRage_4j\bar\Settings\s_pid.dat
c:\users\Christoph\AppData\Local\assembly\tmp
c:\users\Christoph\AppData\Roaming\IHelper
c:\users\Christoph\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
c:\windows\IsUn0407.exe
c:\windows\TEMP\coF7949.tmp
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Service KMSELDI
-------\Service_Start8
-------\Service_WinisoCDBus
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-17 bis 2014-07-17  ))))))))))))))))))))))))))))))
.
.
2014-07-16 16:27 . 2014-07-16 16:28	--------	d-----w-	c:\users\Christoph\AppData\Local\CyberGhost
2014-07-16 16:27 . 2014-07-16 16:27	--------	d-----w-	c:\program files\TAP-Windows
2014-07-16 16:26 . 2014-07-16 16:27	--------	d-----w-	c:\program files\CyberGhost 5
2014-07-16 16:20 . 2014-05-17 02:35	44744	----a-w-	c:\windows\system32\drivers\hssdrv6.sys
2014-07-16 16:19 . 2014-07-16 16:19	--------	d-----w-	c:\programdata\Hotspot Shield
2014-07-16 16:19 . 2014-07-16 16:20	--------	d-----w-	c:\program files (x86)\Hotspot Shield
2014-07-16 16:19 . 2014-07-16 16:19	--------	d-----w-	c:\users\Christoph\AppData\Roaming\Hotspot Shield
2014-07-15 17:33 . 2014-07-17 13:39	--------	d-----w-	c:\users\Christoph\AppData\Roaming\isafe
2014-07-15 17:26 . 2014-07-15 17:26	--------	d-----w-	C:\zoek_backup
2014-07-15 17:25 . 2014-07-15 20:03	--------	d-----w-	C:\FRST
2014-07-15 17:05 . 2014-07-15 17:05	--------	d-----w-	c:\windows\ServiceProfiles\LocalService\winhttp
2014-07-15 16:57 . 2014-07-17 18:33	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-15 16:57 . 2014-07-15 16:57	--------	d-----w-	c:\programdata\Malwarebytes
2014-07-15 16:57 . 2014-05-12 05:26	64216	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-07-15 16:57 . 2014-05-12 05:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-07-15 16:57 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-07-14 18:55 . 2014-07-14 18:55	--------	d-----w-	c:\users\Christoph\AppData\Roaming\computer software market
2014-07-14 18:45 . 2014-07-14 18:45	--------	d-----w-	c:\windows\SMinidump
2014-07-14 18:45 . 2014-07-16 09:39	45248	----a-w-	c:\windows\system32\drivers\iSafeKrnlBoot.sys
2014-07-14 18:45 . 2014-07-14 18:45	--------	d-----w-	c:\windows\system32\log
2014-07-14 18:45 . 2014-07-17 18:33	--------	d-----w-	c:\program files (x86)\iSafe
2014-07-14 18:39 . 2014-07-14 18:39	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-14 18:34 . 2014-05-29 04:04	94552	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2014-07-14 17:48 . 2014-07-14 17:49	--------	d-----w-	c:\windows\system32\drivers\N360x64\1504000.00D
2014-07-14 16:46 . 2014-07-14 16:46	--------	d-----w-	c:\program files (x86)\Isis
2014-07-14 14:41 . 2014-07-14 14:41	52016	----a-w-	c:\windows\system32\drivers\isis.sys
2014-07-08 17:30 . 2014-07-08 17:30	5659136	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-07-06 16:24 . 2014-05-03 06:34	6974808	----a-w-	c:\windows\system32\ntoskrnl.exe
2014-07-06 16:24 . 2014-05-03 06:33	1824808	----a-w-	c:\windows\system32\ntdll.dll
2014-07-06 16:24 . 2014-05-01 22:37	1023488	----a-w-	c:\windows\system32\localspl.dll
2014-07-05 16:55 . 2014-07-05 16:55	--------	d-----w-	c:\users\Christoph\AppData\Local\Xara
2014-07-05 16:55 . 2014-07-06 16:23	--------	d-----w-	c:\programdata\MAGIX
2014-07-05 16:55 . 2014-07-06 16:22	--------	d-----w-	c:\program files (x86)\Common Files\MAGIX Services
2014-07-05 16:55 . 2014-07-05 16:55	--------	d-----w-	c:\program files (x86)\MSXML 4.0
2014-07-05 06:16 . 2014-07-14 15:48	--------	d-----w-	c:\users\Christoph\AppData\Local\Adobe
2014-06-23 19:15 . 2014-03-07 00:47	1419264	----a-w-	c:\windows\SysWow64\msxml3.dll
2014-06-23 19:15 . 2014-03-07 00:08	1845760	----a-w-	c:\windows\system32\msxml3.dll
2014-06-23 19:14 . 2014-04-29 22:32	1301504	----a-w-	c:\windows\system32\gdi32.dll
2014-06-23 19:14 . 2014-04-29 22:22	1023488	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-06-23 19:09 . 2014-05-03 05:47	3246592	----a-w-	c:\windows\system32\rdpcorets.dll
2014-06-23 19:09 . 2014-05-03 03:34	235520	----a-w-	c:\windows\system32\rdpudd.dll
2014-06-23 18:32 . 2014-04-03 11:22	2233176	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-14 18:38 . 2013-02-16 12:59	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-07-05 16:55 . 2007-04-27 08:43	120200	----a-w-	c:\windows\SysWow64\DLLDEV32i.dll
2014-06-26 20:53 . 2012-07-26 08:14	703968	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53 . 2012-07-26 08:14	105440	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-20 02:44 . 2014-05-26 19:13	9735256	----a-w-	c:\windows\SysWow64\nvcuda.dll
2014-05-20 02:44 . 2014-05-26 19:13	9697640	----a-w-	c:\windows\SysWow64\nvopencl.dll
2014-05-20 02:44 . 2014-05-26 19:13	895776	----a-w-	c:\windows\system32\NvIFR64.dll
2014-05-20 02:44 . 2014-05-26 19:13	892704	----a-w-	c:\windows\system32\NvFBC64.dll
2014-05-20 02:44 . 2014-05-26 19:13	867784	----a-w-	c:\windows\SysWow64\NvIFR.dll
2014-05-20 02:44 . 2014-05-26 19:13	861128	----a-w-	c:\windows\SysWow64\NvFBC.dll
2014-05-20 02:44 . 2014-05-26 19:13	837056	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2014-05-20 02:44 . 2014-05-26 19:13	492376	----a-w-	c:\windows\system32\nvEncodeAPI64.dll
2014-05-20 02:44 . 2014-05-26 19:13	416712	----a-w-	c:\windows\SysWow64\nvEncodeAPI.dll
2014-05-20 02:44 . 2014-05-26 19:13	382240	----a-w-	c:\windows\system32\NvIFROpenGL.dll
2014-05-20 02:44 . 2014-05-26 19:13	354016	----a-w-	c:\windows\system32\nvoglshim64.dll
2014-05-20 02:44 . 2014-05-26 19:13	335704	----a-w-	c:\windows\SysWow64\NvIFROpenGL.dll
2014-05-20 02:44 . 2014-05-26 19:13	3141976	----a-w-	c:\windows\system32\nvcuvid.dll
2014-05-20 02:44 . 2014-05-26 19:13	31387936	----a-w-	c:\windows\system32\nvoglv64.dll
2014-05-20 02:44 . 2014-05-26 19:13	305600	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2014-05-20 02:44 . 2014-05-26 19:13	2953672	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2014-05-20 02:44 . 2014-05-26 19:13	2785568	----a-w-	c:\windows\system32\nvcuvenc.dll
2014-05-20 02:44 . 2014-05-26 19:13	25256224	----a-w-	c:\windows\system32\nvcompiler.dll
2014-05-20 02:44 . 2014-05-26 19:13	2412376	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2014-05-20 02:44 . 2014-05-26 19:13	24025376	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2014-05-20 02:44 . 2014-05-26 19:13	1889112	----a-w-	c:\windows\system32\nvdispco6433788.dll
2014-05-20 02:44 . 2014-05-26 19:13	17561544	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-05-20 02:44 . 2014-05-26 19:13	166568	----a-w-	c:\windows\system32\nvinitx.dll
2014-05-20 02:44 . 2014-05-26 19:13	16003912	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-05-20 02:44 . 2014-05-26 19:13	1541576	----a-w-	c:\windows\system32\nvdispgenco6433788.dll
2014-05-20 02:44 . 2014-05-26 19:13	146480	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-05-20 02:44 . 2014-05-26 19:13	12688328	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-05-20 02:44 . 2014-05-26 19:13	11644928	----a-w-	c:\windows\system32\nvcuda.dll
2014-05-20 02:44 . 2014-05-26 19:13	11599072	----a-w-	c:\windows\system32\nvopencl.dll
2014-05-20 02:44 . 2013-10-04 19:32	14434704	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2013-08-20 04:53	2730208	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2013-08-15 07:50	61216	----a-w-	c:\windows\system32\OpenCL.dll
2014-05-20 02:44 . 2013-08-15 07:50	52056	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-05-20 02:44 . 2013-02-25 22:32	3109248	----a-w-	c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2013-02-25 22:32	952952	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2013-02-25 22:32	17480432	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-05-20 02:44 . 2013-02-25 22:32	18531568	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-05-20 01:25 . 2013-08-15 07:50	6769096	----a-w-	c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2013-08-15 07:50	3514144	----a-w-	c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2013-08-15 07:50	927520	----a-w-	c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2013-08-15 09:23	76064	----a-w-	c:\windows\system32\nv3dappshextr.dll
2014-05-20 01:25 . 2013-08-15 09:23	1078616	----a-w-	c:\windows\system32\nv3dappshext.dll
2014-05-20 01:25 . 2013-08-15 07:50	62808	----a-w-	c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2013-08-15 07:50	387528	----a-w-	c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2013-08-15 07:50	2560968	----a-w-	c:\windows\system32\nvsvcr.dll
2014-05-19 23:10 . 2014-05-26 19:15	601432	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-05-14 23:49 . 2013-08-15 07:50	3774821	----a-w-	c:\windows\system32\nvcoproc.bin
2014-05-07 13:02 . 2013-08-15 15:38	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-03 10:01 . 2014-05-03 10:01	520584	----a-r-	c:\users\Christoph\AppData\Roaming\Microsoft\Installer\{9D589081-AFC2-4932-9071-AC585AC1EA83}\UninstallTool.D01EB5D5_0EC4_4BDF_A131_1989F9F14A91.exe
2014-04-30 18:29 . 2013-12-26 14:27	1081112	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2013-12-26 14:27	1225920	----a-w-	c:\windows\system32\nvspcap64.dll
2014-04-19 09:39 . 2014-05-10 17:12	628024	----a-w-	c:\windows\system32\NotificationUI.exe
2013-03-13 07:03 . 2013-03-13 07:03	2174976	----a-w-	c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-05-14 06:18	1730264	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-05-14 06:18	1730264	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-05-14 06:18	1730264	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
"iCloudServices"="c:\tools\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"CyberGhost"="c:\program files\CyberGhost 5\CyberGhost.EXE" [2014-06-12 404080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-07-16 56128]
"Shwicon9106"="c:\program files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe" [2012-06-28 262144]
"AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-01-10 1105848]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"="c:\install\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\install\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-08-21 450560]
"WsmUpdater"="c:\program files (x86)\Web Solution Mart\Windows 8 Codecs Pack\Updater.exe" [2012-05-18 292208]
"ADSKAppManager"="c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" [2014-04-01 480648]
"iTunesHelper"="c:\tools\iTunes\iTunesHelper.exe" [2014-07-08 152392]
"Isis"="c:\program files (x86)\Isis\Isis.exe" [2014-07-14 330544]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
c:\users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
An OneNote senden.lnk - c:\install\Microsoft Office\Office15\ONENOTEM.EXE /tsr [2014-1-23 220848]
Dropbox.lnk - c:\users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R0 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\N360x64\1504000.00D\SymELAM.sys;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SymELAM.sys [x]
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\tools\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\tools\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 androidusb;ADB Interface Driver;c:\windows\System32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 asahci64;asahci64;c:\windows\System32\drivers\asahci64.sys;c:\windows\SYSNATIVE\drivers\asahci64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 iSafeKrnlBoot;iSafeKrnl Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys;c:\windows\SYSNATIVE\DRIVERS\iSafeKrnlBoot.sys [x]
R3 L1C;NDIS-Miniporttreiber für den PCI-E-Ethernetcontroller Qualcomm Atheros AR813x/AR815x;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\System32\drivers\MijXfilt.sys;c:\windows\SYSNATIVE\drivers\MijXfilt.sys [x]
R3 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 STHFK;%STHFK.SvcDesc%;c:\windows\System32\Drivers\sthfk64.sys;c:\windows\SYSNATIVE\Drivers\sthfk64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R4 TeamViewer8;TeamViewer 8;c:\tools\TeamViewer\Version8\TeamViewer_Service.exe;c:\tools\TeamViewer\Version8\TeamViewer_Service.exe [x]
R4 TunngleService;TunngleService;c:\tools\Tunngle\TnglCtrl.exe;c:\tools\Tunngle\TnglCtrl.exe [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1504000.00D\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1504000.00D\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SYMEFA64.SYS [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140703.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [x]
S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140716.001\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140716.001\IDSvia64.sys [x]
S1 iSafeKrnl;iSafeKrnl Mini-Filter Driver;c:\program files (x86)\iSafe\iSafeKrnl.sys;c:\program files (x86)\iSafe\iSafeKrnl.sys [x]
S1 iSafeKrnlKit;iSafeKrnl Kit Driver;c:\program files (x86)\iSafe\iSafeKrnlKit.sys;c:\program files (x86)\iSafe\iSafeKrnlKit.sys [x]
S1 iSafeKrnlR3;iSafeKrnl Ring3 Driver;c:\program files (x86)\iSafe\iSafeKrnlR3.sys;c:\program files (x86)\iSafe\iSafeKrnlR3.sys [x]
S1 iSafeNetFilter;iSafeNetFilter NDIS Driver;c:\program files (x86)\iSafe\iSafeNetFilter.sys;c:\program files (x86)\iSafe\iSafeNetFilter.sys [x]
S1 isis;isis;c:\windows\system32\drivers\isis.sys;c:\windows\SYSNATIVE\drivers\isis.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1504000.00D\SYMNETS.SYS [x]
S2 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe  [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 appstoreService;appstoreService;c:\program files (x86)\iSafe\appstore\appstoreSvc.exe;c:\program files (x86)\iSafe\appstore\appstoreSvc.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 CGVPNCliService;CyberGhost 5 Client Service;c:\program files\CyberGhost 5\Service.exe;c:\program files\CyberGhost 5\Service.exe [x]
S2 Decor8;Stardock Decor8;c:\tools\Stardock\Decor8\Decor8Srv.exe;c:\tools\Stardock\Decor8\Decor8Srv.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iSafeService;iSafeService;c:\program files (x86)\iSafe\iSafeSvc.exe;c:\program files (x86)\iSafe\iSafeSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\tools\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\tools\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\tools\ Malwarebytes Anti-Malware \mbamservice.exe;c:\tools\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe;c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\tools\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\tools\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\tools\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\tools\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 xusb22;Treiberdienst 22 für Xbox 360 Wireless Receiver;c:\windows\System32\drivers\xusb22.sys;c:\windows\SYSNATIVE\drivers\xusb22.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-16 17:30]
.
2014-07-14 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-12-27 19:16]
.
2014-07-14 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-12-27 19:16]
.
2014-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11 17:28]
.
2014-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11 17:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-05-14 06:15	2335960	----a-w-	c:\install\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-05-14 06:15	2335960	----a-w-	c:\install\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-05-14 06:15	2335960	----a-w-	c:\install\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-03-27 22:53	2827832	----a-w-	c:\install\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-03-27 22:53	2827832	----a-w-	c:\install\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-03-27 22:53	2827832	----a-w-	c:\install\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BtPreLoad"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe" [2012-12-28 64640]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-13 1212560]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-02-15 516928]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Page_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.178.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default\
FF - prefs.js: browser.startup.homepage - 
FF - prefs.js: browser.search.selectedEngine - Google
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-iSkysoft Helper Compact.exe - c:\program files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
AddRemove-SYMplus  Drehen  deu - c:\windows\IsUn0407.exe
AddRemove-SYMplus  Fräsen  deu - c:\windows\IsUn0407.exe
AddRemove-SYMplus Drehen deu - c:\windows\IsUn0407.exe
AddRemove-SYMplus Fräsen deu - c:\windows\IsUn0407.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.4.0.13\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.4.0.13;c:\program files (x86)\Norton 360\Engine64\21.4.0.13"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\iSafe\iSafeSvc2.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\tools\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\iSafe\iSafeTray.exe
c:\users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Hotspot Shield\bin\hsscp.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\iSafe\appstore\ipcdl.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-17  20:35:25 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-07-17 18:35
.
Vor Suchlauf: 13 Verzeichnis(se), 30.761.635.840 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 30.153.592.832 Bytes frei
.
- - End Of File - - 255741111E1816A95A9C9ACEDD8C7174

schrauber · 18.07.2014, 05:21

Hinweis für Mitleser:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm vom folgenden Download-Spiegel neu herunter:

BleepingComputer.com

und speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK

Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.

Code:

ATTFilter

http://www.trojaner-board.de/156487-cdn-cloudwm-seite-geladen.html

Collect::
c:\program files (x86)\Isis\Isis.exe
Folder::
c:\program files (x86)\Isis
File::
c:\windows\system32\drivers\isis.sys
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Isis"=-
Driver::
isis

Speichere dies als CFScript.txt auf Deinem Desktop.

Wichtig:

Stelle deine Anti Viren Software temprär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
Danach wieder anstellen nicht vergessen!
Bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein.
Dies kann dazu führen, dass ComboFix sich aufhängt.
Schließe alle laufenden Programme. Gehe sicher das ComboFix ungehindert arbeiten kann.
Mache nichts am PC solange ComboFix läuft.

In Bezug auf obiges Bild, ziehe CFScript.txt in die ComboFix.exe
Wenn ComboFix fertig ist, wird es ein Log erstellen, C:\ComboFix.txt. Bitte füge es hier als Antwort ein.

Falls im Skript die Anweisung Suspect:: oder Collect:: enthalten ist, wird eine Message-Box erscheinen, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen.

bommel99 · 19.07.2014, 11:25

Habe alles ausgeführt, aber am Ende hat das hochladen nicht geklappt!

Hier die Logdatei

Code:

ATTFilter

ComboFix 14-07-17.03 - Christoph 19.07.2014  12:08:24.2.8 - x64
Microsoft Windows 8 Pro  6.2.9200.0.1252.49.1031.18.12249.9682 [GMT 2:00]
ausgeführt von:: c:\users\Christoph\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Christoph\Desktop\CFScript.txt
AV: Norton 360 Online *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton 360 Online *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\isis.sys"
.
.
  ((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Isis
c:\program files (x86)\Isis\isis.exe
c:\program files (x86)\Isis\isis\SSL\Isis CA-accounts.google.com-3b1b2b56c8fcda6d66d14ca2dd8b3f98adca18f0#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-accounts.google.com-3b1b2b56c8fcda6d66d14ca2dd8b3f98adca18f0#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-apis.google.com-2f4b78896e051d566b64659ead213ca1a42ae242#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-apis.google.com-2f4b78896e051d566b64659ead213ca1a42ae242#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-cdn.syndication.twimg.com-43d43fa6741bab02ce4a01ccbfbbfce6899205c3#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-cdn.syndication.twimg.com-43d43fa6741bab02ce4a01ccbfbbfce6899205c3#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-easylist-downloads.adblockplus.org-156acaf3838f6d445fdf089a2c6dd684c4bac7fa#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-easylist-downloads.adblockplus.org-156acaf3838f6d445fdf089a2c6dd684c4bac7fa#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-fonts.googleapis.com-7734080dbccc76de5621384a3b1dd1df4370a377#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-fonts.googleapis.com-7734080dbccc76de5621384a3b1dd1df4370a377#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-gfk-de.sensic.net-2d62b91c6845d4df0ac8f4d70d4bc738edd2d72e#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-gfk-de.sensic.net-2d62b91c6845d4df0ac8f4d70d4bc738edd2d72e#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-marc-o-polo.media01.eu-04ddc8730030a02a1c24b88443775faac06ccf36#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-marc-o-polo.media01.eu-04ddc8730030a02a1c24b88443775faac06ccf36#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-mep-de.sensic.net-2d62b91c6845d4df0ac8f4d70d4bc738edd2d72e#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-mep-de.sensic.net-2d62b91c6845d4df0ac8f4d70d4bc738edd2d72e#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-peterhahn.adclear.net-a99831fe575f3f65b28dc5bb86d38753925d3ea9#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-peterhahn.adclear.net-a99831fe575f3f65b28dc5bb86d38753925d3ea9#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-safebrowsing.google.com-2f4b78896e051d566b64659ead213ca1a42ae242#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-safebrowsing.google.com-2f4b78896e051d566b64659ead213ca1a42ae242#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-script.ioam.de-91099ee65393c59716d9f6ebf755f95cfdf8ffda#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-script.ioam.de-91099ee65393c59716d9f6ebf755f95cfdf8ffda#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-snippets.mozilla.com-415749bec9d0952e2a9666aa225e5a2036f63719#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-snippets.mozilla.com-415749bec9d0952e2a9666aa225e5a2036f63719#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-tcmt.t-online.de-791dd71e872192839298c8bbdbd13709b88c49ad#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-tcmt.t-online.de-791dd71e872192839298c8bbdbd13709b88c49ad#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-tipi.api.t-online.de-57eb397f0ee8b95f0fb1573a3c2eac1ca3692d8a#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-tipi.api.t-online.de-57eb397f0ee8b95f0fb1573a3c2eac1ca3692d8a#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-twitter.com-813fd89d264cc9a5bb650d0b2d2bb0d63259bcaa#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-twitter.com-813fd89d264cc9a5bb650d0b2d2bb0d63259bcaa#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-urs.microsoft.com-75e20a28e900c4321ff4f4c15d29af133e3ce00a#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-urs.microsoft.com-75e20a28e900c4321ff4f4c15d29af133e3ce00a#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-www.facebook.com-47fa19de09412f882526baa183ef357e0963f554#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-www.facebook.com-47fa19de09412f882526baa183ef357e0963f554#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-www.superfish.com-379922b07aba0722dffe21bac8045a54dc01c757#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-www.superfish.com-379922b07aba0722dffe21bac8045a54dc01c757#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA-yahoo.ivwbox.de-337e8e0fd9265e7c8079609ef20e5ba6562e0fbf#child.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA-yahoo.ivwbox.de-337e8e0fd9265e7c8079609ef20e5ba6562e0fbf#child.pvk
c:\program files (x86)\Isis\isis\SSL\Isis CA.cer
c:\program files (x86)\Isis\isis\SSL\Isis CA.pvk
c:\program files (x86)\Isis\isis\SSL\test.cer
c:\program files (x86)\Isis\isis\SSL\test.pvk
c:\program files (x86)\Isis\libeay32.dll
c:\program files (x86)\Isis\nfapi.dll
c:\program files (x86)\Isis\nss\certutil.exe
c:\program files (x86)\Isis\nss\mozcrt19.dll
c:\program files (x86)\Isis\nss\nspr4.dll
c:\program files (x86)\Isis\nss\nss3.dll
c:\program files (x86)\Isis\nss\plc4.dll
c:\program files (x86)\Isis\nss\plds4.dll
c:\program files (x86)\Isis\nss\smime3.dll
c:\program files (x86)\Isis\nss\softokn3.dll
c:\program files (x86)\Isis\ProtocolFilters.dll
c:\program files (x86)\Isis\ssleay32.dll
c:\windows\system32\drivers\isis.sys
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_isis
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-19 bis 2014-07-19  ))))))))))))))))))))))))))))))
.
.
2014-07-19 10:11 . 2014-07-19 10:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-07-16 16:27 . 2014-07-16 16:28	--------	d-----w-	c:\users\Christoph\AppData\Local\CyberGhost
2014-07-16 16:27 . 2014-07-16 16:27	--------	d-----w-	c:\program files\TAP-Windows
2014-07-16 16:26 . 2014-07-16 16:27	--------	d-----w-	c:\program files\CyberGhost 5
2014-07-16 16:20 . 2014-05-17 02:35	44744	----a-w-	c:\windows\system32\drivers\hssdrv6.sys
2014-07-16 16:19 . 2014-07-16 16:19	--------	d-----w-	c:\programdata\Hotspot Shield
2014-07-16 16:19 . 2014-07-16 16:20	--------	d-----w-	c:\program files (x86)\Hotspot Shield
2014-07-16 16:19 . 2014-07-16 16:19	--------	d-----w-	c:\users\Christoph\AppData\Roaming\Hotspot Shield
2014-07-15 17:33 . 2014-07-17 13:39	--------	d-----w-	c:\users\Christoph\AppData\Roaming\isafe
2014-07-15 17:26 . 2014-07-15 17:26	--------	d-----w-	C:\zoek_backup
2014-07-15 17:25 . 2014-07-15 20:03	--------	d-----w-	C:\FRST
2014-07-15 17:05 . 2014-07-15 17:05	--------	d-----w-	c:\windows\ServiceProfiles\LocalService\winhttp
2014-07-15 16:57 . 2014-07-19 10:21	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-15 16:57 . 2014-07-15 16:57	--------	d-----w-	c:\programdata\Malwarebytes
2014-07-15 16:57 . 2014-05-12 05:26	64216	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-07-15 16:57 . 2014-05-12 05:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-07-15 16:57 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-07-14 18:55 . 2014-07-14 18:55	--------	d-----w-	c:\users\Christoph\AppData\Roaming\computer software market
2014-07-14 18:45 . 2014-07-14 18:45	--------	d-----w-	c:\windows\SMinidump
2014-07-14 18:45 . 2014-07-16 09:39	45248	----a-w-	c:\windows\system32\drivers\iSafeKrnlBoot.sys
2014-07-14 18:45 . 2014-07-14 18:45	--------	d-----w-	c:\windows\system32\log
2014-07-14 18:45 . 2014-07-19 10:21	--------	d-----w-	c:\program files (x86)\iSafe
2014-07-14 18:39 . 2014-07-14 18:39	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-14 18:34 . 2014-05-29 04:04	94552	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2014-07-14 17:48 . 2014-07-14 17:49	--------	d-----w-	c:\windows\system32\drivers\N360x64\1504000.00D
2014-07-08 17:30 . 2014-07-08 17:30	5659136	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-07-06 16:24 . 2014-05-03 06:34	6974808	----a-w-	c:\windows\system32\ntoskrnl.exe
2014-07-06 16:24 . 2014-05-03 06:33	1824808	----a-w-	c:\windows\system32\ntdll.dll
2014-07-06 16:24 . 2014-05-01 22:37	1023488	----a-w-	c:\windows\system32\localspl.dll
2014-07-05 16:55 . 2014-07-05 16:55	--------	d-----w-	c:\users\Christoph\AppData\Local\Xara
2014-07-05 16:55 . 2014-07-06 16:23	--------	d-----w-	c:\programdata\MAGIX
2014-07-05 16:55 . 2014-07-06 16:22	--------	d-----w-	c:\program files (x86)\Common Files\MAGIX Services
2014-07-05 16:55 . 2014-07-05 16:55	--------	d-----w-	c:\program files (x86)\MSXML 4.0
2014-07-05 06:16 . 2014-07-14 15:48	--------	d-----w-	c:\users\Christoph\AppData\Local\Adobe
2014-06-23 19:15 . 2014-03-07 00:47	1419264	----a-w-	c:\windows\SysWow64\msxml3.dll
2014-06-23 19:15 . 2014-03-07 00:08	1845760	----a-w-	c:\windows\system32\msxml3.dll
2014-06-23 19:14 . 2014-04-29 22:32	1301504	----a-w-	c:\windows\system32\gdi32.dll
2014-06-23 19:14 . 2014-04-29 22:22	1023488	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-06-23 19:09 . 2014-05-03 05:47	3246592	----a-w-	c:\windows\system32\rdpcorets.dll
2014-06-23 19:09 . 2014-05-03 03:34	235520	----a-w-	c:\windows\system32\rdpudd.dll
2014-06-23 18:32 . 2014-04-03 11:22	2233176	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-14 18:38 . 2013-02-16 12:59	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-07-05 16:55 . 2007-04-27 08:43	120200	----a-w-	c:\windows\SysWow64\DLLDEV32i.dll
2014-06-26 20:53 . 2012-07-26 08:14	703968	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53 . 2012-07-26 08:14	105440	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-20 02:44 . 2014-05-26 19:13	9735256	----a-w-	c:\windows\SysWow64\nvcuda.dll
2014-05-20 02:44 . 2014-05-26 19:13	9697640	----a-w-	c:\windows\SysWow64\nvopencl.dll
2014-05-20 02:44 . 2014-05-26 19:13	895776	----a-w-	c:\windows\system32\NvIFR64.dll
2014-05-20 02:44 . 2014-05-26 19:13	892704	----a-w-	c:\windows\system32\NvFBC64.dll
2014-05-20 02:44 . 2014-05-26 19:13	867784	----a-w-	c:\windows\SysWow64\NvIFR.dll
2014-05-20 02:44 . 2014-05-26 19:13	861128	----a-w-	c:\windows\SysWow64\NvFBC.dll
2014-05-20 02:44 . 2014-05-26 19:13	837056	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2014-05-20 02:44 . 2014-05-26 19:13	492376	----a-w-	c:\windows\system32\nvEncodeAPI64.dll
2014-05-20 02:44 . 2014-05-26 19:13	416712	----a-w-	c:\windows\SysWow64\nvEncodeAPI.dll
2014-05-20 02:44 . 2014-05-26 19:13	382240	----a-w-	c:\windows\system32\NvIFROpenGL.dll
2014-05-20 02:44 . 2014-05-26 19:13	354016	----a-w-	c:\windows\system32\nvoglshim64.dll
2014-05-20 02:44 . 2014-05-26 19:13	335704	----a-w-	c:\windows\SysWow64\NvIFROpenGL.dll
2014-05-20 02:44 . 2014-05-26 19:13	3141976	----a-w-	c:\windows\system32\nvcuvid.dll
2014-05-20 02:44 . 2014-05-26 19:13	31387936	----a-w-	c:\windows\system32\nvoglv64.dll
2014-05-20 02:44 . 2014-05-26 19:13	305600	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2014-05-20 02:44 . 2014-05-26 19:13	2953672	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2014-05-20 02:44 . 2014-05-26 19:13	2785568	----a-w-	c:\windows\system32\nvcuvenc.dll
2014-05-20 02:44 . 2014-05-26 19:13	25256224	----a-w-	c:\windows\system32\nvcompiler.dll
2014-05-20 02:44 . 2014-05-26 19:13	2412376	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2014-05-20 02:44 . 2014-05-26 19:13	24025376	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2014-05-20 02:44 . 2014-05-26 19:13	1889112	----a-w-	c:\windows\system32\nvdispco6433788.dll
2014-05-20 02:44 . 2014-05-26 19:13	17561544	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-05-20 02:44 . 2014-05-26 19:13	166568	----a-w-	c:\windows\system32\nvinitx.dll
2014-05-20 02:44 . 2014-05-26 19:13	16003912	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-05-20 02:44 . 2014-05-26 19:13	1541576	----a-w-	c:\windows\system32\nvdispgenco6433788.dll
2014-05-20 02:44 . 2014-05-26 19:13	146480	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-05-20 02:44 . 2014-05-26 19:13	12688328	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-05-20 02:44 . 2014-05-26 19:13	11644928	----a-w-	c:\windows\system32\nvcuda.dll
2014-05-20 02:44 . 2014-05-26 19:13	11599072	----a-w-	c:\windows\system32\nvopencl.dll
2014-05-20 02:44 . 2013-10-04 19:32	14434704	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2013-08-20 04:53	2730208	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2013-08-15 07:50	61216	----a-w-	c:\windows\system32\OpenCL.dll
2014-05-20 02:44 . 2013-08-15 07:50	52056	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-05-20 02:44 . 2013-02-25 22:32	3109248	----a-w-	c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2013-02-25 22:32	952952	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2013-02-25 22:32	17480432	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-05-20 02:44 . 2013-02-25 22:32	18531568	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-05-20 01:25 . 2013-08-15 07:50	6769096	----a-w-	c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2013-08-15 07:50	3514144	----a-w-	c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2013-08-15 07:50	927520	----a-w-	c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2013-08-15 09:23	76064	----a-w-	c:\windows\system32\nv3dappshextr.dll
2014-05-20 01:25 . 2013-08-15 09:23	1078616	----a-w-	c:\windows\system32\nv3dappshext.dll
2014-05-20 01:25 . 2013-08-15 07:50	62808	----a-w-	c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2013-08-15 07:50	387528	----a-w-	c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2013-08-15 07:50	2560968	----a-w-	c:\windows\system32\nvsvcr.dll
2014-05-19 23:10 . 2014-05-26 19:15	601432	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-05-14 23:49 . 2013-08-15 07:50	3774821	----a-w-	c:\windows\system32\nvcoproc.bin
2014-05-07 13:02 . 2013-08-15 15:38	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-03 10:01 . 2014-05-03 10:01	520584	----a-r-	c:\users\Christoph\AppData\Roaming\Microsoft\Installer\{9D589081-AFC2-4932-9071-AC585AC1EA83}\UninstallTool.D01EB5D5_0EC4_4BDF_A131_1989F9F14A91.exe
2014-04-30 18:29 . 2013-12-26 14:27	1081112	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2013-12-26 14:27	1225920	----a-w-	c:\windows\system32\nvspcap64.dll
2013-03-13 07:03 . 2013-03-13 07:03	2174976	----a-w-	c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-05-14 06:18	1730264	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-05-14 06:18	1730264	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-05-14 06:18	1730264	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
"iCloudServices"="c:\tools\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"CyberGhost"="c:\program files\CyberGhost 5\CyberGhost.EXE" [2014-06-12 404080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-07-16 56128]
"Shwicon9106"="c:\program files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe" [2012-06-28 262144]
"AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-01-10 1105848]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"="c:\install\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\install\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-08-21 450560]
"WsmUpdater"="c:\program files (x86)\Web Solution Mart\Windows 8 Codecs Pack\Updater.exe" [2012-05-18 292208]
"ADSKAppManager"="c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" [2014-04-01 480648]
"iTunesHelper"="c:\tools\iTunes\iTunesHelper.exe" [2014-07-08 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
c:\users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
An OneNote senden.lnk - c:\install\Microsoft Office\Office15\ONENOTEM.EXE /tsr [2014-1-23 220848]
Dropbox.lnk - c:\users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R0 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\N360x64\1504000.00D\SymELAM.sys;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SymELAM.sys [x]
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\tools\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\tools\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 androidusb;ADB Interface Driver;c:\windows\System32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 asahci64;asahci64;c:\windows\System32\drivers\asahci64.sys;c:\windows\SYSNATIVE\drivers\asahci64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 iSafeKrnlBoot;iSafeKrnl Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys;c:\windows\SYSNATIVE\DRIVERS\iSafeKrnlBoot.sys [x]
R3 L1C;NDIS-Miniporttreiber für den PCI-E-Ethernetcontroller Qualcomm Atheros AR813x/AR815x;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\System32\drivers\MijXfilt.sys;c:\windows\SYSNATIVE\drivers\MijXfilt.sys [x]
R3 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 STHFK;%STHFK.SvcDesc%;c:\windows\System32\Drivers\sthfk64.sys;c:\windows\SYSNATIVE\Drivers\sthfk64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R4 TeamViewer8;TeamViewer 8;c:\tools\TeamViewer\Version8\TeamViewer_Service.exe;c:\tools\TeamViewer\Version8\TeamViewer_Service.exe [x]
R4 TunngleService;TunngleService;c:\tools\Tunngle\TnglCtrl.exe;c:\tools\Tunngle\TnglCtrl.exe [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1504000.00D\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1504000.00D\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SYMEFA64.SYS [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140703.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [x]
S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140716.001\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140716.001\IDSvia64.sys [x]
S1 iSafeKrnl;iSafeKrnl Mini-Filter Driver;c:\program files (x86)\iSafe\iSafeKrnl.sys;c:\program files (x86)\iSafe\iSafeKrnl.sys [x]
S1 iSafeKrnlKit;iSafeKrnl Kit Driver;c:\program files (x86)\iSafe\iSafeKrnlKit.sys;c:\program files (x86)\iSafe\iSafeKrnlKit.sys [x]
S1 iSafeKrnlR3;iSafeKrnl Ring3 Driver;c:\program files (x86)\iSafe\iSafeKrnlR3.sys;c:\program files (x86)\iSafe\iSafeKrnlR3.sys [x]
S1 iSafeNetFilter;iSafeNetFilter NDIS Driver;c:\program files (x86)\iSafe\iSafeNetFilter.sys;c:\program files (x86)\iSafe\iSafeNetFilter.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1504000.00D\SYMNETS.SYS [x]
S2 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe  [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 appstoreService;appstoreService;c:\program files (x86)\iSafe\appstore\appstoreSvc.exe;c:\program files (x86)\iSafe\appstore\appstoreSvc.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 CGVPNCliService;CyberGhost 5 Client Service;c:\program files\CyberGhost 5\Service.exe;c:\program files\CyberGhost 5\Service.exe [x]
S2 Decor8;Stardock Decor8;c:\tools\Stardock\Decor8\Decor8Srv.exe;c:\tools\Stardock\Decor8\Decor8Srv.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iSafeService;iSafeService;c:\program files (x86)\iSafe\iSafeSvc.exe;c:\program files (x86)\iSafe\iSafeSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\tools\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\tools\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\tools\ Malwarebytes Anti-Malware \mbamservice.exe;c:\tools\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe;c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\tools\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\tools\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\tools\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\tools\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 xusb22;Treiberdienst 22 für Xbox 360 Wireless Receiver;c:\windows\System32\drivers\xusb22.sys;c:\windows\SYSNATIVE\drivers\xusb22.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-16 17:30]
.
2014-07-14 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-12-27 19:16]
.
2014-07-14 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-12-27 19:16]
.
2014-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11 17:28]
.
2014-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11 17:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-05-14 06:15	2335960	----a-w-	c:\install\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-05-14 06:15	2335960	----a-w-	c:\install\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-05-14 06:15	2335960	----a-w-	c:\install\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-03-27 22:53	2827832	----a-w-	c:\install\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-03-27 22:53	2827832	----a-w-	c:\install\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-03-27 22:53	2827832	----a-w-	c:\install\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BtPreLoad"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe" [2012-12-28 64640]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-13 1212560]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-02-15 516928]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Page_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.178.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default\
FF - prefs.js: browser.startup.homepage - 
FF - prefs.js: browser.search.selectedEngine - Google
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-SYMplus  Drehen  deu - c:\windows\IsUn0407.exe
AddRemove-SYMplus  Fräsen  deu - c:\windows\IsUn0407.exe
AddRemove-SYMplus Drehen deu - c:\windows\IsUn0407.exe
AddRemove-SYMplus Fräsen deu - c:\windows\IsUn0407.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.4.0.13\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.4.0.13;c:\program files (x86)\Norton 360\Engine64\21.4.0.13"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\iSafe\iSafeSvc2.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\tools\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\iSafe\iSafeTray.exe
c:\users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Hotspot Shield\bin\hsscp.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-19  12:22:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-07-19 10:22
ComboFix2.txt  2014-07-17 18:35
.
Vor Suchlauf: 21 Verzeichnis(se), 30.069.047.296 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 17.823.453.184 Bytes frei
.
- - End Of File - - AF74166C532E6E7D0458C8EC9E1C7FB3

schrauber · 19.07.2014, 20:52

Zitat:

aber am Ende hat das hochladen nicht geklappt!

woran hast Du das bemerkt?

bommel99 · 20.07.2014, 08:12

Weil eine meldung kam, dass er keine Verbindung hatte

schrauber · 20.07.2014, 17:23

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

bommel99 · 21.07.2014, 17:13

Hier die mbam.txt Datei

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 21.07.2014
Suchlauf-Zeit: 17:47:31
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.21.05
Rootkit Datenbank: v2014.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Christoph

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 326218
Verstrichene Zeit: 4 Min, 45 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 7
PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}, In Quarantäne, [ef3a772b6516e84e5c4e1b79d62c08f8], 
PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, In Quarantäne, [ef3a772b6516e84e5c4e1b79d62c08f8], 
PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [ef3a772b6516e84e5c4e1b79d62c08f8], 
PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [ef3a772b6516e84e5c4e1b79d62c08f8], 
PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, In Quarantäne, [ef3a772b6516e84e5c4e1b79d62c08f8], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\RadioRage_4j, In Quarantäne, [0623adf5ea91a690a00ba92d2cd6a060], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3507760142-4053387310-2989893969-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\RadioRage_4j, In Quarantäne, [b475bfe3e695c17533d92fa2b34f966a], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.Outbrowse, C:\Users\Christoph\AppData\Local\Temp\ins.exe, In Quarantäne, [ef3a772b6516e84e5c4e1b79d62c08f8], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Hier die AdwCleaner[Sx].txt datei

Code:

ATTFilter

 AdwCleaner v3.216 - Bericht erstellt am 21/07/2014 um 18:02:22
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 8 Pro  (64 bits)
# Benutzername : Christoph - PC-CHRISTOPH
# Gestartet von : C:\Users\Christoph\Downloads\adwcleaner_3.216.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Christoph\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\CHRIST~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\CHRIST~1\AppData\Local\Temp\Video Converter
Ordner Gelöscht : C:\Users\Christoph\AppData\Roaming\iSafe

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\iSafe

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.17028


-\\ Mozilla Firefox v23.0 (de)

[ Datei : C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [5748 octets] - [01/10/2013 21:21:25]
AdwCleaner[R1].txt - [1516 octets] - [15/07/2014 19:29:47]
AdwCleaner[R2].txt - [1653 octets] - [21/07/2014 17:58:15]
AdwCleaner[S0].txt - [3542 octets] - [01/10/2013 21:21:58]
AdwCleaner[S1].txt - [1486 octets] - [15/07/2014 19:30:16]
AdwCleaner[S2].txt - [1471 octets] - [21/07/2014 18:02:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1531 octets] ##########

Hier die JRT.txt Datei

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 Pro x64
Ran by Christoph on 21.07.2014 at 18:05:51,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Christoph\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\dll-files.com fixer"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.07.2014 at 18:09:39,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hier die FRST-Logdatei

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by Christoph (administrator) on PC-CHRISTOPH on 21-07-2014 18:11:34
Running from C:\Users\Christoph\Desktop
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Tools\Stardock\Decor8\Decor8Srv.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Stardock Software, Inc) C:\Tools\Stardock\Decor8\Decor8_64.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(TuneUp Software) C:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Tools\Skype\Phone\Skype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Tools\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Install\Microsoft Office\Office15\ONENOTEM.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Dropbox, Inc.) C:\Users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Inc.) C:\Install\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Install\Microsoft Office\Office15\MSOSYNC.EXE
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Tools\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart 
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [Shwicon9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe [262144 2012-06-28] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Install\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Install\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [WsmUpdater] => C:\Program Files (x86)\Web Solution Mart\Windows 8 Codecs Pack\Updater.exe [292208 2012-05-18] (Web Solution Mart)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [480648 2014-04-01] (Autodesk Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Tools\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3507760142-4053387310-2989893969-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3507760142-4053387310-2989893969-1001\...\Run: [iCloudServices] => C:\Tools\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3507760142-4053387310-2989893969-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-3507760142-4053387310-2989893969-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Install\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Install\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Install\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Install\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Install\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Install\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Install\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Install\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Install\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Install\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Install\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Tools\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @ptc.com/ProductViewLite - C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll (PTC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Tools\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Tools\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Install\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: Fast Dial - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default\Extensions\fastdial@telega.phpnet.us [2013-09-16]
FF Extension: Hola Better Internet - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2014-07-20]
FF Extension: OpenDownload² - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default\Extensions\{210249CE-F888-11DD-B868-4CB456D89593} [2014-01-05]
FF Extension: Adblock Plus - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\57pjfzjr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-16]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Install\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Install\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-08-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2014-07-21]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF [2014-04-06]
FF StartMenuInternet: FIREFOX.EXE - C:\Tools\Mozilla Firefox\firefox.exe

==================== Services (Whitelisted) =================

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [581000 2014-04-01] (Autodesk Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S2 AxAutoMntSrv; C:\Tools\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 Decor8; C:\Tools\Stardock\Decor8\Decor8Srv.exe [74416 2012-11-27] (Stardock Software, Inc)
S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-06-19] (Dell Products, LP.) [File not signed]
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2010-01-11] (Stardock Corporation) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-04-04] (Stardock Software, Inc)
S3 StarWindServiceAE; C:\Tools\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TeamViewer8; C:\Tools\TeamViewer\Version8\TeamViewer_Service.exe [5087584 2013-10-01] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2099512 2013-10-12] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49560 2012-09-17] (Asmedia Technology) [File not signed]
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140718.001\IDSvia64.sys [525016 2014-04-04] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140721.001\ENG64.SYS [126040 2014-04-06] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140721.001\EX64.SYS [2099288 2014-04-06] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-08-16] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
S3 STHFK; C:\Windows\System32\Drivers\sthfk64.sys [46632 2012-02-03] (CSR plc.)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1504000.00D\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-04-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-08-16] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-08-16] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
U3 aabc6bcs; C:\Windows\System32\Drivers\aabc6bcs.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-21 18:11 - 2014-07-21 18:11 - 02089984 _____ (Farbar) C:\Users\Christoph\Desktop\FRST64.exe
2014-07-21 18:11 - 2014-07-21 18:11 - 00027268 _____ () C:\Users\Christoph\Desktop\FRST.txt
2014-07-21 18:10 - 2014-07-21 18:10 - 00000000 ___RD () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-21 18:05 - 2014-07-21 18:05 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 17:47 - 2014-07-21 17:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 17:46 - 2014-07-21 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-21 17:46 - 2014-07-21 17:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-21 17:46 - 2014-07-21 17:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-21 17:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-21 17:46 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-21 17:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-20 23:09 - 2014-07-20 23:09 - 00001862 _____ () C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk
2014-07-20 22:52 - 2014-07-20 22:52 - 00000000 ____D () C:\Users\Christoph\Downloads\XiliVCon782
2014-07-20 22:31 - 2014-07-20 22:31 - 00000000 ____D () C:\Users\Christoph\Documents\Freemake
2014-07-20 09:50 - 2014-07-20 09:50 - 00261710 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-07-19 12:22 - 2014-07-19 12:22 - 00040211 _____ () C:\ComboFix.txt
2014-07-19 12:20 - 2014-07-19 12:20 - 995721956 _____ () C:\Windows\MEMORY.DMP
2014-07-19 12:08 - 2014-07-19 12:08 - 00001285 _____ () C:\CF-Submit.htm
2014-07-19 12:07 - 2014-07-19 12:23 - 00000000 ____D () C:\ComboFix
2014-07-17 20:27 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-17 20:27 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-17 20:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-17 20:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-17 20:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-17 20:27 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-07-17 20:27 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-17 20:27 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-17 20:27 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-17 20:25 - 2014-07-19 12:23 - 00000000 ____D () C:\Qoobox
2014-07-17 20:25 - 2014-07-19 12:11 - 00000000 ____D () C:\Windows\erdnt
2014-07-16 17:47 - 2014-07-16 17:47 - 00000744 _____ () C:\Users\Christoph\Desktop\JDownloaderExp - Verknüpfung.lnk
2014-07-15 19:26 - 2014-07-15 19:26 - 00000000 ____D () C:\zoek_backup
2014-07-15 19:25 - 2014-07-21 18:11 - 00000000 ____D () C:\FRST
2014-07-14 21:32 - 2014-07-21 18:02 - 00868504 _____ () C:\Windows\PFRO.log
2014-07-14 21:16 - 2014-07-21 18:02 - 00629753 _____ () C:\Windows\WindowsUpdate.log
2014-07-14 20:51 - 2014-07-20 09:39 - 05117056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 20:45 - 2014-07-16 11:39 - 00045248 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-07-14 20:45 - 2014-07-14 20:45 - 00000000 ____D () C:\Windows\system32\log
2014-07-14 20:45 - 2014-07-14 20:45 - 00000000 ____D () C:\Windows\SMinidump
2014-07-14 20:39 - 2014-07-14 20:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-14 20:35 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-14 20:35 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-14 20:35 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-14 20:35 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-14 20:35 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-14 20:35 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-14 20:35 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-14 20:35 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-14 20:35 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-14 20:35 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-14 20:35 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-14 20:35 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-14 20:35 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-14 20:35 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-14 20:35 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-14 20:35 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-14 20:35 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-14 20:34 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-14 20:34 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-14 20:34 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-14 20:34 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-14 20:34 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-14 20:34 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-14 20:34 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-14 20:34 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-14 20:34 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-14 20:34 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-14 20:34 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-14 20:34 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-14 20:34 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-14 20:34 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-14 20:34 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-14 20:34 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-07-14 20:34 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-07-13 20:18 - 2014-07-13 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-10 08:15 - 2014-07-10 08:15 - 00421888 _____ (Gabest) C:\Windows\SysWOW64\RealMediaSplitter.ax
2014-07-10 08:15 - 2014-07-10 08:15 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2014-07-10 08:15 - 2014-07-10 08:15 - 00181736 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-07-08 19:30 - 2014-07-08 19:30 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-06 18:24 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-06 18:24 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-06 18:24 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-06 18:23 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-06 18:23 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-06 18:23 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-07-06 18:23 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-06 18:23 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-06 18:23 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-06 18:23 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-06 18:23 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-06 18:23 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-06 18:23 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-06 18:23 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-06 18:23 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-06 18:23 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-06 18:23 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-06 18:23 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-06 18:23 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-05 18:55 - 2014-07-06 18:23 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\MAGIX
2014-07-05 18:55 - 2014-07-06 18:23 - 00000000 ____D () C:\ProgramData\MAGIX
2014-07-05 18:55 - 2014-07-05 18:55 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Xara
2014-07-05 18:55 - 2014-07-05 18:55 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-07-05 08:16 - 2014-07-14 17:48 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Adobe
2014-06-23 21:15 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-23 21:15 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-23 21:14 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-23 21:14 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-23 21:09 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-23 21:09 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-23 20:32 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

==================== One Month Modified Files and Folders =======

2014-07-21 18:11 - 2014-07-21 18:11 - 02089984 _____ (Farbar) C:\Users\Christoph\Desktop\FRST64.exe
2014-07-21 18:11 - 2014-07-21 18:11 - 00027268 _____ () C:\Users\Christoph\Desktop\FRST.txt
2014-07-21 18:11 - 2014-07-15 19:25 - 00000000 ____D () C:\FRST
2014-07-21 18:10 - 2014-07-21 18:10 - 00000000 ___RD () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-21 18:09 - 2012-07-26 12:27 - 00756568 _____ () C:\Windows\system32\perfh007.dat
2014-07-21 18:09 - 2012-07-26 12:27 - 00157238 _____ () C:\Windows\system32\perfc007.dat
2014-07-21 18:09 - 2012-07-26 09:28 - 01757638 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 18:05 - 2014-07-21 18:05 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 18:04 - 2013-08-16 12:29 - 00005140 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-CHRISTOPH-Christoph PC-Christoph
2014-07-21 18:03 - 2014-07-14 21:16 - 00629753 _____ () C:\Windows\WindowsUpdate.log
2014-07-21 18:03 - 2014-05-15 16:25 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\DropboxMaster
2014-07-21 18:03 - 2014-02-11 19:28 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 18:03 - 2013-08-15 18:28 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Skype
2014-07-21 18:03 - 2013-08-15 17:26 - 00000000 ___RD () C:\Users\Christoph\Dropbox
2014-07-21 18:03 - 2013-08-15 17:25 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Dropbox
2014-07-21 18:02 - 2014-07-14 21:32 - 00868504 _____ () C:\Windows\PFRO.log
2014-07-21 18:02 - 2013-10-01 21:21 - 00000000 ____D () C:\AdwCleaner
2014-07-21 18:02 - 2013-08-15 09:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-21 18:02 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 18:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-21 17:59 - 2013-08-15 12:51 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-21 17:55 - 2014-07-21 17:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 17:53 - 2013-08-15 17:20 - 00000000 ____D () C:\Windows\CUR_DIR
2014-07-21 17:48 - 2014-02-11 19:28 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 17:46 - 2014-07-21 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-21 17:46 - 2014-07-21 17:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-21 17:46 - 2014-07-21 17:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-20 23:14 - 2014-01-09 17:53 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\vlc
2014-07-20 23:09 - 2014-07-20 23:09 - 00001862 _____ () C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk
2014-07-20 23:09 - 2013-08-16 22:22 - 00000000 ____D () C:\ProgramData\Xilisoft
2014-07-20 23:09 - 2013-08-16 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2014-07-20 23:05 - 2013-08-15 12:31 - 00000000 ____D () C:\Tools
2014-07-20 23:02 - 2013-08-15 10:28 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3507760142-4053387310-2989893969-1001
2014-07-20 22:57 - 2013-08-15 09:46 - 00000000 ____D () C:\Users\Christoph\AppData\Local\VirtualStore
2014-07-20 22:55 - 2013-08-16 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-07-20 22:52 - 2014-07-20 22:52 - 00000000 ____D () C:\Users\Christoph\Downloads\XiliVCon782
2014-07-20 22:48 - 2013-08-16 11:15 - 03640320 ___SH () C:\Users\Christoph\Desktop\Thumbs.db
2014-07-20 22:31 - 2014-07-20 22:31 - 00000000 ____D () C:\Users\Christoph\Documents\Freemake
2014-07-20 22:30 - 2013-08-16 13:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 10:22 - 2013-08-15 17:22 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-07-20 10:22 - 2013-08-15 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-07-20 10:22 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-20 09:53 - 2013-08-15 12:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-20 09:53 - 2013-08-15 12:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-20 09:50 - 2014-07-20 09:50 - 00261710 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-07-20 09:39 - 2014-07-14 20:51 - 05117056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 21:09 - 2013-08-15 10:46 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Apps\2.0
2014-07-19 12:36 - 2014-04-01 15:07 - 00000000 ____D () C:\Windows\Minidump
2014-07-19 12:23 - 2014-07-19 12:07 - 00000000 ____D () C:\ComboFix
2014-07-19 12:23 - 2014-07-17 20:25 - 00000000 ____D () C:\Qoobox
2014-07-19 12:22 - 2014-07-19 12:22 - 00040211 _____ () C:\ComboFix.txt
2014-07-19 12:21 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-07-19 12:20 - 2014-07-19 12:20 - 995721956 _____ () C:\Windows\MEMORY.DMP
2014-07-19 12:11 - 2014-07-17 20:25 - 00000000 ____D () C:\Windows\erdnt
2014-07-19 12:08 - 2014-07-19 12:08 - 00001285 _____ () C:\CF-Submit.htm
2014-07-19 12:08 - 2013-08-15 13:02 - 00000000 ____D () C:\Users\Christoph\AppData\Local\CrashDumps
2014-07-19 09:21 - 2012-07-26 07:26 - 15466496 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-07-19 09:21 - 2012-07-26 07:26 - 100433920 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-07-19 09:21 - 2012-07-26 07:26 - 00376832 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-07-19 09:21 - 2012-07-26 07:26 - 00073728 _____ () C:\Windows\system32\config\SAM.bak
2014-07-19 09:21 - 2012-07-26 07:26 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-07-17 20:32 - 2012-07-26 10:08 - 05144576 _____ () C:\Windows\system32\config\DRIVERS.bak
2014-07-17 20:30 - 2013-08-16 14:03 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-16 22:48 - 2012-07-26 07:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-07-16 21:19 - 2013-08-15 12:56 - 00000000 ____D () C:\Users\Christoph\Documents\Outlook-Dateien
2014-07-16 18:18 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Resources
2014-07-16 17:49 - 2013-08-15 18:33 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Tunngle
2014-07-16 17:47 - 2014-07-16 17:47 - 00000744 _____ () C:\Users\Christoph\Desktop\JDownloaderExp - Verknüpfung.lnk
2014-07-16 11:39 - 2014-07-14 20:45 - 00045248 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-07-15 19:26 - 2014-07-15 19:26 - 00000000 ____D () C:\zoek_backup
2014-07-15 19:05 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-14 21:34 - 2014-01-03 19:00 - 00000000 ____D () C:\Users\Christoph\AppData\Local\NPE
2014-07-14 21:31 - 2014-06-15 18:38 - 00000000 ____D () C:\Program Files\KMSpico
2014-07-14 21:05 - 2014-06-15 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2014-07-14 21:05 - 2014-05-03 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD Architecture 2015 - Deutsch (German)
2014-07-14 21:05 - 2013-10-28 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2014-07-14 21:05 - 2013-08-25 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-07-14 21:05 - 2013-08-25 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2014 - Deutsch (German)
2014-07-14 21:05 - 2013-08-17 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-07-14 21:05 - 2013-08-15 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series
2014-07-14 21:05 - 2013-08-15 09:46 - 00000000 ___RD () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-14 21:05 - 2013-02-16 14:23 - 00000000 ____D () C:\Windows\Panther
2014-07-14 21:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-14 20:45 - 2014-07-14 20:45 - 00000000 ____D () C:\Windows\system32\log
2014-07-14 20:45 - 2014-07-14 20:45 - 00000000 ____D () C:\Windows\SMinidump
2014-07-14 20:39 - 2014-07-14 20:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-14 20:39 - 2013-12-27 15:27 - 00003114 _____ () C:\Windows\System32\Tasks\RDReminder
2014-07-14 20:39 - 2013-08-15 11:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-14 20:39 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-14 20:39 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-14 20:39 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-14 20:39 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-14 20:38 - 2013-02-16 14:59 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-14 20:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-14 20:24 - 2013-08-16 00:24 - 00000879 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-14 20:24 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-07-14 19:49 - 2014-04-06 19:30 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-14 19:49 - 2014-04-06 19:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-07-14 19:49 - 2014-04-06 19:29 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-07-14 17:48 - 2014-07-05 08:16 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Adobe
2014-07-13 20:18 - 2014-07-13 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-13 20:18 - 2013-11-06 19:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-13 20:18 - 2013-11-06 19:44 - 00000000 ____D () C:\Program Files\iTunes
2014-07-13 20:18 - 2013-11-06 19:44 - 00000000 ____D () C:\Program Files\iPod
2014-07-10 08:15 - 2014-07-10 08:15 - 00421888 _____ (Gabest) C:\Windows\SysWOW64\RealMediaSplitter.ax
2014-07-10 08:15 - 2014-07-10 08:15 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2014-07-10 08:15 - 2014-07-10 08:15 - 00181736 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-07-09 20:23 - 2013-08-15 10:46 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Deployment
2014-07-08 19:30 - 2014-07-08 19:30 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 19:30 - 2013-08-16 13:47 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-06 22:56 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-06 22:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-06 18:26 - 2013-08-15 12:43 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Microsoft Help
2014-07-06 18:23 - 2014-07-05 18:55 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\MAGIX
2014-07-06 18:23 - 2014-07-05 18:55 - 00000000 ____D () C:\ProgramData\MAGIX
2014-07-05 18:55 - 2014-07-05 18:55 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Xara
2014-07-05 18:55 - 2014-07-05 18:55 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-07-05 18:55 - 2007-04-27 10:43 - 00120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll
2014-07-01 00:42 - 2014-07-14 20:34 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-14 20:34 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 00:42 - 2014-07-14 20:34 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-06-28 05:35 - 2014-07-14 20:34 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-26 22:53 - 2012-07-26 10:14 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:53 - 2012-07-26 10:14 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 19:57 - 2013-08-18 19:54 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Paint.NET
2014-06-26 17:43 - 2014-02-11 19:28 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 17:43 - 2014-02-11 19:28 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-23 21:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent

Some content of TEMP:
====================
C:\Users\Christoph\AppData\Local\Temp\DellDock16a_setup_GER.exe
C:\Users\Christoph\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb5m56d.dll
C:\Users\Christoph\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.3.exe
C:\Users\Christoph\AppData\Local\Temp\proxy_vole6231961856453761482.dll
C:\Users\Christoph\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-10 19:22

==================== End Of Log ============================

--- --- ---

--- --- ---

cdn.cloudwm-Seite kann nicht geladen werden!

Plagegeister aller Art und deren Bekämpfung: cdn.cloudwm-Seite kann nicht geladen werden!