Hallo, ich habe die o. g. Fehlermeldung und die Log-Dateien auch schon erstellt: Addition und FRST siehe unten.
Weiß jemand, wie ich weiter vorgehen muss?
Herzlichen Dank bereits im Voraus.
MaryLoo
#########################
Addition:
ZoneAlarm Security (x32 Version: 11.0.768.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar (x32 Version: 1.8.22.0 - Check Point Software Technologies LTD) Hidden
==================== Restore Points =========================
29-12-2013 23:24:14 Installed Classic Shell
06-01-2014 16:53:08 Geplanter Prüfpunkt
13-01-2014 19:48:03 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {02852596-7CA9-4A53-9CF1-62D1EFF834B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\SYSTEM32\MRT.EXE [2014-01-15] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05DFB97D-D085-45CA-8620-EA8479BC828A} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {100AC631-AEFE-44B2-8D5A-CFE8994F4081} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23EDA762-04AF-434D-A872-2116395BA943} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-26] (AVAST Software)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2E9D9AEF-10BB-48FE-BC5A-AD65E6C00AF5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {314C9385-2BBF-4671-A8CC-1AEF97C2EAA2} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Mareike\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37A9DC9C-0B70-4483-AFB1-ED15A3D309A4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4285C36F-B071-4297-995C-B210F405BA86} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {57BED76F-2B59-4B60-901D-90511173243E} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Mareike\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {6A4F69E9-ECDE-410B-8C4D-20BBE803C0C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {76F8B5B6-E640-461B-A7FB-B5852CD04FDD} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7F268CCB-1857-4B1C-AE12-4EA5C9B52679} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {81854029-5869-4DC3-A034-69BBA9EEF401} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {97EC930E-BAE5-462B-912D-DF2E77D48530} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A654CDB9-9CE8-4D2D-BEDC-888CA43A2896} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {BDDDCAB7-B139-48AF-B168-98327A7E95AD} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-09-17] (SEC)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FFCBCE00-BE79-4B75-B839-8AB4C4493142} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2013-08-30 09:51 - 2013-08-30 09:51 - 00757048 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\avgrepliba.dll
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-10-16 19:15 - 2013-10-16 19:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-01-21 13:17 - 2014-01-20 18:52 - 02155520 _____ () C:\Program Files\AVAST Software\Avast\defs\14012001\algo.dll
2013-12-09 10:27 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2013-12-09 10:27 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2013-12-09 10:27 - 2010-05-10 03:51 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2013-12-09 10:27 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2013-12-09 10:27 - 2012-11-01 11:26 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2013-12-09 10:27 - 2010-02-10 15:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2012-10-20 06:35 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-11-26 10:23 - 2013-11-26 10:23 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-21 01:20 - 2013-12-12 10:15 - 00886624 _____ () C:\Program Files (x86)\Opera\18.0.1284.68\libglesv2.dll
2013-12-21 01:20 - 2013-12-12 10:15 - 00108896 _____ () C:\Program Files (x86)\Opera\18.0.1284.68\libegl.dll
2013-12-21 01:20 - 2013-12-12 10:15 - 00879968 _____ () C:\Program Files (x86)\Opera\18.0.1284.68\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Mareike\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
Der angeforderte Dienst wurde bereits gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.
==================== Memory info ===========================
Percentage of memory in use: 45%
Total physical RAM: 3795.53 MB
Available physical RAM: 2050.93 MB
Total Pagefile: 4691.54 MB
Available Pagefile: 2642.87 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:438.84 GB) (Free:231.45 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 7A80D030)
Partition: GPT Partition Type
==================== End Of Log ============================
FRST:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Mareike (administrator) on MAREIKE-NB on 21-01-2014 14:46:08
Running from C:\Users\Mareike\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
() C:\Program Files (x86)\Opera\18.0.1284.68\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917176 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-26] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [phonostar-PlayerTimer] - C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2013-04-25] ()
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHSE.EXE [241280 2013-11-18] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [AppsHat] - C:\Users\Mareike\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] ()
MountPoints2: {4fb156a1-5d90-11e3-beb3-2cd05a283f5e} - "D:\AutoRun.exe"
MountPoints2: {4fb156e0-5d90-11e3-beb3-2cd05a283f5e} - "D:\AutoRun.exe"
MountPoints2: {983b72e5-6031-11e3-beb4-2cd05a283f5e} - "D:\AutoRun.exe"
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://do-search.com/?type=hp&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
SearchScopes: HKLM - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {A1321AA7-C4E1-45E4-AE3E-5B36421D56DA} URL =
SearchScopes: HKLM-x32 - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=90FF5ED05A281E34&affID=121240&tsp=4993
SearchScopes: HKCU - {2964CFF3-C8EF-4A5C-9D50-1DF6B61E40E8} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=90ffd0880000000000005ed05a281e34&r=406
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {50952DBE-9475-4D32-B175-B9D835C33E99} URL =
SearchScopes: HKCU - {72D7D848-109B-4332-958F-B39FBDC3E8EA} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=de&q={searchTerms}&gu=2d6e1b8b51284e1782cf7d6e57e167d8&tu=10G9y009U1B0CO0&sku=&tstsId=&ver=&&r=671
BHO: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} - No File
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File
BHO-x32: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - No File
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.255.212.1
FireFox:
========
FF ProfilePath: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default
FF user.js: detected! => C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\user.js
FF SearchEngineOrder.1: Google
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=2&CUI=UN14212751791384810&UM=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( )
FF SearchPlugin: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\do-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-1.6 - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com [2014-01-06]
FF Extension: LyricsSay-1 - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com [2013-11-15]
FF Extension: zonealarm.com - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\ffxtlbr@zonealarm.com [2013-08-12]
FF Extension: 7Go - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\7go@7go.com.xpi [2013-10-14]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-12-08]
FF Extension: Speed Analysis 2 - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\speedanalysis02@SpeedAnalysis.com.xpi [2013-10-07]
FF Extension: Adblock Plus - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-22]
FF Extension: Adblock Edge - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2013-12-08]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-26]
Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-20]
CHR Extension: (Google Drive) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-20]
CHR Extension: (YouTube) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-20]
CHR Extension: (Google-Suche) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-20]
CHR Extension: (avast! Online Security) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-26]
CHR Extension: (Plus-HD-1.6) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh [2013-11-30]
CHR Extension: (Google Wallet) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (LyricsSay-1) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjcbkbcncfkoljakenekllbfdonhjef [2013-10-13]
CHR Extension: (Google Mail) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-20]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\Mareike\AppData\Roaming\7go\7go.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-26]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
U2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-26] (AVAST Software)
U2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
U2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
U2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [657504 2012-11-01] ()
U2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
U2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
U2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [2100024 2013-08-30] (TuneUp Software)
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U3 wifimansvc; C:\Program Files (x86)\Mobile Partner\eap\wifimansvc.exe [605696 2012-11-10] ()
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
U2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [54160 2013-06-18] (Check Point Software Technologies, Ltd.)
U2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros)
==================== Drivers (Whitelisted) ====================
U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U2 aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [38984 2013-11-26] (AVAST Software)
U2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [84328 2013-11-26] (AVAST Software)
U1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-26] (AVAST Software)
U0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-26] ()
U1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1032416 2013-11-26] (AVAST Software)
U1 aswSP; C:\windows\system32\drivers\aswSP.sys [409832 2013-11-26] (AVAST Software)
U0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-26] ()
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
U3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
U1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 NPF; C:\Windows\System32\drivers\NPF.sys [35344 2012-09-22] (CACE Technologies, Inc.)
U3 NPF; C:\Windows\SysWOW64\drivers\NPF.sys [35344 2012-09-22] (CACE Technologies, Inc.)
U3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2013-02-04] (Windows (R) 2003 DDK 3790 provider)
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
U2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-12-11] (Windows (R) Win 7 DDK provider)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-29] (Microsoft Corporation)
U3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-01-21] ()
U3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
U3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U3 ewusbnet; \SystemRoot\system32\DRIVERS\ewusbnet.sys [x]
U3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-21 14:46 - 2014-01-21 14:46 - 00025229 _____ C:\Users\Mareike\Desktop\Addition_21.01.14.txt
2014-01-21 14:44 - 2014-01-21 14:45 - 00025229 _____ C:\Users\Mareike\Desktop\Addition.txt
2014-01-21 14:42 - 2014-01-21 14:46 - 00025782 _____ C:\Users\Mareike\Desktop\FRST.txt
2014-01-21 14:42 - 2014-01-21 14:42 - 00000000 ____D C:\FRST
2014-01-21 14:41 - 2014-01-21 14:41 - 02077184 _____ (Farbar) C:\Users\Mareike\Desktop\FRST64.exe
2014-01-21 12:20 - 2014-01-21 12:20 - 00000000 ___RD C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\doPDF 7
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Users\Mareike\Desktop\doPDF 7
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Softland
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Program Files\Softland
2014-01-19 23:20 - 2013-08-20 13:28 - 00025920 _____ (Softland) C:\WINDOWS\system32\dopdfmn7.dll
2014-01-19 23:20 - 2013-08-20 13:28 - 00021312 _____ (Softland) C:\WINDOWS\system32\dopdfmi7.dll
2014-01-19 23:20 - 2010-11-25 12:17 - 00007549 _____ C:\WINDOWS\system32\dopdf7.ctm
2014-01-19 23:18 - 2014-01-19 23:19 - 04201928 _____ (Softland ) C:\Program Files\dopdf-7.exe
2014-01-18 15:55 - 2014-01-18 15:55 - 00002770 _____ C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-01-17 15:03 - 2013-08-30 09:51 - 00040760 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2014-01-17 15:03 - 2013-08-30 09:51 - 00029496 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2014-01-17 15:03 - 2013-08-30 09:51 - 00025400 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\authuitu.dll
2014-01-17 15:02 - 2014-01-17 15:02 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\TuneUp Software
2014-01-17 15:01 - 2014-01-17 15:03 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-17 15:00 - 2014-01-18 16:06 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-17 14:59 - 2014-01-18 16:16 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-17 14:58 - 2014-01-17 14:58 - 00001508 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-01-17 14:58 - 2014-01-17 14:58 - 00001215 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-17 14:57 - 2014-01-17 14:57 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\OpenCandy
2014-01-17 14:24 - 2014-01-17 14:24 - 00001198 _____ C:\Users\Mareike\Desktop\Videos - Verknüpfung.lnk
2014-01-16 11:40 - 2014-01-16 11:40 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2014-01-15 18:06 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-15 18:06 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 18:06 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 18:06 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 18:06 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 18:06 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 18:06 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 18:06 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 18:06 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 18:06 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 18:06 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-06 23:27 - 2014-01-06 23:27 - 00000000 ____D C:\ProgramData\McAfee
2014-01-06 18:48 - 2014-01-06 18:48 - 00580292 _____ C:\Users\Mareike\Downloads\Projektmanagement.zip
2014-01-06 04:23 - 2014-01-06 04:24 - 00000000 ____D C:\Users\Mareike\AppData\Local\Canon Easy-PhotoPrint EX
2014-01-06 04:21 - 2014-01-13 20:42 - 00000000 ____D C:\Program Files\Canon Camera
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-31 14:21 - 2014-01-21 14:37 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\ClassicShell
2013-12-31 14:21 - 2013-12-31 14:21 - 00000000 ____D C:\ProgramData\ClassicShell
2013-12-31 14:21 - 2013-12-30 00:30 - 00002170 _____ C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2013-12-30 00:30 - 2013-12-30 00:30 - 00000000 ____D C:\Program Files\Classic Shell
2013-12-30 00:17 - 2013-12-30 00:17 - 04285072 _____ (LionSea Software ) C:\Program Files\Reparatur Tool - smartpcfixer - setup.exe
2013-12-22 13:48 - 2013-12-22 13:48 - 00000000 ____D C:\ProgramData\ZoomBrowser
==================== One Month Modified Files and Folders =======
2014-01-21 14:46 - 2014-01-21 14:46 - 00025229 _____ C:\Users\Mareike\Desktop\Addition_21.01.14.txt
2014-01-21 14:46 - 2014-01-21 14:42 - 00025782 _____ C:\Users\Mareike\Desktop\FRST.txt
2014-01-21 14:45 - 2014-01-21 14:44 - 00025229 _____ C:\Users\Mareike\Desktop\Addition.txt
2014-01-21 14:42 - 2014-01-21 14:42 - 00000000 ____D C:\FRST
2014-01-21 14:42 - 2013-08-11 17:53 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-927294191-717072922-153577076-1002
2014-01-21 14:41 - 2014-01-21 14:41 - 02077184 _____ (Farbar) C:\Users\Mareike\Desktop\FRST64.exe
2014-01-21 14:39 - 2012-10-20 06:47 - 00000000 ____D C:\ProgramData\WinClon
2014-01-21 14:38 - 2013-11-29 11:26 - 00000000 __RDO C:\Users\Mareike\SkyDrive
2014-01-21 14:38 - 2013-11-26 10:26 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 14:37 - 2013-12-31 14:21 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\ClassicShell
2014-01-21 14:37 - 2013-11-29 10:41 - 01498135 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-21 14:37 - 2013-09-02 23:11 - 00016152 _____ C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-01-21 14:37 - 2013-09-02 23:11 - 00000436 _____ C:\WINDOWS\Tasks\SlimDrivers Startup.job
2014-01-21 14:36 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-21 13:36 - 2013-11-26 10:26 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 12:56 - 2013-08-12 15:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-21 12:20 - 2014-01-21 12:20 - 00000000 ___RD C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\doPDF 7
2014-01-21 12:04 - 2013-12-11 23:44 - 00000000 ____D C:\ProgramData\Spyware Terminator
2014-01-21 12:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-20 00:38 - 2013-12-08 18:46 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{09FD12B5-E364-4FF7-AE6D-BAF3212E2F15}
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Users\Mareike\Desktop\doPDF 7
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Softland
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Program Files\Softland
2014-01-19 23:19 - 2014-01-19 23:18 - 04201928 _____ (Softland ) C:\Program Files\dopdf-7.exe
2014-01-19 22:45 - 2013-11-18 11:13 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Epson
2014-01-18 18:59 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-18 18:59 - 2013-09-30 04:56 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-18 18:59 - 2013-09-30 04:56 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-18 18:24 - 2013-08-22 15:46 - 00340452 _____ C:\WINDOWS\setupact.log
2014-01-18 18:11 - 2013-09-29 20:04 - 00308110 _____ C:\WINDOWS\PFRO.log
2014-01-18 18:11 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-18 18:11 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2014-01-18 16:16 - 2014-01-17 14:59 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-18 16:16 - 2013-11-22 17:14 - 00000000 ____D C:\Users\Mareike\Desktop\Programmverknüpfungen
2014-01-18 16:06 - 2014-01-17 15:00 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-18 15:55 - 2014-01-18 15:55 - 00002770 _____ C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-01-17 23:44 - 2013-11-29 10:49 - 00000000 ____D C:\Users\Mareike
2014-01-17 15:22 - 2013-08-11 17:47 - 00000000 ____D C:\Users\Mareike\AppData\Local\VirtualStore
2014-01-17 15:03 - 2014-01-17 15:01 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-17 15:02 - 2014-01-17 15:02 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\TuneUp Software
2014-01-17 14:58 - 2014-01-17 14:58 - 00001508 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-01-17 14:58 - 2014-01-17 14:58 - 00001215 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-17 14:58 - 2013-11-22 16:54 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2014-01-17 14:57 - 2014-01-17 14:57 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\OpenCandy
2014-01-17 14:57 - 2013-09-08 21:42 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\DVDVideoSoft
2014-01-17 14:24 - 2014-01-17 14:24 - 00001198 _____ C:\Users\Mareike\Desktop\Videos - Verknüpfung.lnk
2014-01-17 14:22 - 2013-11-09 02:08 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\vlc
2014-01-17 14:08 - 2013-12-08 18:40 - 00000000 ____D C:\Program Files\Crack Adobe CC
2014-01-17 11:06 - 2013-11-10 21:18 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\PhotoScape
2014-01-16 11:40 - 2014-01-16 11:40 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2014-01-16 10:02 - 2013-11-26 10:29 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-01-15 19:47 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2014-01-15 18:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-15 18:29 - 2013-08-15 14:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-15 18:22 - 2013-08-15 14:02 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-13 20:42 - 2014-01-06 04:21 - 00000000 ____D C:\Program Files\Canon Camera
2014-01-13 19:56 - 2013-08-11 21:23 - 00000000 ____D C:\Mareike
2014-01-13 19:44 - 2013-11-22 16:45 - 00019456 ____H C:\Users\Mareike\Desktop\photothumb.db
2014-01-11 17:15 - 2013-08-11 17:48 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Adobe
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 23:30 - 2013-08-11 17:49 - 00000000 ____D C:\Users\Mareike\AppData\Local\Adobe
2014-01-06 23:27 - 2014-01-06 23:27 - 00000000 ____D C:\ProgramData\McAfee
2014-01-06 23:26 - 2012-10-20 06:51 - 00000000 ____D C:\ProgramData\Adobe
2014-01-06 23:25 - 2012-10-20 06:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-06 23:22 - 2013-10-22 12:33 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Skype
2014-01-06 18:48 - 2014-01-06 18:48 - 00580292 _____ C:\Users\Mareike\Downloads\Projektmanagement.zip
2014-01-06 04:24 - 2014-01-06 04:23 - 00000000 ____D C:\Users\Mareike\AppData\Local\Canon Easy-PhotoPrint EX
2014-01-06 04:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2014-01-06 04:20 - 2013-08-20 20:56 - 00000000 ____D C:\Program Files\Canon Printer
2014-01-06 04:10 - 2013-08-12 18:33 - 00000000 ____D C:\Program Files (x86)\Canon
2014-01-06 04:09 - 2013-09-03 00:24 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Canon
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-31 14:21 - 2013-12-31 14:21 - 00000000 ____D C:\ProgramData\ClassicShell
2013-12-30 00:30 - 2013-12-31 14:21 - 00002170 _____ C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2013-12-30 00:30 - 2013-12-30 00:30 - 00000000 ____D C:\Program Files\Classic Shell
2013-12-30 00:20 - 2013-11-08 04:38 - 00012375 _____ C:\Users\Mareike\Documents\Abrechnung Florida-Urlaub Mareike_Anita_2013.xlsx
2013-12-30 00:17 - 2013-12-30 00:17 - 04285072 _____ (LionSea Software ) C:\Program Files\Reparatur Tool - smartpcfixer - setup.exe
2013-12-29 17:18 - 2013-08-22 15:44 - 05139496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-22 23:49 - 2013-08-11 17:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-22 23:45 - 2012-10-20 07:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-22 23:43 - 2013-09-30 04:59 - 00000000 ____D C:\WINDOWS\ShellNew
2013-12-22 14:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-22 13:54 - 2013-08-11 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-22 13:48 - 2013-12-22 13:48 - 00000000 ____D C:\ProgramData\ZoomBrowser
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 21:06
==================== End Of Log ============================
--- --- ---
Zusätzliche Info: Ich habe AVAST! Free Antivirus installiert.
Es gibt auch noch eine weitere Fehlermeldung:
Spyware Terminator Echtzeit-Schutz
Cannot create shell notification Icon
AdwCleaner auf deinen Desktop.